Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello,
I am trying to install and SSL certificate on a website after i've migrated it from Ubuntu to a CentOS server.
Everything is up and running but I can't get SSL working. Apache starts fine. My config test shows no errors. But when I try to connect to the server through ssl, in all browsers I get ERR_CONNECTION_REFUSED. I don't believe its an SSL issue but maybe a firewall. I don't know as im unfamiliar with CENTOS, Any ideas?
0
Introduction to R
LVL 13
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Hello dear friends
I need your help with configuring encryption between web browser and proxy server (SQUID)
I have working squid on vps with ncsa authorization but I don’t know how to encrypt traffic  between proxy client and server. I don’t want to use vpn or http tunnel for it. Plz help.
0
I have been running Ubuntu 14 with custom tcp tuning parameters for a couple years.  I applied, via puppet, all of the same tuning parameters, but on Ubuntu 18, my TCP Time Wait is very high.  What is the best method of finding the source of this high TCP Time Wait?  The process that is using the tcp connections is a java application.

Please let me know any other information I should provide.

Graph on the left is Ubuntu 18.04, right is Ubuntu 14.04

Thank you,

Reade
tcp-time-wait.png
0
I set up a Linux server (Ubuntu 18.10) for simple file sharing on our Windows network. The server is a Dell PowerEdge T30. It has an onboard NIC. I had given the server a static IP address and it was serving its purpose as desired for at least 2 weeks.

Last night I was testing a different (Windows) hard drive in the box, without the network cable plugged in. When I was done, I put the Ubuntu hard drive and network cable back in and rebooted the computer. When a message came up about software updates, I accepted the updates and rebooted again. When it came back up, it looked fine to me - though admittedly, I wasn't looking at it very closely.

This morning the server was not connected to the network. The network icon did not appear in the upper right corner of the screen and there was no option for the wired network in the Network control panel.  When I ran lshw -C network, it said *-network DISABLED. When I entered sudo ifconfig <adapter> up, I was able to get the network connected again and join the server to the Windows domain... until I rebooted the server again, and the connection was gone again.

I also set up a separate, old Dell Optiplex 760 with the same version of Ubuntu. I do not believe I set it up to automatically update, and hadn't touched it for about a week. It too had dropped its wired network connection. My boss and I were discussing whether we should just get another network card for the server until we noticed that the other computer's network …
0
[user@ansible01 install]$ ssh-copy-id web01.cifot.com
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/user/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
0
My attempts to build iptables rules are failing and I need some help.

I have two external IP addresses (27.92.104.166, 27.92.104.164 - not the real ip addresses...) that will send traffic on tcp port 30505 to my network on its external interface (28.29.28.72 - also not real) which needs to be forwarded to an internal server (10.17.2.9 listening on port 8080).

I started with a simple INPUT rule

iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.166 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.164 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT

Open in new window


But this is not enough since I also need some kind of FORWARD rule and perhaps a PREROUTING rule, and NAT may play some kind of part in this as well.  There are tons of sites out there with examples that do not match my case so I am floundering in the dark.

I am trying to learn iptables as quickly as I can but can someone point me in the right direction on this particular case?

Many thanks!
0
Hello,

I am running Debian 9 on Server 2012 R2 Hyper-V. The scnario is that I have 2 physical servers each with a Debian virtual machine.

A) Setup Hyper-v for mirroring

1) The goal is to capture packets so Hyper-v on both is set in monitoring mode.

2) Once the "Destination" settings under the virtual machine network adapter for mirroring is set in the Hyper-v configuration.
I immediately notice that the physical network interface on the server (for the Hyper-v virtual switch) starts increasing rapidly say 70 Mb/s ON BOTH Servers...
 this is good it means that the Hyper-v settings are sane (and of course the Network Configuration on the switch is perfect).

B) Setup Debian for promiscuous mode

1) Here I use:

allow-hotplug eth1
               iface eth1 inet manual
               up ifconfig eth1 promisc up
              down ifconfig eth1 promisc down

Open in new window


and verify with ifconfig as shown below

Debian VM1 on Server1
eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        ether 00:15:5d:15:16:17  txqueuelen 1000  (Ethernet)
        RX packets 5090918  bytes 3090553169 (2.8 GiB)
        RX errors 0  dropped 6  overruns 0  frame 0
        TX packets 89  bytes 7638 (7.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Debian VM2 on Server2
eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        ether 00:15:5d:15:16:17  txqueuelen 1000  (Ethernet)
        RX packets 42094  

Open in new window

0
I am running nginx on Ubuntu server 16.04LTS

I am trying to configure partkeepr.org

During the install, this error appears when  I use this config

server {
    # Listening port and host address
    listen 80;
    server_name inventory.techpress.internal;

    # Default index pages
    index app.php index.html

    # Default character set
    charset utf-8;

    # Turn off access.log writes
    access_log off;
    log_not_found off;

    # Send file is an optimization, but does not work
    # across unix sockets which I use for php fpm so is best
    # used for local static content onlya 
    sendfile off;

