similar to: iptables and kvm

CentOS-5.5 # uname -a Linux inet05.hamilton.harte-lyne.ca 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011 x86_64 x86_64 x86_64 GNU/Linux Can anyone tell me why I am seeing these error message? Specifically, why is TYPE=Bridge giving Unknown connection type 'Bridge'? Jan 13 08:25:31 inet05 nm-system-settings: Loaded plugin ifcfg-rh: (c) 2007 - 2008 Red Hat, Inc. To report bugs

Is there a recommended knockd package for CentOS-5.4 or do I just pull from the project's web site? Regards, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757

Hello list! When em0 has an inet address while bridge0 doesn't, it seems to be OK: ----- bs1% uname -a FreeBSD bs1.sp34.ru 7.0-STABLE FreeBSD 7.0-STABLE #0: Sun May 25 20:15:26 MSD 2008 root@bs1.sp34.ru:/usr/obj/usr/src/sys/BSM i386 bs1% ifconfig em0; ifconfig tap0; ifconfig bridge0 em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

Hi, I have only one ethernet port in a remote server. (eth0) I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161 and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161) Is this posible with brctl to achieve this? I did a file called ifcfg-xenbr0 with: DEVICE=xenbr0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes then

Hi, I have only one ethernet port in a remote server. (eth0) I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161 and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161) Is this posible with brctl to achieve this? I did a file called ifcfg-xenbr0 with: DEVICE=xenbr0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes then

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm trying to run a QEMU VM on top of a FreeBSD 7.x server ... I've tried the exact same setup on my desktop, using 192.168.1.x and an fxp device, and it all works perfectly, but as soon as I do this on another machine on a public IP, I'm not getting any routing, I can't even ping it from the same machine ... My first thought was

Hi, I'm using system-config-firewall (C6 x86_64, fully up to date) to configure a gateway/firewall box. 2 nics, eth0 (configured as bridge0, mtu 7200) connected to the lan, eth1 being connected directly to the internet (public ip, mtu 1500). ssh port is open and accessible. nat is working fine. I've put bridge0 as a trusted interface, eth1 is masqueraded. I've put ports 20,21,80 as

Hello. I desire to get bridge network working using virt-manager. Centos 7 and centos 7 guest. >From researching I think I need to have a ifcfg-br0 file like this ? cat ifcfg-br0 DEVICE=nm-bridge0 STP=no TYPE=Bridge BOOTPROTO=none IPADDR=192.168.1.8 PREFIX=32 GATEWAY=192.168.1.1 IPV6INIT=no NAME=br0 ONBOOT=yes DELAY=0 Is that for sure needed ? The use that nm-bridge0 as the network name? I

We use a dual homed CentOS-6.3 host for our Internet gateway router. Its internal nic (eth1) is configured such that the address 192.168.0.1 is one of its aliases. # cat /etc/sysconfig/network-scripts/ifcfg-eth1:192BOOTPROTO=none BROADCAST=192.168.255.255 DEVICE=eth1:192 IPADDR=192.168.0.1 IPV6INIT=no MTU="" NAME="LAN - Non-routable" NETMASK=255.255.0.0 NETWORK=192.168.0.0

Hi All, I'm lately suffering from Quota abuse at home. believe it or not my teenagers are eating through my allowed quota. Hence, i'm thinking of setting up a centos machine to work as such: HDSL modem(natted to an onboard dhcp service for lan users) -> Centos - > Switch - LAN users Hw specs: 3 GB ram 3.0 core 2 duo 2 X 1 TB HDD 2 X 1 Gb NIC Centos will contain the

Hi, I'm trying to configure a network bridge over a bonding without any success. Here is my configuration: ifcfg-eth0: DEVICE=eth0 HWADDR=00:1E:C9:E8:3F:E5 ONBOOT=yes USERCTL=no MASTER=bond0 SLAVE=yes ifcfg-eth1: DEVICE=eth1 HWADDR=00:1E:C9:E8:3F:E7 ONBOOT=yes USERCTL=no MASTER=bond0 SLAVE=yes ifcfg-bond0: DEVICE=bond0 ONBOOT=yes BRIDGE=br0 USERCTL=no ifcfg-bridge0: DEVICE=br0

Message-ID: <479F2A63.2070408 at centos.org> On: Tue, 29 Jan 2008 07:30:11 -0600, Johnny Hughes <johnny at centos.org> Subject Was: [CentOS] Unknown rootkit causes compromised servers > > SOME of the script kiddies check higher ports for SSH *_BUT_* I only see > 4% of the brute force attempts to login on ports other than 22. > > I would say that dropping brute force

My Centos 4.1 only accept connections from localhost, my file conf is default. error: ssh: connect to host 192.168.1.78 port 22: No route to host thanks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I recently tried adding a firewall to my Samba 4 server using the port information I found on the wiki. Below is a dump of the resulting rules. root at dc01:~# iptables -S - -P INPUT DROP - -P FORWARD DROP - -P OUTPUT ACCEPT - -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m

Hi all, Is it mandatory to add device mem to jails to enable network via the gateway? Left ezjail with FreeBSD-6.3 (and a hardware replacement of my server) and am now starting again with FreeBSD-7.1. Early this week, I upgraded from 7.0 to 7.1 (not having 'used' jails on 7.0). After creating the jail with `ezjail-admin update -i` I created a 'ports build' jail `ezjail-admin

Alright, I have setup the new rules and am waiting to see if I have any issues. If I do, I will keep working on it. I also read the article below, which mentions exactly what you I was told about 2008 and newer using different ports. https://support.microsoft.com/en-us/kb/929851 Here is the new configuration: root at dc01:~# iptables -S -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT -A INPUT -m

Is the maximum permitted value for --hitcount documented anywhere? I reliably get a iptables-restore error when I specify a hitcount value greater than 20 but I cannot find any mention of there being a maximum value. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited

I went to reload (iptables-restore) my iptables configuration and obtained an error at the COMMIT statement. No further details were provided even when I ran restore with the -v option. I determined that none of my backed up configuration files going back to October will load either. This is more than passing strange because I altered and uploaded the iptables configuration on this host several

Hit reply instead of reply all. This is for the list. -------------------------- Original Message -------------------------- Subject: Re: [CentOS] Can one construct an IPTables rule to block on NS records? From: "James B. Byrne" <byrnejb at harte-lyne.ca> Date: Wed, October 7, 2015 08:52 To: "John R Pierce" <pierce at hogranch.com>

This is the same origin that I reported on earlier. Apparently asking for an explanation of why they were probing our sites only encouraged them to make additional attempts. sshd: Authentication Failures: unknown (ip-173-201-178-18.ip.secureserver.net): 2 Time(s) unknown (ip-97-74-196-33.ip.secureserver.net): 2 Time(s) unknown (ip-97-74-202-95.ip.secureserver.net): 2