10 More Discussions You Might Find Interesting
1. AIX
I am attempting to install an rpm of Apache from perzl.org on an AIX 6100-07-03-1207 server and it is failing. I think I have all of the dependencies installed. Can anyone help? Any help would be appreciated.
It fails with the following error:
# rpm -Uvh httpd-2.4.2-2.aix5.1.ppc.rpm ... (3 Replies)
Discussion started by: lbholde
3 Replies
2. IP Networking
Hi,
I am running scientific linux (which is clone of red hat linux) on virtual machine that is virtual box.
I tried to start the apache but I got the following message.
starting httpd: httpd: arp_sockaddr_info_get() failed for scientific-linux
httpd: could not reliably determine the... (2 Replies)
Discussion started by: programAngel
2 Replies
3. UNIX for Dummies Questions & Answers
Hello,
I want to restrict access to our Subversion repositories to only our internal network.
I have a virtual host directive setup in Apache for the IP and port 443. When I put the following:
<Directory "/var/www/svn/">
Order allow,deny
AllowOverride None
Allow from 10.5.10.0/24
Allow... (1 Reply)
Discussion started by: mojoman
1 Replies
4. Solaris
Hi
I'm trying to install apache 2.2.14 on Solaris with Openssl. I'm using following configure options:
./configure --prefix=/usr/local/apache2 --enable-ssl --enable-module=so --enable-proxy=shared --enable-proxy-http=shared --enable-proxy-ajp=shared --with-ssl=/usr/local/openssl
... (3 Replies)
Discussion started by: Aelfric
3 Replies
5. Web Development
Hello there,
I installed Ajaxterm on my Ubuntu 9.04 machine, and it's running ok if I use : http://localhost:8022/ in my browser. The problem is that I wanted to be able to acces it from somewere else through the internet. I read some instruction and help sites related to this problem, like :... (2 Replies)
Discussion started by: spiriad
2 Replies
6. UNIX and Linux Applications
I am using Apache 2.2.3 on RHEL5 and having problems to get mod_deflate work with mod_proxy. mod_deflate will compress files by mime-type just fine as long as those files are served statically from the local server. However, files served via dynamic php application (ie, MediaWiki) or via... (2 Replies)
Discussion started by: otheus
2 Replies
7. Red Hat
Can anyone guide, what should be the entry in httpd.conf file to host a site in Redhat Ent Linux 5 without using nameserver?
Or process to set apache server in same dist of Linux.
Any link to understand apache well will be much appreciable. (3 Replies)
Discussion started by: naw_deepak
3 Replies
8. UNIX for Dummies Questions & Answers
Hi all,
I'm a user of Debian 4.0. I installed apache 2.2 and add the functionality to support ~/public_html for each user. This is the permission of my public_html:
drwxr-xr-x 4 mj test 4096 2007-12-20 20:17 public_html
When I wanted to go through it and list the directory via my browser,... (6 Replies)
Discussion started by: mjdousti
6 Replies
9. Solaris
Hi,
I have installed apache webserver on my solaris 10(x86). When I tried to start the server it gives following error,
ld.so.1: /usr/local/apache2/bin/httpd: fatal: libssl.so.0.9.8: open failed: No such file or directory
Killedld.so.1:: Too many arguments
Can somebody please guide me how... (1 Reply)
Discussion started by: maheshsri
1 Replies
10. Solaris
Hi All,
I'm attempting to build Apache 1.3.27 on a new Solaris 9 system. I am using
following "Option 2" in the INSTALL of the mod_ssl-2.8.12-1.3.27, and I'm
stumped.
After I configure and make all the required components
the make of the Apache server itself stops at:
flex... (2 Replies)
Discussion started by: b_manu78
2 Replies
IPSEC_POLICY(8) [FIXME: manual] IPSEC_POLICY(8)
NAME
ipsec_policy - list of existing policy
SYNOPSIS
ipsec policy
DESCRIPTION
Note that policy is only supported on the new NAST stack. It is not supported on any other stack. On the klips stack, use ipsec eroute, on
the netkey stack, use ip xfrm
lists the IPSEC policy tables (aka eroutes) which control what (if any) processing is applied to non-encrypted packets arriving for IPSEC
processing and forwarding.
A table entry consists of:
+
packet count,
+
source address with mask and source port (0 if all ports or not applicable)
+
a '->' separator for visual and automated parsing between src and dst
+
destination address with mask and destination port (0 if all ports or not applicable)
+
a '=>' separator for visual and automated parsing between selection criteria and SAID to use
+
SAID (Security Association IDentifier), comprised of:
+
protocol (proto),
+
address family (af), where '.' stands for IPv4 and ':' for IPv6
+
Security Parameters Index (SPI),
+
effective destination (edst), where the packet should be forwarded after processing (normally the other security gateway) together
indicate which Security Association should be used to process the packet,
+
a ':' separating the SAID from the transport protocol (0 if all protocols)
+
source identity text string with no whitespace, in parens,
+
destination identity text string with no whitespace, in parens
Addresses are written as IPv4 dotted quads or IPv6 coloned hex, protocol is one of "ah", "esp", "comp" or "tun" and SPIs are prefixed
hexadecimal numbers where the prefix '.' is for IPv4 and the prefix ':' is for IPv6
SAIDs are written as "protoafSPI@edst". There are also 5 "magic" SAIDs which have special meaning:
+
%drop means that matches are to be dropped
+
%reject means that matches are to be dropped and an ICMP returned, if possible to inform
+
%trap means that matches are to trigger an ACQUIRE message to the Key Management daemon(s) and a hold policy will be put in place to
prevent subsequent packets also triggering ACQUIRE messages.
