Iptables conditions

I need a backup MX server, but backup MX servers are always abused for spam delivery since it's difficult to implement the same anti-spam measures on a backup MX as on the primary...
Long story short, I want to use iptables to only accept port 25 when the primary MX is NOT responding.
The iptables "condition" module (http://www.tummy.com/journals/entries/j … 717_164535) seems to be perfect -- have a script check the primary MX every X minutes, and alter the corresponding file in /proc depending if it is up/down, but the "condition" module seems to be mythical -- there's talk, but I can't find the actual module.
Does anyone have any other ideas, other than having the script explicitly alter the iptables rules instead of the entries in /proc?

The 'condition' module is part of xtables_addons: http://aur.archlinux.org/packages.php?ID=25716

Similar Messages

  • Query on –m option of iptables command

    I have a query on the use of the –m option of iptables command in RHEL 6.0. I have seen commands like:
    iptables –A INPUT –m state --state ESTABLISHED,RELATED –j ACCEPT
    which makes quite good sense but the below command:
    iptables –A PREROUTING -s 10.101.17.34 –d 10.101.15.84 –p tcp –m tcp --dport 443 –j REDIRECT –to-ports 30080
    does not seem to be useful as tcp is already given against the –p option then what is the use of specifying –m option again with tcp. I am be wrong on this.
    I hope my query is clear.
    Please revert with the reply to my query.
    Regards

    Hi,
    When we see the man command for iptables which is the manual reference.
    # man 8 iptables
    -m, --match match
        Specifies a match to use, that is, an extension module that tests for a specific property. The set of matches make up the condition under which a target is invoked. Matches are evaluated first to last as specified on the command line and work in short-circuit fashion, i.e. if one extension yields false, evaluation will stop.
    For more information, look at this URL.
    The match can be: account , comment , connbytes , connlimit , ipv4options , osf, recent, set, tos, tcp, udp
    For more information, look at this URL.
    I hope this can help you
    Best Regards

  • Shorewall/Iptables REDIRECT error

    Hello to all,
    I have a Shorewall Machine installed with 2 nics...
    But i cant use REDIRECT on /etc/shorewall/rules nor i can use mac address ( ex. loc:~00-A0-C9-15-39-78 ) .. it gaves me an error .....
    $uname -a
    Linux Pride 3.2.8-1-ARCH #1 SMP PREEMPT Mon Feb 27 22:13:59 UTC 2012 i686 Intel(R) Celeron(R) CPU 2.66GHz GenuineIntel GNU/Linux
    $shorewall version -a
    shorewall-core: 4.5.1.1
    shorewall: 4.5.1.1
    $Shorewall debug restart
    Processing /etc/shorewall/init ...
    Processing /etc/shorewall/tcclear ...
    Setting up Route Filtering...
    Setting up Martian Logging...
    Setting up Proxy ARP...
    Setting up Traffic Control...
    Preparing iptables-restore input...
    Running debug_restore_input...
    iptables: No chain/target/match by that name.
    ERROR: Command "/usr/sbin/iptables -A loc_dnat -p 6 --dport 80 -j REDIRECT --to-port 3128" Failed
    Processing /etc/shorewall/stop ...
    Processing /etc/shorewall/tcclear ...
    Running /usr/sbin/iptables-restore...
    IPv4 Forwarding Enabled
    Processing /etc/shorewall/stopped ...
    /usr/share/shorewall/lib.common: line 112: 11336 Terminated $SHOREWALL_SHELL $script $options $@
    $shorewall show capabilities
    Shorewall has detected the following iptables/netfilter capabilities:
    NAT: Available
    Packet Mangling: Available
    Multi-port Match: Available
    Extended Multi-port Match: Available
    Connection Tracking Match: Available
    Extended Connection Tracking Match Support: Available
    Packet Type Match: Not available
    Policy Match: Not available
    Physdev Match: Not available
    Physdev-is-bridged Support: Not available
    Packet length Match: Available
    IP range Match: Not available
    Recent Match: Not available
    Owner Match: Not available
    CONNMARK Target: Not available
    Connmark Match: Not available
    Raw Table: Available
    Rawpost Table: Not available
    IPP2P Match: Not available
    CLASSIFY Target: Not available
    Extended REJECT: Available
    Repeat match: Not available
    MARK Target: Available
    Extended MARK Target: Available
    Extended MARK Target 2: Available
    Mangle FORWARD Chain: Available
    Comments: Available
    Address Type Match: Available
    TCPMSS Match: Not available
    Hashlimit Match: Not available
    NFQUEUE Target: Not available
    Realm Match: Not available
    Helper Match: Not available
    Connlimit Match: Not available
    Time Match: Not available
    Goto Support: Available
    LOGMARK Target: Not available
    IPMARK Target: Not available
    LOG Target: Available
    ULOG Target: Available
    NFLOG Target: Not available
    Persistent SNAT: Available
    TPROXY Target: Not available
    FLOW Classifier: Available
    fwmark route mask: Available
    Mark in any table: Available
    Header Match: Not available
    ACCOUNT Target: Not available
    AUDIT Target: Not available
    ipset V5: Not available
    Condition Match: Not available
    Statistic Match: Not available
    IMQ Target: Not available
    DSCP Match: Not available
    DSCP Target: Not available
    iptables -S: Available
    Basic Filter: Available
    CT Target: Not available
    Ty for ur time even readin this, waitin for ur help I m sure i mmissing smth on kernel...
    John
    Last edited by CoMfUcIoS (2012-03-28 14:58:41)