    # Root for / project
    root /var/www/html/inventory.techpress.internal/web/;

    # Setup rewrite helper
    rewrite ^/setup/webserver-test$ /setup/tests/webservercheck.json;

    # Handle main / location to symfony app.php controller
    location / {
        try_files $uri $uri/ /app.php?$query_string;
    }

    # Handle /setup location to symfony setup.php controller
    location /setup {
        try_files $uri $uri/ /setup.php?$query_string;
    }

    # Handle all locations *.php files via PHP-FPM unix socket
    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        #fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_pass unix://var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME 

Open in new window

0
How do i find out if my linux server using sendmail or postfix to send email outside.

when i did send email out using the following command

mailx -s syslog-conf myemail < /etc/syslog/sylog.conf

I am getting "postdrop: warning: unable to look up public/pickup: No such file or directory

But i do see the file
0
I have OpnSense (Another version of Pf Sense) Firewall installed. I can not get out to the Internet on my second, 3th, 4th LAN ports.
I have an OpnSense Firewall PC box I made which has the following inside…
OpnSense 18 (latest version) https://opnsense.org/about/about-opnsense/ 
-G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM DDR4 2400 (PC4 19200) Desktop Memory Model F4-2400C15D-16GVB
-King Spec SATA III 3.0 2.5" 60GB MLC Digital SSD Solid State Drive for PC B5Y1
-AMD Athlon 200GE 2-Core, 4-Thread, 3.2 GHz Base, Socket AM4 35W YD200GC6FBBOX Desktop Processor
-ASRock A320M-HDV AM4 AMD A320 SATA 6Gb/s USB 3.0 HDMI Micro ATX AMD Motherboard
-80 plus bronze certified power supply 380Watt
-Dell Intel PRO/1000 VT Quad-Port Gigabit Ethernet Card Standard Profile YT674
-IOCrest 4 Port Gigabit Ethernet PCI-e x1 Network Interface Card SI-PEX24042
This is inside a 4U server Case, inside an APC 48U Server Rack


 
My goals are the following...

-      I want to one 4 Port NIC using different IP Addresses such as
10.10.10.1 --- Web server Network
2.2.2.1---- Entertainment Network
90.90.90.1---- Work Network
30.30.30.1 --- Web server Network
I already setup these networks inside my box but I am willing to START from the beginning if you need me too.

-      I want the networks not to be able to talk to each other.
-      I have 5 block of Public static IPs which I want to use.
-      104.XX.xx.1--- This is assigned to the OpnSense itself
-      
-      104.xx.xx.1 talks to …
0
Become a Certified Penetration Testing Engineer
LVL 13
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

I created a click once .NET app.  The setup.exe downloads.  When I run it I get the below error.

URLDownloadToCacheFile failed with HRESULT '-2146697211'
Error: An error occurred trying to download 'https://wwww.xxxx.com/xxxxx/xxxx-xxx.application'.

Any ideas?
0
Anyone can help with this? Explain in detail how you would configure Apache in Debian to proxy requests for a website “www.test.com” from standard port “80” to an internal web server located at “192.168.1.3” who’s web server is running on port “8080”.  How would you then add proxying to a second website “www.test2.com” to “192.168.1.4” utilizing standard port “80” for both the proxy and the internal web server
0
Hello,
I have a MikroTik with hotspot system , I want to log all traffic to MySQL or msssql database to make a reporting center for it.
so how I can do it ?
thanks.
0
grep "testing" 789.log

zgrep "testing"  123.gz

i like to redirect above production server output to
abc/def/test.txt file which is on some other system test server where i have access

how to do it
grep "testing" 789.log >> abc/def/test.txt
above gives error no such directory as that directory is not there in production server

grep "testing" 789.log
how above different from
grep -C2 "testing" 789.log

i see below time stamp lines came 3 of them when i use -C2
2019-Jan-17 04:50:51.198 EST

i see below time stamp lines came 3 of them when i did not use -C2
2019-Jan-17 04:50:51.198 EST

please advise
WithC2.png
WithoutC2.png
0
when i do ls -ltr i see bunch of .gz files says 123.gz and 456.gz
and bunch of no gz files say 789.log etc

how to grep on say "testing" on both zip gz files and non zip files

grep "testing" 789.log

zgrep "testing"  123.gz

not sure how to combine above two together

also how search today log between 10 am to 11 am for that "testing" word in log?
please advise
0
I am trying to learn iptables and virtualbox.

I have 3 Centos7 VMs configured as follows with iptables configured on VM2. All interfaces are configured as "host only adapter" in virtual box as /24 networks:


VM1 - - - - - - - - -  - - VM2- - - - - - - - - - -VM3
192.168.1.1             192.168.1.2
                                  172.16.0.2             172.16.0.1
                                                                  10.0.0.1

iptables is configured on VM2 as follows:

LINE 1: -A INPUT -s 192.168.1.1 -d 192.168.1.2 -j LOG
LINE 2: -A FORWARD -s 192.168.1.1 -d 172.16.0.2 -j LOG
LINE 3: -A FORWARD -s 192.168.1.1 -d 172.16.0.1 -j LOG
LINE 4: -A FORWARD -s 192.168.1.1 -d 10.0.0.1 -j LOG

When I send data using scapy -- send(IP(src="n.n.n.n", dst="y.y.y.y")/TCP()) -- the traffic flow described on LINES 1, 2 and 4 is logged. But the flow from LINE 3 is not.

I have tried LINE 3 using INPUT and OUTPUT rules without success.

What am I missing?

Thanks.
Steve
0
Dear Experts,
 
I have a following setup:
 
[list]Home LAN connected to the Internet on 10.0.0.0[/list]
[list]Lab/Test LANs on 192.168.30.x & 192.168.40.x[/list]
[list]VMnet3 for .30 and VMnet4 for .40[/list]
 
I would like some of the machines in the Lab/Test LANs to access the Internet, so I'd tried to setup a router.. without having any success so far
 
Router (RHEL6.9):
eth0 = 10.0.0.100/24, GW: 10.0.0.1
eth1 = 192.168.30.254/24
eth2 = 192.168.40.254/24
 
#netstat -nr
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.30.0    0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.40.0    0.0.0.0         255.255.255.0   U         0 0          0 eth2
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth2
0.0.0.0         10.0.0.1        0.0.0.0         UG        0 0          0 eth0
 
Desktop on .30 (also RHEL6.9)
eth0 = 192.168.30.16/24, GW: 192.168.30.254
 
#netstat -nr
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.30.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.30.254  0.0.0.0         UG        0 0          0 eth0
 
I can ping the GW at …
0
"smbpasswd -a user" makes samba server unavailable.

Previously used Debian 7 without problems. Reinstalled and set up Debian 9.

I have atttached my smb.conf. This is a fresh installation. When using the config as attached here, I can browse to my server via \\ip-address and \\netbiosname windows 10 machine, but none of the shares are available. I get a password promptwhen trying to access the shares, and then a message that I am not authorized.So then, I add the system user 'atle' to samba:
smbpasswd -a atle

This prompts me for a password twice. I enter the same password twice, all ok.

Then:
systemctl  restart smbd
systemctl  restart nmbd

Then I try to browse \\ip-address and \\netbiosname from my windows 10 machine, but no response. The server seems unavailable.
"systemctl smbd status" responds all is well. Trying to list shares from the command prompt with smbclient to \\ip-address works fine.

I then perform:
smbpasswd -x atle
systemctl restart smbd
systemctl restart nmbd

Now I can browse \\ip-address and \\netbiosname from my windows 10 machine again.

So, what is going on here? How to fix?
smb.conf
0
Hi,

How to resolve this error SFTP error #3 Permission denied mobaxterm to access on redhat VM lucky directory. thanks
error1.jpg
0
C++ 11 Fundamentals
LVL 13
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Hi

My redhat (guest OS) having issue for not able to resolve the hostname like google.com but able to ping 8.8.8.8.

I didn't do anything at all just to ensure that it can ping Google first and my network subnet like 192.168.1.0/24 when my redhat added a NAT Network adapter without issue.

After that I connect my fortinet vpn client thr IPSec and still can ping and resolve my private cloud thr hostname.

Next day I do the same thing like connect to my iPad 4G network to my Hp laptop wifi.

Can ping and resolved on my hp laptop even being connected to vpn.

The guest os redhat from virtualbox on nat can ping 8.8.8.8 but not able to resolve now.

Why yesterday can and today can't without changing anything?

Thanks.
0
Hi

My redhat (guest OS) having issue for not able to resolve the hostname like google.com but able to ping 8.8.8.8.

I didn't do anything at all just to ensure that it can ping Google first and my network subnet like 192.168.1.0/24 when my redhat added a NAT Network adapter without issue.

After that I connect my fortinet vpn client thr IPSec and still can ping and resolve my private cloud thr hostname.

Next day I do the same thing like connect to my iPad 4G network to my Hp laptop wifi.

Can ping and resolved on my hp laptop even being connected to vpn.

The guest os redhat from virtualbox on nat can ping 8.8.8.8 but not able to resolve now.

Why yesterday can and today can't without changing anything?

Thanks.
0
Hi,

I need to transfer the python script to the redhat 7.5 on virtualbox.

i've done the following:-

vb_setting1.jpg
Error

vb_setting2.jpg
Thanks
0
What's the best way to monitor for UDP syslog traffic coming in from a redhat 4 and redhat 5 syslog clients if it's not arriving at the syslog server. The syslog server is running on a Redhat 6 server. netstat -taulpe | grep syslog is showing that UDP is listening on all IP's on the server but I'd like to see if there is any other way apart from running  tcpdump -i <nic> port 514. Would watch lsof -a -i:514 show it?
0
how to add a block firewall rule in CentOS 7
using applications >> sundry>> firewall>> rich rules |    I added a destination IP, source is local ip &  & action selected drop. but still i can communicate with destination ip.
firewall profile is public.
0
Dear Wizards, I setup the ubuntu 16.04 server in vSphere 6.5 with 250 GB hard disk, but days later I increased it to 500 GB, but seems like the VM still had only 250 GB.

How can I claim it back correctly? Many thanks!

ired1.PNG
ired2.PNG
0

Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.

Top Experts In
Linux Networking
<
Monthly
>