+
%hold means that matches are to stored until the policy is replaced or until that policy gets reaped
+
%pass means that matches are to allowed to pass without IPSEC processing
EXAMPLES
1867 172.31.252.0/24:0 -> 0.0.0.0/0:0 => tun0x130@192.168.43.1:0
() ()
means that 1,867 packets have been sent to an policy that has been set up to protect traffic between the subnet 172.31.252.0 with a subnet
mask of 24 bits and the default address/mask represented by an address of 0.0.0.0 with a subnet mask of 0 bits using the local machine as a
security gateway on this end of the tunnel and the machine 192.168.43.1 on the other end of the tunnel with a Security Association
IDentifier of tun0x130@192.168.43.1 which means that it is a tunnel mode connection (4, IPPROTO_IPIP) with a Security Parameters Index of
130 in hexadecimal with no identies defined for either end.
746 192.168.2.110/32:0 -> 192.168.2.120/32:25 => esp0x130@192.168.2.120:6
() ()
means that 746 packets have been sent to an policy that has been set up to protect traffic sent from any port on the host 192.168.2.110 to
the SMTP (TCP, port 25) port on the host 192.168.2.120 with a Security Association IDentifier of tun0x130@192.168.2.120 which means that it
is a transport mode connection with a Security Parameters Index of 130 in hexadecimal with no identies defined for either end.
125 3049:1::/64 -> 0:0/0 => tun:130@3058:4::5 () ()
means that 125 packets have been sent to an policy that has been set up to protect traffic between the subnet 3049:1:: with a subnet mask
of 64 bits and the default address/mask represented by an address of 0:0 with a subnet mask of 0 bits using the local machine as a security
gateway on this end of the tunnel and the machine 3058:4::5 on the other end of the tunnel with a Security Association IDentifier of
tun:130@3058:4::5 which means that it is a tunnel mode connection with a Security Parameters Index of 130 in hexadecimal with no identies
defined for either end.
42 192.168.6.0/24:0 -> 192.168.7.0/24:0 => %passthrough
means that 42 packets have been sent to an policy that has been set up to pass the traffic from the subnet 192.168.6.0 with a subnet mask
of 24 bits and to subnet 192.168.7.0 with a subnet mask of 24 bits without any IPSEC processing with no identies defined for either end.
2112 192.168.8.55/32:0 -> 192.168.9.47/24:0 => %hold (east) ()
means that 2112 packets have been sent to an policy that has been set up to hold the traffic from the host 192.168.8.55 and to host
192.168.9.47 until a key exchange from a Key Management daemon succeeds and puts in an SA or fails and puts in a pass or drop policy
depending on the default configuration with the local client defined as "east" and no identy defined for the remote end.
2001 192.168.2.110/32:0 -> 192.168.2.120/32:0 =>
esp0xe6de@192.168.2.120:0 () ()
means that 2001 packets have been sent to an policy that has been set up to protect traffic between the host 192.168.2.110 and the host
192.168.2.120 using 192.168.2.110 as a security gateway on this end of the connection and the machine 192.168.2.120 on the other end of the
connection with a Security Association IDentifier of esp0xe6de@192.168.2.120 which means that it is a transport mode connection with a
Security Parameters Index of e6de in hexadecimal using Encapsuation Security Payload protocol (50, IPPROTO_ESP) with no identies defined
for either end.
1984 3049:1::110/128 -> 3049:1::120/128 =>
ah:f5ed@3049:1::120 () ()
means that 1984 packets have been sent to an policy that has been set up to authenticate traffic between the host 3049:1::110 and the host
3049:1::120 using 3049:1::110 as a security gateway on this end of the connection and the machine 3049:1::120 on the other end of the
connection with a Security Association IDentifier of ah:f5ed@3049:1::120 which means that it is a transport mode connection with a Security
Parameters Index of f5ed in hexadecimal using Authentication Header protocol (51, IPPROTO_AH) with no identies defined for either end.
SEE ALSO
ipsec(8), ipsec_tncfg(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_eroute(8), ipsec_version(5), ipsec_pf_key(5),
ipsec_eroute(5)
HISTORY
Written for the Openswan project <http://www.openswan.org/> by Bart Trojanowski.
[FIXME: source] 10/06/2010 IPSEC_POLICY(8)