    http://forums.sun.com/thread.jspa?threadID=5392079&messageID=10739096#10739096

  • Error in creation of a condition record

    Hi to all, I've this error when I try to create a condition record :
    Implementation of Method FIELD_CHECK/DEFAULT_VALUE_SUGGESTION for BAdI /SAPCND/ROLLNAME for filter ZIUSERSTATUS is missing
    Message no. /SAPCND/MAINTENANCE719
    Diagnosis
    Implementation of BADI /SAPCND/ROLLNAME or method FIELD_CHECK/DEFAULT_VALUE_SUGGESTION is missing for the filter characteristic ZIUSERSTATUS.
    If, however, the implementation is correct (see BADI Interface Documentation) and active, there is an error in the condition maintenance layer.
    System Response
    An exception or error occurred because condition maintenance cannot check, convert or lock/unlock the fields of a condition record.
    Procedure
    Contact the department responsible for carrying out the missing implementation in the case of application fields in the customer namespace.  SAP is responsible for SAP fields which are set in the field catalog (/SAPCND/CTFC) and delivered, and if the field is supported as a possible field in a condition table. SAP is also responsible for the implementation of usage fields for SAP applications, just as with condition technique fields.
    In cases where SAP is responsible, contact your responsible support organization.
    Could someone help me please ?

    Hi I just put the coding:
    e_was_executed = 'X'.
    into every method and however it worked.
    Best Regards

  • IF Condition in RTF Help text

    Hi,
    I have RTF template which contains the field to display the column name. Below are my help text.
    COLUMN1 is my XML tag and displaying AQUA color in my excel output.
    <?COLUMN1?><xsl:attribute xdofo:ctx="block" name="background-color">Aqua</xsl:attribute>From above scenario, i need to add one more condition if there is no value in my XML tag then don't display the field in my excel output. For example. I have COLUMN1 and COLUMN2 XML Tag. Only COLUMN1 contains the value but COLUMN2 not. In my excel output the COLUMN2 value should not display.
    Thanks

    Please see if (How to make condition using XML tags to check NULL values in XML Publisher templates? [ID 414022.1]) helps.
    Also, see XML Publisher Guide which can be accessed via http://www.oracle.com/technetwork/documentation/applications-167706.html
    Thanks,
    Hussein

  • IF and ABS condition statement in BEX query designer

    Hi,
    I would like to ask the best way for me to produce an acceptable result from Excel IF and ABS Condition statement.
    The condition statement that I have on my Excel file is
    =IF((A2-B2)>0,ABS(A2-B2),0)
    I'm trying multiple times to reproduce this in BEX Query designer, unfortunately I'm getting a bad result or unacceptable formula.
    Anyone who could help me with my issue?
    Thanks,
    Arnold

    Hi Arnold,
    Thank you,
    Nanda

  • Classic report - Condition evaluated for every row

    APEX 4.2.2
    I am seeing something strange in a classic report region. A report started to fail at run-time with a strange error about bad syntax. When I run the page in debug mode, I see the following
    print column headings
    rows loop: 30 row(s)
    ...Execute Statement: begin wwv_flow.g_boolean := '' is not null;
    end;
    ......Result = false
    ...Execute Statement: begin wwv_flow.g_boolean := '' is not null;
    end;
    ......Result = false
    ...Execute Statement: begin wwv_flow.g_boolean := 'string with a embedded ' single quote' is not null;
    end;
    ......Result = true
    Looks like the APEX engine is evaluating a boolean expression after rendering and each and every row in the report. And for some strange reason, it is using a piece of data from my query's resultset and failing because of the bad syntax introduced due to the single-quote in the string.
    I have never seen this before. Any idea what is going on?
    Thanks

    Howdy Paul, sorry should have provided all the details. No, this is a standard generic column template. Ah, you are right, drat I should have looked closer. The template has use a condition to show either a highlighted row or normal one. Sorry for the false alarm, I can take it from here. Enjoy your flight :-)

  • I had 2 Apple IDs but now Apple implemented new conditions and i can't use one of them after 90 days using the prior one..! - "This Device Is Already Associated With an Apple ID"

    I have two Apple IDs because i travel frequently between Mexico and the US, and the apple stores offer different products, so i like to download music, movies and TV series from both sites.
    Apparently apple changed the conditions, becauise until a few days ago i could log our from one account and log in from my other one. Yesterday i was at Miami International Airport and wanted to download a few chapters from one of my TV series (Walking Dead) to watch on my way to Mexico City, but a pop up window came up saying "this device is already associated with an apple id". Curoiously, the ID to which i was connected to was precisely the one under which i had bought weeks ago the chapters i was wanting to download from the cloud. So it says i have to wait 90 days to change apple id.... weard! probably i accepted these terms when dowloading a new IOS version, so legally I'm dead in complaining, but why is it that if i am paying for all that i buy as a model citizen i am now blocked from jumping from one apple id to another one???? I can certainly buy another ipad and have one with one id and another one with the other, but is there any other way i can keep the two in just one device?? If i don't use i-could would anything change? This is really making me mad, and is the first time i have thought of moving our of mac products into samsung or others and buy my music and movies somewhere else where stupid restrictions like this one do not exist. Please help with a solution!

    OK, but in my ipad, the apple id i have in itues is already the one  iwant to have, but th one i used to sin in for i-coud is the other one. Any tip as to how to change the apple id for icloud and any idea how to know what apps i bought with the other apple id so as to delete them from my ipad to avoid being asked to enter another apple id every time they get updated? thanks!

  • [SOLVED] how to use diffrent iptables rules for different ppp account?

    x86 plantform run arch linux system , have two network interface etn1 eth0 .eth1 connect to internet. eth0 connect to other terminals through switch. want use different iptables rules for different pppoe account .also want to know how to forbidden more than one terminals established pppoe link use same account at the same time .
    Last edited by linuxsir (2013-09-26 06:48:01)

    (You establish PPPoE sessions over the local network to the Arch machine? Which then routes the traffic?)
    first question ,yes that is exactly what i am done. second question i also have a small  scripts on windows pc to solve routes traffic problem
    route -p delete 0.0.0.0
    route -p add 192.168.9.0 mask 255.255.255.0 192.168.9.1
    route -p add 0.0.0.0 mask 0.0.0.0 192.168.22.0
    but after a while i found scripts is not necessary because windows always attempt to use PPPoE sessions as default internet connection local connection is also ok
    and use  -i pppX in my iptables rules dose not  solve my problem , because same account start PPPoE session could be marked as ppp0 or ppp1. it is hard to identified which account start session.

  • How to Delete the condition record in CRM

    HI,
    Can you please help me how to delete the condition record from condition table in CRM.
    Please explain the usage of FM CRMXIF_CONDITION_SEL_DELETE with examples.
    I have also read the documention of the function module. How to use this FM for custom defined condition table.
    (this is the code given in Documentation)
    DATA-OBJECT_REPRESENTATION         = 'E'
    DATA-SEL_OPT-CT_APPLICATION              = 'CRM'
    DATA-SEL_OPT-OBJECT_TASK                    = 'D'
    DATA-SEL_OPT-RANGE-FIELDNAME        = 'PRODUCT_ID'
    DATA-SEL_OPT-RANGE-R_SIGN                  = 'I'    (Including)
    DATA-SEL_OPT-RANGE-R_OPTION           = 'EQ'
    DATA-SEL_OPT-RANGE-R_VALUE_LOW  = 'PROD_1'
    Thanks
    Shankar

    Hi Shankar,
    I am using the same CRMXIF_CONDITION_SEL_DELETE function module to delete condition record present in CRM.
    But it is giving me below error in the return table of the FM after i run the program. Can you please correct me if I am doing any thing wrong?
    Error in  lt_return: SMW3     CND_MAST_SEL_DEL_EXT_VALIDATE     CND_M_SD
    code:
    ls_range-fieldname = 'PRODUCT_ID''.
    ls_range-R_SIGN = 'I'.
    ls_range-R_OPTION = 'EQ'.
    ls_range-R_VALUE_LOW = '123456'.
    APPEND ls_range TO lt_range.
    MOVE lt_range TO ls_entry-SEL_OPT-range.
    ls_data-SEL_OPT-object_task = 'D'.
    ls_data-SEL_OPT-ct_application = 'CRM'.
    ls_data-object_representation = 'E'.
    CALL FUNCTION 'CRMXIF_CONDITION_SEL_DELETE'
      EXPORTING
        DATA          = ls_date
    IMPORTING
       RETURN        = lt_return
    CALL FUNCTION 'BAPI_TRANSACTION_COMMIT'
      IMPORTING
        return = lt_ret.
    Edited by: Saravanaprasad Nadar on Jul 7, 2010 1:27 AM

  • SSRS Using Sum and = in a conditional operator

    Hi,
    Still getting to grips with SSRS so any help would be appreciated.
    My aim is to calculate a conditional field using the SSRS expression feature, the datasource is a shared dataset which i can't alter so i can't just go an alter the SQL query or anything.
    In SQL my query would be like this: SELECT COUNT(TotalHours) FROM TableName WHERE TotalHours <= 24
    Is there anyway to combined the Iff and Sum operator's to get a result like the above?
    At present all i managed to come up with is the below but obviously it's not returning the correct amount.
    =IIf(Fields!TotalHours.Value <= "24", Sum(Fields!TotalHours.Value), 0 )
    Please help!
    Edit: Please note that i'm not trying to sum a field based on a condition that relates to another column, i just need a sum of 'TotalHours' that are less than or equal to 24, please also note there is another field called category, each category needs a
    sum of the above.
    Regards,
    Marcus
    Plain_Clueless

    Hi Marcus,
    According to your description, you want to count [TotalHours] when the value of this field is less than 24, right?
    In your scenario, you could use the expression like below:
    =Sum(IIF(Fields!TotalHours.Value<=24,1,0))
    Please note don’t put this expression in the detail rows, you could refer to our test results:
    If you have any question, please feel free to ask.
    Best regards,
    Qiuyun Yu
    Qiuyun Yu
    TechNet Community Support

  • Error in using a variable in filter condition in an Interface

    Hi All,
    I am using a variable in my interface in a filter condition. I have an EMP table of scott schema and want to pull all the records wiht hiredate date lying between 2 dates, incremental pull.For this I have created 2 variables and using them in the filter condition. I am getting an error inthe interface when I run in a package after declaring and refresing the variables.
    com.sunopsis.sql.SnpsMissingParametersException: Missing parameter
         at com.sunopsis.sql.SnpsQuery.completeHostVariable(SnpsQuery.java)
         at com.sunopsis.sql.SnpsQuery.updateExecStatement(SnpsQuery.java)
         at com.sunopsis.sql.SnpsQuery.executeUpdate(SnpsQuery.java)
         at com.sunopsis.dwg.dbobj.SnpSessTaskSql.execStdOrders(SnpSessTaskSql.java)
         at com.sunopsis.dwg.dbobj.SnpSessTaskSql.treatTaskTrt(SnpSessTaskSql.java)
         at com.sunopsis.dwg.dbobj.SnpSessTaskSqlI.treatTaskTrt(SnpSessTaskSqlI.java)
         at com.sunopsis.dwg.dbobj.SnpSessTaskSql.treatTask(SnpSessTaskSql.java)
         at com.sunopsis.dwg.dbobj.SnpSessStep.treatSessStep(SnpSessStep.java)
         at com.sunopsis.dwg.dbobj.SnpSession.treatSession(SnpSession.java)
         at com.sunopsis.dwg.cmd.DwgCommandSession.treatCommand(DwgCommandSession.java)
         at com.sunopsis.dwg.cmd.DwgCommandBase.execute(DwgCommandBase.java)
         at com.sunopsis.dwg.cmd.e.i(e.java)
         at com.sunopsis.dwg.cmd.g.y(g.java)
         at com.sunopsis.dwg.cmd.e.run(e.java)
         at java.lang.Thread.run(Unknown Source)
    Regards,
    Krishna

    Hi Krishna,
    What is the datatype of the Variable lastupdate ?
    In my case
    Variable
    Name : LastUpdateDate
    Datatype : Alphanumeric
    Action : Historize
    Query : select to_char(to_date(sysdate,'DD-MON-YY'),'DD-MON-YY') from sys.dual
    Then in filter I used
    EMP.HIREDATE>to_date('#LastUpdateDate','DD-MON-YY')
    Thanks
    Sutirtha

  • BAPI_CUSTOMERQUOTATION_CHANGE - error while changing a condition value

    Hallo Gurus,
    I am trying to use tshi BAPI BAPI_CUSTOMERQUOTATION_CHANGE to change a condition value of a condition record of a quotation.
    Every time I execute the BAPI, instead of the condition tyoe being changed, a new record is added to the list of conditions!
    Can someone please help!
    Thsi is my piece of code::
    itab_BAPISDH1X-UPDATEFLAG = 'U'.
    append itab_BAPISDH1X.
    itab_BAPICOND-ITM_NUMBER = '10'.
    itab_BAPICOND-COND_ST_NO = '31'.
    itab_BAPICOND-COND_COUNT = '00'.
    itab_BAPICOND-COND_TYPE = 'ZST3'.
    itab_BAPICOND-COND_VALUE = '15.00'.
    itab_BAPICOND-COND_UPDAT = 'X'.
    append itab_BAPICOND.
    itab_BAPICONDX-ITM_NUMBER = '10'.
    itab_BAPICOND-COND_ST_NO = '31'.
    itab_BAPICOND-COND_COUNT = '00'.
    itab_BAPICONDX-COND_TYPE = 'ZST3'.
    itab_BAPICONDX-UPDATEFLAG = 'X'.
    itab_BAPICONDX-COND_VALUE = 'X'.
    append itab_BAPICONDX.
    CALL FUNCTION 'BAPI_CUSTOMERQUOTATION_CHANGE'
      EXPORTING
        salesdocument                = p_vbeln
      QUOTATION_HEADER_IN          =
        quotation_header_inx         = itab_BAPISDH1X
      tables
        return                       = itab_BAPIRET2
       CONDITIONS_IN                =  itab_BAPICOND
       CONDITIONS_INX               =  itab_BAPICONDX
    Thanks!
    Mukta

    Hmm...
    Change the following....and check..
    itab_BAPICONDX-ITM_NUMBER = '10'.
    itab_BAPICOND-COND_ST_NO = '31'.
    itab_BAPICOND-COND_COUNT = '00'.
    itab_BAPICONDX-COND_TYPE = 'ZST3'.
    itab_BAPICONDX-UPDATEFLAG = 'X'.
    itab_BAPICONDX-COND_VALUE = 'X'.
    append itab_BAPICONDX.
    "change the above to.....
    ab_BAPICONDX-COND_TYPE = 'X'.
    append itab_BAPICONDX.
    The BAPICONDX.. should contain only X.. in the fields which you want to update.. try this change..and let us know if it works.
    Also have a look at the FUNCTION MODULE DOCUMENTATION for this bapi in SM37.
    Cheers...

  • Conditional show error in dashboard In OBIEE 11g

    Hi Gurus,
    I I have a dashboard prompt which is a radio button containing Month & Quarter. Also have 2 other prompts like DP_Month which will show months(201301,201302 ...) and DP_quarter which will show(2013Q1,2013Q2..). This 2 prompts will show conditionally based on based on 1st prompt selection(like Month or quarter) which is working properly.
    Suppose when I click Month I m getting 2nd month prompt and changed to Quarter and getting Quarter prompt..But when I move to 2nd page  Quarter prompt is selected but Month dropdown  is showing.
    Please suggest..
    Regards,
    Smita

    Hi Nagireddy, thanks for your reply.
    Is there any limit of values to extract in Dashboard prompt? i.e. when you use drop down list as Dashboard prompt, is there any limit of values to extract from database?
    In my local environment (instanceconfig.xml), there is limit of Rows to View and Download set to 20K, however I did not see anything related to the Dashboard Prompt.  

  • Free Goods with pricing condition (Urgent)

    Hi MM Expert,
    we have a probleme with free goods. because in PO item of free goods, there is no condition management (no Invoice entry) but we should manage some pricing condition for the item (spécifique condition relative to transport, ...).
    so are the any way of managing the expenses annex condition(transport charge, customs clearance charges,…) for the free goods in an item of Purchase Order ??
    thank's in advance.
    Said

    Hi,
    This is not possible to maintain the condition s for free goods because while creating the PO for free goods by selecting the free goods tad at item level, There is no Condition tab at Item detail .means you are not able to mainatin conditions.
    If you want to maintain the conditions ,you have to treat as a Normal scenarios .
    Regards
    Sanjay L

Maybe you are looking for