Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello, so I've been trying to fiddle with iptables for my web server. Everything is working except for passive ftp and I can't seem to get it right.

Here are my iptables rules:

-A INPUT -i lo -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 20 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m conntrack --ctstate ESTABLISHED -j ACCEPT 
-A INPUT -j DROP 
COMMIT

Open in new window


I have the line IPTABLES_MODULES="nf_conntrack_ftp" in iptables-config

Anyway, all ftp users aren't able to connect (they are if I disable iptables).
To put it better, they do connect but then they can never reach their root directory and they get an error saying the / directory couldn't be found.

So there must be something wrong in my IPTABLES, but I can't find it for the life of me. I've followed every guide I found and I can't find my mistake.

Can you guys lend a hand?
0
CompTIA Cloud+
LVL 19
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

hi am having issue checking java home in linux
 java --version
Unrecognized option: --version
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.

i have this in my profile
export JAVA_HOME=/usr1/Oracle/jdk1.8.0_221
export PATH=$JAVA_HOME/bin:$PATH
0
vboxclient not starting in my ubuntu
vboxclient32
0
hi there is no internet in my vm but my host got internat
hostnetwwkhost3332.PNG
0
To allow internet access to the internet I configured a gateway server on my small network of around 30 VMs. The gateway works well but I just want to make sure that this gateway server is as secure as possible since this gateway server is the only server in my network that has direct access to the internet. What security measures should I configure on this gateway server? Should I install a firewall? If so, how do I configure this firewall?
0
hi how do i partition my disk during installation i what my partition to look like this
lnxam in oracle linux
parti
0
I have a laptop that gets connected to the internet through WiFi. but many WiFi’s and depends where I am (home,office, customer,etc...)
my laptop is windows 10 Pro.
I have a virtual box installed and I have installed on it Ubuntu.
unfortunately I am not being able to make my Ubuntu VM connect to the internet.
can someone help me on how to achieve this ?
the weird thing is that I also have another VM that is windows 2012 server and this VM has internet without me doing any configuration change !
thank you
0
hi,
just a general question
few days before I got ec council storm device (rasbian Pi) to do my ech course
does anyone own this device ?  
1- I can’t find any power button to turn it on.
2- the device came with a USB cable. but if I plug to my laptop it turns on- but doesn’t charge at all. cannot use my iPhone charging adapter as well.   does it have a separate charging adapter ??
and if it’s charged, how do I turn it on without power button ?
0
How to best prep a new machine for running LXD containers?
0
Hi,
1. How to resolve issue below?

[code][root@28-218-217-172-on-nets home]# chown -R smb01 ~/home/share
chown: cannot access ‘/root/home/share’: No such file or directory
[root@28-218-217-172-on-nets home]#

Open in new window

[/code]
I want to grant write permission to user smb01.

2. Is "ls -l" enough to list out all rights of user smb01 on folder /home/share? Is there any other command?
0
Learn Ruby Fundamentals
LVL 19
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

I'm new to both Corosync and Pacemaker. I've looked through the documentation, and some tutorials - but I'm not sure my need is discussed. I have worked with other HA packages, so I'm familiar with most of the concepts.

In all of the tutorials, they discuss setting up a "floating IP" which is an IP address (apparently associated with a service), that is assigned automagically by Pacemaker/Corosync when the service needs to be failed over to another node.  

However, in my environment, I can't use a floating IP address, specifically. ALL of the IP addresses, to ALL computers (including my servers) are assigned by DHCP based on MAC address. The MAC-to-IP association is made via a DNS adm tool (that I do have access to.)

How I have managed failover of this sort in the past is to create virtual NICs on both machines (so BOTH machines each have two VNICs, which have the same MAC addresses). Then, if I "ifconfig up" and/or "ifconfig down" the VNICs, I defacto control which server holds the IP address.

For example:

Node 1:
# ip link add link enp2s0 address 00:11:11:11:11:11 enp2s0.1 type macvlan
# ip link add link enp2s0 address 00:11:11:11:11:01 enp2s0.2 type macvlan
# ifconfig enp2s0.1 up
# ifconfig enp2s0.2 down
# dhclient -v enp2s0.1 # obtains IP 14x.xxx.xxx.001

Node 2:
# ip link add link eno1 address 00:11:11:11:11:11 eno1.1 type macvlan
# ip link add link eno1 address 00:11:11:11:11:01 eno1.2 type macvlan
# ifconfig 

Open in new window

0
i have a centos 7 and installing httpd on it.
i open firewall for port 80 and start httpd services. service is running ok.

in my etc/hosts ihave
127.0.0.1 localhost localhost.localdomain
..
..
10.10.1.10  localhost

in my httpd.conf  ihave
ServerName 10.10.1.10

browse 10.10.1.10 says :  Not possible to connect to website 10.10.0.10

what is wrong here?
0
Hi Network Gurus,

I'm running a Linux lubuntu running PPTP VPN Server (PoPToP version 1.4.0).  I can connect externally to the VPN server however I can't browse the local network, nor browse the internet.

(I know PPTP isn't secure but i'll address that another time)

What routes do I need to add to be able to browse the local network and internet when connected to VPN?

Network Gateway is 192.168.178.1

VPN Server is 192.168.178.58

VPN is setup as server 192.168.0.1 with client addresses as 192.168.1.* (i'm assuming subnet 255.255.0.0?)

Thanks for your help and please ask if you need more info

Cheers,
Rob
0
how from nginx disable url with "//"
0
Adding User to Ubuntu

I need a user that I can use when I do not want to risk doing damage to my Ubuntu installation.

