Private IP Schemes
I have a company with 13 offices. Each of the offices has anywhere from 6 - 40 nodes. Also I am considering VOIP so I may need some address for that. Currently I have a site to site VPN with configure each site with the following IP's ranges;
172.16.0.0916 Site 1
172.17.0.0/16 Site 2
172.18.0.0/16 Site 3
172.20.0.0/16 Site 4
172.21.0.0/16 Site 5
172.22.0.0/16 Site 6
172.23.0.0/16 Site 7
172.24.0.0/16 Site 8
172.25.0.0/16 Site 9
172.26.0.0/16 Site 10
172.27.0.0/16 Site 11
172.28.0.0/16 Site 12
172.26.0.0/16 Site 13
I have been told that these are not valid private address. Are these valid address? If not what would be a good address scheme? Are there any sample private IP schemes that I can look at?
A couple of other notes:
Thanks
Kevin
Kevin
As Nick points out there are reserved addresses for private use which include addresses in the range 172.16.0.0 through 172.31.255.255. So in general I am not sure what the objection was and believe that what you list are valid private addresses.
There are a couple of details in what you posted that probably are errors in typing (but if not they would present problems with your addressing scheme). You list these ranges:
172.26.0.0/16 Site 10
172.26.0.0/16 Site 13
I am assuming that you meant 172.29.0.0 for site 13.
I also note that you skipped over address 172.19.0.0 and am not sure if it was on purpose or not.
HTH
Rick
Similar Messages
-
I've got a new 5505, and I've run through two wizards: one to start up, one to add client VPN. As a result, I can now connect from a client, the client gets the right info (ip adress, dns, gateway), but it cannot connect to any of the servers on the 'inside' network. The config is here:
http://www.dubbele.com/asaconfig.txt.
I've tried a lot of different things, but I cannot seem to get what's going wrong. Any clues would be very welcome!John,
I strongly suggest to always use different ip-scheme for each of vpn RA tunnels and that they not be the same any of the asa inside interfaces.
interface Vlan1
ip address 192.168.6.25 255.255.255.0
ip local pool vpnhaarlem 192.168.6.150-192.168.6.175 mask 255.255.255.0
for vpnhaarlem do the following.
use a unique private IP scheme for it as you have done with rotterdam , as an example lets use 10.20.20.0/24
remove
no ip local pool vpnhaarlem 192.168.6.150-192.168.6.175 mask 255.255.255.0
add
ip local pool vpnhaarlem 10.20.20.1-10.20.20.254 mask 255.255.255.0
This first line acl is ok but persoannly I suggest to be more granular allowing specific RA tunnel group networks and not just permit ip any, again example for 10.20.20.0/24 network .
stick with one no NAT acl for RA tunnels like inside_nat0_outbound remove the 1 and 2 otherwise you will have to create more
nat (inside) access-list statements for RA networks.
remove
no access-list inside_nat0_outbound_1 extended permit ip any 192.168.6.0 255.255.255.0
no access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.6.0 255.255.255.0
add
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 10.20.20.0 255.255.255.0
for the rotterdam tunnel group it is fine with unique IP scheme , I would apply my suggestion above
no access-list inside_nat0_outbound_2 extended permit ip 192.168.6.0 255.255.255.0 192.168.6.128 255.255.255.192
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.5.0 255.255.255.0
re-adjust the no-nat acl statement bellow
no nat (inside) 0 access-list inside_nat0_outbound_2
nat (inside) 0 access-list inside_nat0_outbound
Let us know how it works out
Rgds
Jorge -
Hello!
I will kindly ask for your honest opinions as I want to study for an Oracle Linux exam and I need to get the below indicated topics covered, but unfortunately I could not find a book to cover them all (as I did for Oracle 11g).
Please help me locate a book, two or how many are necessary to help me study for the exam and cover the following topics:
Thank you all!
Installing Enterprise Linux
Install Enterprise Linux on any supported architecture.
Create partitions, software RAID and LVM storage configurations.
Select Packages for Installation.
PC Hardware & Linux
Get detailed information about all PCI & USB devices that are connected to a Linux system
Identify, load, unload and configure kernel modules
Tune the running kernel using the /proc/ filesystem
Post-Install System Configuration
Set and maintain the system clock with date, hwclock and NTP
Install, update and remove RPM packages with the rpm & yum commands
Configure printers with CUPS
Create and use Kickstart files for automated, hands-off installations
Boot Process & SysV Init
Configure the GRUB boot loader
Manage SysV Init scripts, including customizing files under the /etc/sysconfig/ directory to tune SysV Init scripts
Configure and use SysV runlevels
Shutdown & reboot Linux systems
User/Group Administration and NFS
Describe and apply the User Private Group scheme
Create, delete and configure user and system accounts
Create, delete and configure groups
Customize the PAM configuration
Configure and control access to su and sudo
Configure Linux systems to use centralized authentication and user information stores for system logins
Implement a file server to share files with NFS v3 & v4
Configure the automounter (autofs) allowing un-privileged users to mount filesystems on-demand
Filesystem Administration
Work with device nodes and udev
Partition hard drives after installation
Create and tune filesystems
Mount filesystem, including persistent configuration in the /etc/fstab file
Create, manage and tune swap devices
Configure, manage, assign and maintain quotas on filesystems
Create, use and remove File Access Control Lists (FACLs)
LVM & Raid
Configure Logical Volume Manager volume groups and logical volumes
Create and use software RAID devices
Grow and shrink logical volumes and the filesystems on them
Use LVM snapshots to create consistent, reliable backups
Task Automation & Process Accounting
Use the at & batch facilities to run one-time tasks
Manage cron jobs for recurring tasks, both system-wide and per-user
Configure syslog for central system logging
View, manage and kill running processes
Monitor system and application logs on a daily basis with logwatch
Configure process accounting and examine the resulting logs
Limiting and measuring resource usage (ulimit, pam, sar, vmstat, iostat)
Client Networking
Configure TCP/IP networking on Linux systems
Configure static routing on a Linux system
Aggregate multiple network links into a single interface via the bonding driver's Etherchannel and 802.3ad support
Configure a Linux system to participate in multiple VLANs on a managed switch via 802.1q frame tagging
Configure and maintain a DHCP server
Using networking diagnostics tool (ping,arp,ethtool)
Enterprise Linux Fundamentals
What is Linux?
Identify the origins of UNIX and how Linux is related to UNIX
Describe the major goals of the Free Software Foundation and the GNU project
List key elements of a Linux distribution and name several distributions
List several standards that apply to Linux
Describe the basic mechanisms that make UNIX so powerful
Multi User Concepts
Describe the differences between the administrative (root) user and normal user accounts and explain when each should be used
Log into the system
Switch between accounts using the 'su' command
Use basic commands to gather information about the system
Use system help facilities to learn about commands and their options.
The Linux File System
List the standard system directories and explain what type of files are contained in each
Navigate the file system
Explain standard POSIX file permissions including special permissions such as the SUID, SGID and Sticky bits on both files and directories
Change permissions of files
Explain how file ownership (user: group) relates to file permissions
Change ownership of files
Describe how the User Private Group (UPG) scheme works and the problem it solves
Manipulating Files
Be able to create, delete, copy, move and rename files and directories
Describe the various types of files that can be stored on UNIX and Linux file systems
Explain hard links and symbolic links, their pros & cons and when & where they can or can not be used
Identify the type of content of any file
View the contents of both text-based and binary files
Search the file system for files and directories with specific properties
Text Processing
Search inside of files for specified information
Perform file editing, sorting, cutting & merging text files from the command linee
Shell Basics
Understand the varied roles the command shell plays in everyday UNIX/Linux usage
Pipe several commands together to perform more complex and useful processing
Use file redirection on the command line
Create and use shell and environment variables to configure and control the operation of the system, the command shell and programs
Use and escape special characters when they are used on the command line
Regular Expressions Construct regular expressions for matching text patterns
Archiving and Compression
Use tar & cpio to create archives and extract files from them
Compress and decompress files using the UNIX compress, GNU gzip, bzip2 and zip formats
Text Editing
Use simple text editors like pico and nano
Perform basic and intermediate text editing functions efficiently with vi & Vim
Perform basic and intermediate text editing functions with GNU Emacs
Command Shells
List the history and relationships of the various popular shell implementations available on UNIX and Linux systems
Identify and switch between the various shell implementations
Customize the command prompt on Bourne and BASH shells
Use command line history, command completion, aliases and command line editing
Customize command shell operation system wide and for individual users
Introduction to Shell Scripting
Process arguments passed into a shell script
Get input from the user of a shell script
Generate formatted output from a shell script
Perform tasks conditionally using if, case and while loops in a shell script
Perform repeated actions over a set of values with for loops on the command line and within shell scripts
Do math in a shell script
Process Management and Job Control
Describe the differences between process and threads
Find and control running programs with ps, top, kill, and nice
Use the jobs, fg and bg commands to view and access several tasks at once on a single shell
Use the screen command to run several programs and disconnect from running programs on remote systems
Messaging
Send local messages with the write and wall commands
Use talk and ytalk to chat with other users
Send and read email with the mail and pine commands
The Secure Shell
Configure the ssh client and sshd server programs securely
Establish secure, remote connections to other systems
Use SSH's key-based authentication
Managing Software
Find and download software via FTP & HTTP with text & graphical client programs like wget, lftp, links, Konqueror and Mozilla Firefox
Install binary programs in RPM packages
List software already installed on the system with RPM
Compile and install software from source releases
Compile and install software from a source RPM (SRPM or .src.rpm) package
Printing
Use CUPS to connect to available local and network printers
Use various commands to process and convert files in preparation for printing
Send jobs to a printer
Monitor and remove print jobs
Mounting FileSystems and Managing Removable Media
Use the mount command
Access NFS and SMB filesystems over the network
Use autofs for on-demand mounting of filesystems without root privileges
X Window System
Start the graphical environment manually
Select different desktop environments
Launch graphical applications
Use Linux as an X terminal
Customize the graphical environment and auto-start applications at login and X startup
Securely tunnel remote graphical applications through SSHHello!
I will kindly ask for your honest opinions as I want to study for an Oracle Linux exam and I need to get the below indicated topics covered, but unfortunately I could not find a book to cover them all (as I did for Oracle 11g).
Please help me locate a book, two or how many are necessary to help me study for the exam and cover the following topics:
Thank you all!
Installing Enterprise Linux
Install Enterprise Linux on any supported architecture.
Create partitions, software RAID and LVM storage configurations.
Select Packages for Installation.
PC Hardware & Linux
Get detailed information about all PCI & USB devices that are connected to a Linux system
Identify, load, unload and configure kernel modules
Tune the running kernel using the /proc/ filesystem
Post-Install System Configuration
Set and maintain the system clock with date, hwclock and NTP
Install, update and remove RPM packages with the rpm & yum commands
Configure printers with CUPS
Create and use Kickstart files for automated, hands-off installations
Boot Process & SysV Init
Configure the GRUB boot loader
Manage SysV Init scripts, including customizing files under the /etc/sysconfig/ directory to tune SysV Init scripts
Configure and use SysV runlevels
Shutdown & reboot Linux systems
User/Group Administration and NFS
Describe and apply the User Private Group scheme
Create, delete and configure user and system accounts
Create, delete and configure groups
Customize the PAM configuration
Configure and control access to su and sudo
Configure Linux systems to use centralized authentication and user information stores for system logins
Implement a file server to share files with NFS v3 & v4
Configure the automounter (autofs) allowing un-privileged users to mount filesystems on-demand
Filesystem Administration
Work with device nodes and udev
Partition hard drives after installation
Create and tune filesystems
Mount filesystem, including persistent configuration in the /etc/fstab file
Create, manage and tune swap devices
Configure, manage, assign and maintain quotas on filesystems
Create, use and remove File Access Control Lists (FACLs)
LVM & Raid
Configure Logical Volume Manager volume groups and logical volumes
Create and use software RAID devices
Grow and shrink logical volumes and the filesystems on them
Use LVM snapshots to create consistent, reliable backups
Task Automation & Process Accounting
Use the at & batch facilities to run one-time tasks
Manage cron jobs for recurring tasks, both system-wide and per-user
Configure syslog for central system logging
View, manage and kill running processes
Monitor system and application logs on a daily basis with logwatch
Configure process accounting and examine the resulting logs
Limiting and measuring resource usage (ulimit, pam, sar, vmstat, iostat)
Client Networking
Configure TCP/IP networking on Linux systems
Configure static routing on a Linux system
Aggregate multiple network links into a single interface via the bonding driver's Etherchannel and 802.3ad support
Configure a Linux system to participate in multiple VLANs on a managed switch via 802.1q frame tagging
Configure and maintain a DHCP server
Using networking diagnostics tool (ping,arp,ethtool)
Enterprise Linux Fundamentals
What is Linux?
Identify the origins of UNIX and how Linux is related to UNIX
Describe the major goals of the Free Software Foundation and the GNU project
List key elements of a Linux distribution and name several distributions
List several standards that apply to Linux
Describe the basic mechanisms that make UNIX so powerful
Multi User Concepts
Describe the differences between the administrative (root) user and normal user accounts and explain when each should be used
Log into the system
Switch between accounts using the 'su' command
Use basic commands to gather information about the system
Use system help facilities to learn about commands and their options.
The Linux File System
List the standard system directories and explain what type of files are contained in each
Navigate the file system
Explain standard POSIX file permissions including special permissions such as the SUID, SGID and Sticky bits on both files and directories
Change permissions of files
Explain how file ownership (user: group) relates to file permissions
Change ownership of files
Describe how the User Private Group (UPG) scheme works and the problem it solves
Manipulating Files
Be able to create, delete, copy, move and rename files and directories
Describe the various types of files that can be stored on UNIX and Linux file systems
Explain hard links and symbolic links, their pros & cons and when & where they can or can not be used
Identify the type of content of any file
View the contents of both text-based and binary files
Search the file system for files and directories with specific properties
Text Processing
Search inside of files for specified information
Perform file editing, sorting, cutting & merging text files from the command linee
Shell Basics
Understand the varied roles the command shell plays in everyday UNIX/Linux usage
Pipe several commands together to perform more complex and useful processing
Use file redirection on the command line
Create and use shell and environment variables to configure and control the operation of the system, the command shell and programs
Use and escape special characters when they are used on the command line
Regular Expressions
Construct regular expressions for matching text patterns
Archiving and Compression
Use tar & cpio to create archives and extract files from them
Compress and decompress files using the UNIX compress, GNU gzip, bzip2 and zip formats
Text Editing
Use simple text editors like pico and nano
Perform basic and intermediate text editing functions efficiently with vi & Vim
Perform basic and intermediate text editing functions with GNU Emacs
Command Shells
List the history and relationships of the various popular shell implementations available on UNIX and Linux systems
Identify and switch between the various shell implementations
Customize the command prompt on Bourne and BASH shells
Use command line history, command completion, aliases and command line editing
Customize command shell operation system wide and for individual users
Introduction to Shell Scripting
Process arguments passed into a shell script
Get input from the user of a shell script
Generate formatted output from a shell script
Perform tasks conditionally using if, case and while loops in a shell script
Perform repeated actions over a set of values with for loops on the command line and within shell scripts
Do math in a shell script
Process Management and Job Control
Describe the differences between process and threads
Find and control running programs with ps, top, kill, and nice
Use the jobs, fg and bg commands to view and access several tasks at once on a single shell
Use the screen command to run several programs and disconnect from running programs on remote systems
Messaging
Send local messages with the write and wall commands
Use talk and ytalk to chat with other users
Send and read email with the mail and pine commands
The Secure Shell
Configure the ssh client and sshd server programs securely
Establish secure, remote connections to other systems
Use SSH's key-based authentication
Managing Software
Find and download software via FTP & HTTP with text & graphical client programs like wget, lftp, links, Konqueror and Mozilla Firefox
Install binary programs in RPM packages
List software already installed on the system with RPM
Compile and install software from source releases
Compile and install software from a source RPM (SRPM or .src.rpm) package
Printing
Use CUPS to connect to available local and network printers
Use various commands to process and convert files in preparation for printing
Send jobs to a printer
Monitor and remove print jobs
Mounting FileSystems and Managing Removable Media
Use the mount command
Access NFS and SMB filesystems over the network
Use autofs for on-demand mounting of filesystems without root privileges
X Window System
Start the graphical environment manually
Select different desktop environments
Launch graphical applications
Use Linux as an X terminal
Customize the graphical environment and auto-start applications at login and X startup
Securely tunnel remote graphical applications through SSH
How about posting this question in the Certification Forum
Since Oracle Linux is based on Red Hat Enterprise Linux, you can use and search "RHEL books". There should some. -
Sharing network problem - again
Hi, i hoped to avoid posting this problem, but i just can't get internet sharing working!
My setup is this: I have a PC connected directly to a adsl-modem via a netcard, and via a second netcard (and a crossed cable) i have a second PC connected to the first, both are running Archlinux, the first is up to date, but the second is 0.6 (since i can't update...).
The 2 PC's have no problems communicating, ping and ssh is working perfectly both ways.
To share the connection, i have this in the rc.conf:
The one connected to the modem:
lo="lo 127.0.0.1"
eth0="dhcp"
eth1="eth1 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255"
INTERFACES="lo eth0 eth1"
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# (prefix a route in ROUTES with a ! to disable it)
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
The one needing the connection:
lo="lo 127.0.0.1"
eth0="eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255"
#eth0="dhcp"
INTERFACES=(lo eth0)
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# (prefix a route in ROUTES with a ! to disable it)
gateway="default gw 192.168.1.1"
ROUTES=(gateway)
And i have this "firewall" installed on the one connected to the internet:
#!/bin/sh
# rc.firewall-2.4
FWVER=0.75
# Initial SIMPLE IP Masquerade test for 2.4.x kernels
# using IPTABLES.
# Once IP Masquerading has been tested, with this simple
# ruleset, it is highly recommended to use a stronger
# IPTABLES ruleset either given later in this HOWTO or
# from another reputable resource.
# Log:
# 0.75 - Added more kernel modules to the comments section
# 0.74 - the ruleset now uses modprobe vs. insmod
# 0.73 - REJECT is not a legal policy yet; back to DROP
# 0.72 - Changed the default block behavior to REJECT not DROP
# 0.71 - Added clarification that PPPoE users need to use
# "ppp0" instead of "eth0" for their external interface
# 0.70 - Added commented option for IRC nat module
# - Added additional use of environment variables
# - Added additional formatting
# 0.63 - Added support for the IRC IPTABLES module
# 0.62 - Fixed a typo on the MASQ enable line that used eth0
# instead of $EXTIF
# 0.61 - Changed the firewall to use variables for the internal
# and external interfaces.
# 0.60 - 0.50 had a mistake where the ruleset had a rule to DROP
# all forwarded packets but it didn't have a rule to ACCEPT
# any packets to be forwarded either
# - Load the ip_nat_ftp and ip_conntrack_ftp modules by default
# 0.50 - Initial draft
echo -e "nnLoading simple rc.firewall version $FWVER..n"
# The location of the iptables and kernel module programs
# If your Linux distribution came with a copy of iptables,
# most likely all the programs will be located in /sbin. If
# you manually compiled iptables, the default location will
# be in /usr/local/sbin
# ** Please use the "whereis iptables" command to figure out
# ** where your copy is and change the path below to reflect
# ** your setup
#IPTABLES=/sbin/iptables
IPTABLES=/usr/sbin/iptables
DEPMOD=/sbin/depmod
MODPROBE=/sbin/modprobe
#Setting the EXTERNAL and INTERNAL interfaces for the network
# Each IP Masquerade network needs to have at least one
# external and one internal network. The external network
# is where the natting will occur and the internal network
# should preferably be addressed with a RFC1918 private address
# scheme.
# For this example, "eth0" is external and "eth1" is internal"
# NOTE: If this doesnt EXACTLY fit your configuration, you must
# change the EXTIF or INTIF variables above. For example:
# If you are a PPPoE or analog modem user:
# EXTIF="ppp0"
EXTIF="eth0"
INTIF="eth1"
echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"
#======================================================================
#== No editing beyond this line is required for initial MASQ testing ==
echo -en " loading modules: "
# Need to verify that all modules have all required dependencies
echo " - Verifying that all kernel modules are ok"
$DEPMOD -a
# With the new IPTABLES code, the core MASQ functionality is now either
# modular or compiled into the kernel. This HOWTO shows ALL IPTABLES
# options as MODULES. If your kernel is compiled correctly, there is
# NO need to load the kernel modules manually.
# NOTE: The following items are listed ONLY for informational reasons.
# There is no reason to manual load these modules unless your
# kernel is either mis-configured or you intentionally disabled
# the kernel module autoloader.
# Upon the commands of starting up IP Masq on the server, the
# following kernel modules will be automatically loaded:
# NOTE: Only load the IP MASQ modules you need. All current IP MASQ
# modules are shown below but are commented out from loading.
# ===============================================================
echo "----------------------------------------------------------------------"
#Load the main body of the IPTABLES module - "iptable"
# - Loaded automatically when the "iptables" command is invoked
# - Loaded manually to clean up kernel auto-loading timing issues
echo -en "ip_tables, "
$MODPROBE ip_tables
#Load the IPTABLES filtering module - "iptable_filter"
# - Loaded automatically when filter policies are activated
#Load the stateful connection tracking framework - "ip_conntrack"
# The conntrack module in itself does nothing without other specific
# conntrack modules being loaded afterwards such as the "ip_conntrack_ftp"
# module
# - This module is loaded automatically when MASQ functionality is
# enabled
# - Loaded manually to clean up kernel auto-loading timing issues
echo -en "ip_conntrack, "
$MODPROBE ip_conntrack
#Load the FTP tracking mechanism for full FTP tracking
# Enabled by default -- insert a "#" on the next line to deactivate
echo -en "ip_conntrack_ftp, "
$MODPROBE ip_conntrack_ftp
#Load the IRC tracking mechanism for full IRC tracking
# Enabled by default -- insert a "#" on the next line to deactivate
echo -en "ip_conntrack_irc, "
$MODPROBE ip_conntrack_irc
#Load the general IPTABLES NAT code - "iptable_nat"
# - Loaded automatically when MASQ functionality is turned on
# - Loaded manually to clean up kernel auto-loading timing issues
echo -en "iptable_nat, "
$MODPROBE iptable_nat
#Loads the FTP NAT functionality into the core IPTABLES code
# Required to support non-PASV FTP.
# Enabled by default -- insert a "#" on the next line to deactivate
echo -en "ip_nat_ftp, "
$MODPROBE ip_nat_ftp
#Loads the IRC NAT functionality into the core IPTABLES code
# Required to support NAT of IRC DCC requests
# Disabled by default -- remove the "#" on the next line to activate
#echo -e "ip_nat_irc"
#$MODPROBE ip_nat_irc
echo "----------------------------------------------------------------------"
# Just to be complete, here is a partial list of some of the other
# IPTABLES kernel modules and their function. Please note that most
# of these modules (the ipt ones) are automatically loaded by the
# master kernel module for proper operation and don't need to be
# manually loaded.
# ip_nat_snmp_basic - this module allows for proper NATing of some
# SNMP traffic
# iptable_mangle - this target allows for packets to be
# manipulated for things like the TCPMSS
# option, etc.
# ipt_mark - this target marks a given packet for future action.
# This automatically loads the ipt_MARK module
# ipt_tcpmss - this target allows to manipulate the TCP MSS
# option for braindead remote firewalls.
# This automatically loads the ipt_TCPMSS module
# ipt_limit - this target allows for packets to be limited to
# to many hits per sec/min/hr
# ipt_multiport - this match allows for targets within a range
# of port numbers vs. listing each port individually
# ipt_state - this match allows to catch packets with various
# IP and TCP flags set/unset
# ipt_unclean - this match allows to catch packets that have invalid
# IP/TCP flags set
# iptable_filter - this module allows for packets to be DROPped,
# REJECTed, or LOGged. This module automatically
# loads the following modules:
# ipt_LOG - this target allows for packets to be
# logged
# ipt_REJECT - this target DROPs the packet and returns
# a configurable ICMP packet back to the
# sender.
echo -e " Done loading modules.n"
#CRITICAL: Enable IP forwarding since it is disabled by default since
# Redhat Users: you may try changing the options in
# /etc/sysconfig/network from:
# FORWARD_IPV4=false
# to
# FORWARD_IPV4=true
echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward
# Dynamic IP users:
# If you get your IP address dynamically from SLIP, PPP, or DHCP,
# enable this following option. This enables dynamic-address hacking
# which makes the life with Diald and similar programs much easier.
echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
# Enable simple IP forwarding and Masquerading
# NOTE: In IPTABLES speak, IP Masquerading is a form of SourceNAT or SNAT.
# NOTE #2: The following is an example for an internal LAN address in the
# 192.168.0.x network with a 255.255.255.0 or a "24" bit subnet mask
# connecting to the Internet on external interface "eth0". This
# example will MASQ internal traffic out to the Internet but not
# allow non-initiated traffic into your internal network.
# ** Please change the above network numbers, subnet mask, and your
# *** Internet connection interface name to match your setup
#Clearing any previous configuration
# Unless specified, the defaults for INPUT and OUTPUT is ACCEPT
# The default for FORWARD is DROP (REJECT is not a valid policy)
echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG
echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
echo -e "nrc.firewall-2.4 v$FWVER done.n"
And to start it:
#!/bin/sh
# chkconfig: 2345 11 89
# description: Loads the rc.firewall-2.4 ruleset.
# processname: firewall-2.4
# pidfile: /var/run/firewall.pid
# config: /etc/rc.d/rc.firewall-2.4
# probe: true
# v05/24/03
# Part of the copyrighted and trademarked TrinityOS document.
# http://www.ecst.csuchico.edu/~dranch
# Written and Maintained by David A. