Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.

Share tech news, updates, or what's on your mind.

Sign up to Post

While setting up a PXE boot server on a CentOS 7 machine, I encountered a strange problem with TFTP. I cannot retrieve any files from the TFTP server without encountering a timeout problem. The boot process comes so far that I correctly get an IP address and a file name from the DHCP server. However, when the boot files are to be retrieved from the TFTP server, a "TFTP open timeout" message comes. If I manually make a TFTP connection to the PXE server from a local computer, I immediately get access to the server. But if I try with a "get pxelinux.0" command, I get another timeout message.
My firewall is set up correctly and it also makes no difference if I completely turn off the firewall. SeLinux is also disabled.
If I make a tcpdump on port 69 I get the following message:
12:34:33.477401 IP 172.16.1.202.ah-esp-encap > tools.dmz.tuxme.dk.tftp:  27 RRQ "pxelinux.0" octet tsize 0
12:34:35.481131 IP 172.16.1.202.acp-port > tools.dmz.tuxme.dk.tftp:  27 RRQ "pxelinux.0" octet tsize 0
12:34:39.490793 IP 172.16.1.202.msync > tools.dmz.tuxme.dk.tftp:  27 RRQ "pxelinux.0" octet tsize 0
12:34:45.477712 IP 172.16.1.202.gxs-data-port > tools.dmz.tuxme.dk.tftp:  27 RRQ "pxelinux.0" octet tsize 0
12:34:53.441801 IP 172.16.1.202.vrtl-vmf-sa > tools.dmz.tuxme.dk.tftp:  27 RRQ "pxelinux.0" octet tsize 0
12:35:03.384065 IP 172.16.1.202.newlixengine > tools.dmz.tuxme.dk.tftp:  32 RRQ "pxelinux.0" octet blksize 1456
12:35:39.414843 IP 172.16.1.202.newlixconfig > 

Open in new window

0
Why Diversity in Tech Matters
LVL 12
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

I am trying to learn iptables and virtualbox.

I have 3 Centos7 VMs configured as follows with iptables configured on VM2. All interfaces are configured as "host only adapter" in virtual box as /24 networks:


VM1 - - - - - - - - -  - - VM2- - - - - - - - - - -VM3
192.168.1.1             192.168.1.2
                                  172.16.0.2             172.16.0.1
                                                                  10.0.0.1

iptables is configured on VM2 as follows:

LINE 1: -A INPUT -s 192.168.1.1 -d 192.168.1.2 -j LOG
LINE 2: -A FORWARD -s 192.168.1.1 -d 172.16.0.2 -j LOG
LINE 3: -A FORWARD -s 192.168.1.1 -d 172.16.0.1 -j LOG
LINE 4: -A FORWARD -s 192.168.1.1 -d 10.0.0.1 -j LOG

When I send data using scapy -- send(IP(src="n.n.n.n", dst="y.y.y.y")/TCP()) -- the traffic flow described on LINES 1, 2 and 4 is logged. But the flow from LINE 3 is not.

I have tried LINE 3 using INPUT and OUTPUT rules without success.

What am I missing?

Thanks.
Steve
0
Dear Experts,
 
I have a following setup:
 
[list]Home LAN connected to the Internet on 10.0.0.0[/list]
[list]Lab/Test LANs on 192.168.30.x & 192.168.40.x[/list]
[list]VMnet3 for .30 and VMnet4 for .40[/list]
 
I would like some of the machines in the Lab/Test LANs to access the Internet, so I'd tried to setup a router.. without having any success so far
 
Router (RHEL6.9):
eth0 = 10.0.0.100/24, GW: 10.0.0.1
eth1 = 192.168.30.254/24
eth2 = 192.168.40.254/24
 
#netstat -nr
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.30.0    0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.40.0    0.0.0.0         255.255.255.0   U         0 0          0 eth2
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth2
0.0.0.0         10.0.0.1        0.0.0.0         UG        0 0          0 eth0
 
Desktop on .30 (also RHEL6.9)
eth0 = 192.168.30.16/24, GW: 192.168.30.254
 
#netstat -nr
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.30.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.30.254  0.0.0.0         UG        0 0          0 eth0
 
I can ping the GW at …
0
Hello,
I have open vpn server and all client work fine
I have also setup a new open vpn client config on it and its connect to the other servers.
I want when the client request a specific ip to route through vpn client connection that is established on server
so what I have to do in this case.
thanks.
0
"smbpasswd -a user" makes samba server unavailable.

Previously used Debian 7 without problems. Reinstalled and set up Debian 9.

I have atttached my smb.conf. This is a fresh installation. When using the config as attached here, I can browse to my server via \\ip-address and \\netbiosname windows 10 machine, but none of the shares are available. I get a password promptwhen trying to access the shares, and then a message that I am not authorized.So then, I add the system user 'atle' to samba:
smbpasswd -a atle

This prompts me for a password twice. I enter the same password twice, all ok.

Then:
systemctl  restart smbd
systemctl  restart nmbd

Then I try to browse \\ip-address and \\netbiosname from my windows 10 machine, but no response. The server seems unavailable.
"systemctl smbd status" responds all is well. Trying to list shares from the command prompt with smbclient to \\ip-address works fine.

I then perform:
smbpasswd -x atle
systemctl restart smbd
systemctl restart nmbd

Now I can browse \\ip-address and \\netbiosname from my windows 10 machine again.

So, what is going on here? How to fix?
smb.conf
0
Hi,

How to resolve this error SFTP error #3 Permission denied mobaxterm to access on redhat VM lucky directory. thanks
error1.jpg
0
Hi

My redhat (guest OS) having issue for not able to resolve the hostname like google.com but able to ping 8.8.8.8.

I didn't do anything at all just to ensure that it can ping Google first and my network subnet like 192.168.1.0/24 when my redhat added a NAT Network adapter without issue.

After that I connect my fortinet vpn client thr IPSec and still can ping and resolve my private cloud thr hostname.

Next day I do the same thing like connect to my iPad 4G network to my Hp laptop wifi.

Can ping and resolved on my hp laptop even being connected to vpn.

The guest os redhat from virtualbox on nat can ping 8.8.8.8 but not able to resolve now.

Why yesterday can and today can't without changing anything?

Thanks.
0
Hi

My redhat (guest OS) having issue for not able to resolve the hostname like google.com but able to ping 8.8.8.8.

I didn't do anything at all just to ensure that it can ping Google first and my network subnet like 192.168.1.0/24 when my redhat added a NAT Network adapter without issue.

After that I connect my fortinet vpn client thr IPSec and still can ping and resolve my private cloud thr hostname.

Next day I do the same thing like connect to my iPad 4G network to my Hp laptop wifi.

Can ping and resolved on my hp laptop even being connected to vpn.

The guest os redhat from virtualbox on nat can ping 8.8.8.8 but not able to resolve now.

Why yesterday can and today can't without changing anything?

Thanks.
0
Hi,

I need to transfer the python script to the redhat 7.5 on virtualbox.

i've done the following:-

vb_setting1.jpg
Error

vb_setting2.jpg
Thanks
0
What's the best way to monitor for UDP syslog traffic coming in from a redhat 4 and redhat 5 syslog clients if it's not arriving at the syslog server. The syslog server is running on a Redhat 6 server. netstat -taulpe | grep syslog is showing that UDP is listening on all IP's on the server but I'd like to see if there is any other way apart from running  tcpdump -i <nic> port 514. Would watch lsof -a -i:514 show it?
0
Exploring SQL Server 2016: Fundamentals
LVL 12
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

how to add a block firewall rule in CentOS 7
using applications >> sundry>> firewall>> rich rules |    I added a destination IP, source is local ip &  & action selected drop. but still i can communicate with destination ip.
firewall profile is public.
0
Dear Experts
We are having web based CRM application running on LAMP stack web server and data base servers are running two different server. Our software developers have decided to create indexes based on their analysis due to slow queries observations, the database server is mysql 5.4 version.
As it is production server the indexing will affect the work and also the tables size is huge and overall database size is 65GB. Please suggest the best practice, following is the approach can think about but again not sure if this is best recommended but there is a challenge as mentioned, please suggest on how such cases are handled.
1.Setup new webserver and mysql server with same config and same versions and take backup of production server database and import it to the new database server and create indexes and test, this process may take few days to week and by the time indexing gets completed which may take few days during this period production server database would have undergone changes as users are working on production instance, can you please suggest the best way to handle this.
0
xhost executing successfully for the user who has the direct login access to the OS.

when I swtich to the other user (su) and which doesn't have the direct login access to OS, could not run the xhost command.

Kindly advice, how to achieve the same.
0
Hello,
can I have multiple profile on OpenVPN server ? with deferent configuration ?
for example one with cert auth and second with user name password auth ?
any example about that ?
thanks.
0
Dear Wizards, I setup the ubuntu 16.04 server in vSphere 6.5 with 250 GB hard disk, but days later I increased it to 500 GB, but seems like the VM still had only 250 GB.

How can I claim it back correctly? Many thanks!

ired1.PNG
ired2.PNG
0
After 30+ hours of research and trying different solutions I have found many solutions to each piece of this puzzle but can't quite get them to work together or figure out the best approach so I'm hoping you guys can help.

The goal: Use public IP from a remote server(Ubuntu) as a browser proxy. The kicker is that the server should pass all traffic through to a local machine which has a 4g modem internet connection to use its internet connection. We need to be able to assign fixed IP addresses/IP port combinations to these local modem/s to be used as undetectable browser proxies to make it appear that the browser client is logged in using the mobile internet connection.

I have seen multiple solutions to each part of this including the use of ssh tunnels, dynamic port forwarding/socks, remote port forwarding, squid proxy server/other proxy server software, iptables configs etc..

I have found this solution that I can get traffic to travel from anywhere to my local machine:

//1st terminal establishes connection/tunnel ssh -nN -R 8888:localhost:8889 -i "connection.pem" ubuntu@e-xx-xx-xx-xx.remote-server.com

//2nd terminal listens on port 8889 netcat -l -p 8889 //this command works and prints abc on the local machine echo "abc" | nc -v xx.xx.xx.xx(remote server ip) 8888

I have also successfully installed a squid proxy server in a docker container and used the following command to open socks connection with reverse forwarded port.

//Socks/Dynamic forwarding with…
0
Dear Experts

I am running crm system web-based which is LAMP stack the web root is /var/ww/html/crmapp and the CRM system reads the files from windows share that is from 2 windows server and executes the logic as per the process developed but I am getting following error from /var/log/messages , attached /etc/fstab, df -h and nswitch.conf, can you please help me in first windows share mount to the same path of web root is it recommend and also is the fstab entires are correct please suggest as the system is very slow.

automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
Sep 11 20:06:15 NYSWB automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
Sep 11 20:06:17 NYSWB automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
Sep 11 20:06:19 NYSWB automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
Sep 11 20:06:21 NYSWB automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
Sep 11 20:06:23 NYSWB automount[2560]: problem reading master map, maximum wait exceeded
Sep 11 20:06:23 NYSWB automount[2560]: automount: warning: could not read at least one map source after waiting, continuing ...
Sep 11 20:06:23 NYSWB automount[2560]: syntax error in map near [ * -fstype=autofs,-Dhost=& file: ]
fstabanddf.txt
0
Dear Experts
We are having CRM application which is web-based runs on LAMP stack. the operation team reports between specific time period user get time out when they save the records or convert the records or retrieve the records, can you please suggest on how to capture log files which occurs during that time for example 5pm to 6pm, only during this time I would like to capture a following log files.
1) /var/log/mysql.log
2)/var/www/html/crmapp/crm.log
3) /var/log/slowquerylog
4)/var/log/httpd/error.log
please help with steps on above 1 to 4 log capture during specific time period , this will be helpful to investigate , thank you very much.
0
I have a samba domain controller. all my ubuntu server is on domain. i created a group in ad.
But this group is unknown for all my ubuntu servers.
users can login to server via domain password. and all server answer back for wbinfo -g.
how to active domain groups in ubuntu servers?
0
OWASP: Forgery and Phishing
LVL 12
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Hi,

I'm running CentOS Linux release 7.4.1708 (Core), issue is i'm able to login using local users but not using ldap users, please help me on this.

I've tried restarting services using authconfig-tui command, but still i'm getting authentication failure error for ldap user.

please see the attached doc (ldap issue.docx), and below output commands and let me know if any other details are required.


[root@server01 log]# cat /etc/openldap/ldap.conf
#
SASL_NOCANON    on
URI ldap://<ldap servrer ip>:389/
BASE dc=prod,dc=hclpnp,dc=com
#
[root@server01 log]# getent passwd testuser
testuser:*:123456:7001:testuser:/home/testuser:/bin/bash
[root@server01 log]#


[hubba@servder01 ~]$ su - testuser
Password:
su: Authentication failure



[root@server01 log]# cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#       nisplus                 Use NIS+ (NIS version 3)
#       nis                     Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files              …
0
Hi guys, I'm currently doing send mail to fax by using hylafax. I'm using thunderbird to send mail to my fax machine. The mail address looks like this 123456@mail.hylafax.com. So my current problem is when i send the mail to the fax machine, what i received at the machine was all the log text, my sent content was not there, it print out the log message in /temp/mail2faxlog
i will attach my postfix main.cf, master.cf,  mail2fax.sh  and my valias file in here.

My transport file looks like this:
mail.hylafax.com fax:localhost

My valias
@mail.hylafax.com mail2fax

I'm currently following these guide:
http://hylafax.sourceforge.net/howto/faxing.php 
http://www.postfix.org/faq.html#fax
mail2fax.sh
master.cf
main.cf
0
I tried setting up tftp on a lnux server using proc here http://wiki.r1soft.com/display/ServerBackup/Configure+a+TFTP+server+on+Linux

But when I run tftp  -c get ls  - I get..

$ tftp  -c get ls
(to)

The article states "If the TFTP server works, the command will not return any output and the file ls should appear in the current directory."

Not working as expected. Anything need to be done? Permission changes to /tftpboot? Anything else I can do to verify that tftp portion of xinetd is
working as expected?



Linux myfoo 2.6.32-279.19.1.el6.x86_64 #1 SMP Wed Dec 19 07:05:20 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
0
I have recently installed an Ubuntu 16.04 VHD image. Initially the /etc/network/interface file was empty. I put in the ip address info that I was provided by our network guy.
ifconfig showed eth0 as the interface name.
I edited the interface file to have the following:
auto eth0
iface eth0 inet static
address 10.100.1.6
gateway 10.100.0.1
submask 255.255.248.0
dns-nameservers .....

the network folks changed their minds and wanted to put my server on a different subnet.
I have edited the interface file.
auto eth0
iface eth0 inet static
address 10.99.0.6
gateway 10.99.0.1
submask 255.255.240.0
I have flushed the interface.
I have tried rebooting and actually shutting down the system.

but each time when I boot back up the interface continues to be configured with the old IP.

what am I doing wrong?
What do I need to do in order for the new IP to be loaded into the configuration?

Thanks in advance.
0
My goal is to be able to connect to private network located behind OpenVPN client (192.168.1.0/24) via OpenVPN server WAN interface.
For example I want this forwarding: http://{Ubuntu WAN IP}:443 -->  http://{Private LAN IP behind OpenVPN client }:443
Please take a look at the attached screenshot.
-  Ubuntu VPS knows the route to private LAN subnet that is behind OpenVPN client (192.168.1.0/24) and MikroTik router knows the route to OpenVPN subnet (192.168.7.0/24).
- I can connect to Ubuntu VPS via SSH and successfully ping MicroTik OpenVPN interface (192.168.7.2) and also I can ping any host from MicroTik private LAN subnet that is behind OpenVPN client (192.168.1.0/24) , needless to say the private LAN hosts that are behind OpenVPN client (from 192.168.1.0/24 subnet) can easily ping Ubuntu OpenVPN interface (192.168.7.1) too.
- Also any host from OpenVPN subnet (192.168.7.0/24) if connected to OpenVPN server via OpenVPN client allows communication like http://{Ubuntu WAN IP}:443 --> http://{Private IP of OpenVPN client}:443 using UFW NAT rule.
But:
When I’m trying http://{Ubuntu WAN IP}:443 --> http://{Private LAN IP behind OpenVPN client}:443 I have following behavior:
1)      Packets successfully arrive to host behind OpenVPN client (to any host from 192.168.1.0/24 )
2)      But the host of this subnet can't route back this received public IP packet via OpenVPN tunnel, it replies using ISP WAN address.

I would very happy if someone is able to help me solve this …
0
Hello Community,

I need some help installing Opennms monitoring software because Im getting error trying to install it on Oracle Linux 6.9.

I used this commands:

wget https://yum.postgresql.org/9.3/redhat/rhel-6.9-x86_64/pgdg-oraclelinux93-9.3-3.noarch.rpm

Open in new window

yum install postgresql93-server postgresql93-contrib uuid-pgsql.x86_64 repmgr93.x86_64 rhdb-utils.x86_64 skytools-93-modules.x86_64 pgbackrest.x86_64 pgdg-oraclelinux93.noarch pgloader.x86_64 pgmemcache-93.x86_64 pgmp93.x86_64 phpPgAdmin.noarch pgagent_93.x86_64 ora2pg.noarch -y 

Open in new window


Then, with sudo rights did:

sudo bash bootstrap-yum.sh

And getting the error below:

PostgreSQL initialize                 ... FAILED

Open in new window


Im using the installer provided by official site.

Regards,
0

Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.