So, I ran

sudo su

then ran

adduser curiouswebster

following these instructions,
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04

is ran
usermod -aG sudo curiouswebster

but doesn't this add root privileges for curiouswebster??

If so, please help me downgrade the permissions.

I was hoping to log in as curiouswebster and install various systems, like Apache, MySQL, PHP and WordPress.

Shouldn't I use root for this?

Also, how do I log in as curiouswebster?

Thanks
0
What excatly does
iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp -d 10.0.0.2 --dport 4441 -j DNAT --to-destination 10.0.2.3:4441
mean (including the parameters)
0
I am trying to mount drives using autofs. There are 3 directories that I want to mount: home, data, and web. The mount for /home works but data and web don't work. When I mounted /data and /web manually, the shares showed up. Below has the log:
Jun 10 11:09:18 testdaviddo13 automount: Starting automounter version 5.0.7-99.el7, master map auto.master
Jun 10 11:09:18 testdaviddo13 automount: using kernel protocol version 5.02
Jun 10 11:09:18 testdaviddo13 automount: lookup_nss_read_master: reading master files auto.master
Jun 10 11:09:18 testdaviddo13 automount: do_init: parse(sun): init gathered global options: (null)
Jun 10 11:09:18 testdaviddo13 automount: spawn_mount: mtab link detected, passing -n to mount
Jun 10 11:09:18 testdaviddo13 automount: spawn_umount: mtab link detected, passing -n to mount
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry /home
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry /web
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry /data
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry /misc
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry /-
Jun 10 11:09:18 testdaviddo13 automount: lookup_read_master: lookup(file): read entry +auto.master
Jun 10 11:09:18 testdaviddo13 automount: lookup_nss_read_master: reading master files auto.master
Jun 10 11:09:18 …
0
I have a scenario where I need a load balancer
When a new tcp connection is initiated from the client, the load balancer much assign a server, and always route all traffic from that that to the server it initially picked

When I netstat, I see and ipaddress and port for the client. (connection) so it makes sense to use this as the identifier for that client

Is there any software in exisitance to do this? Or do. I need to write my own?
0
I have executed the following command on a red hat Linux server
rpm -qa --last 

Open in new window

to try and determine when the latest updates/patches were applied to the server. I ran this under the context of a non root account but still got some output.

A couple of questions:
--will the output of this command be full/accurate if it was executed under the context of a none root account.
---Secondly, how often are updates issued for red hat Linux, and are they cumulative / is it similar to Microsoft patch releases, and do the updates also cover security vulnerabilities. The last updates listed in the output of command were 2017 which raises some concerns that security bugs have not been patched, and therefore the server is vulnerable.
----Finally, does red hat Linux have a support lifecycle where they only continue to issue patches for certain versions, and if so where can I see where the version currently operated sits in this support lifecycle, e.g. is it still eligible for updates for new bugs/vulnerabilities.
0
Rowby Goren Makes an Impact on Screen and Online
LVL 19
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Hello,
I am trying to install and SSL certificate on a website after i've migrated it from Ubuntu to a CentOS server.
Everything is up and running but I can't get SSL working. Apache starts fine. My config test shows no errors. But when I try to connect to the server through ssl, in all browsers I get ERR_CONNECTION_REFUSED. I don't believe its an SSL issue but maybe a firewall. I don't know as im unfamiliar with CENTOS, Any ideas?
0
I have been running Ubuntu 14 with custom tcp tuning parameters for a couple years.  I applied, via puppet, all of the same tuning parameters, but on Ubuntu 18, my TCP Time Wait is very high.  What is the best method of finding the source of this high TCP Time Wait?  The process that is using the tcp connections is a java application.

Please let me know any other information I should provide.

Graph on the left is Ubuntu 18.04, right is Ubuntu 14.04

Thank you,

Reade
tcp-time-wait.png
0
I set up a Linux server (Ubuntu 18.10) for simple file sharing on our Windows network. The server is a Dell PowerEdge T30. It has an onboard NIC. I had given the server a static IP address and it was serving its purpose as desired for at least 2 weeks.

Last night I was testing a different (Windows) hard drive in the box, without the network cable plugged in. When I was done, I put the Ubuntu hard drive and network cable back in and rebooted the computer. When a message came up about software updates, I accepted the updates and rebooted again. When it came back up, it looked fine to me - though admittedly, I wasn't looking at it very closely.

This morning the server was not connected to the network. The network icon did not appear in the upper right corner of the screen and there was no option for the wired network in the Network control panel.  When I ran lshw -C network, it said *-network DISABLED. When I entered sudo ifconfig <adapter> up, I was able to get the network connected again and join the server to the Windows domain... until I rebooted the server again, and the connection was gone again.

I also set up a separate, old Dell Optiplex 760 with the same version of Ubuntu. I do not believe I set it up to automatically update, and hadn't touched it for about a week. It too had dropped its wired network connection. My boss and I were discussing whether we should just get another network card for the server until we noticed that the other computer's network …
0
Hi everyone,

I'm searching for a tool to manage and monitor hundreds of Unix servers.
90% are on Debian but from Debian 7 to Debian 9.

I tried Cockpit and I really liked it but it is limited to 20 servers.
Webmin is not good enough.
I tried to install a CentOS server with SpaceWalk on it but I can't take the control of Debian's servers.

So I would like to know if you have some advice for me.

Tank you all.
0
I am running centos 6 and have been having issues getting a kaseya agent installed.
0
Hi expert

What is the command to check the status of the IPSec in rehat linux 7 ?
0

Linux Networking

18K

Solutions

15K

Contributors

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.

Top Experts In
Linux Networking
<
Monthly
>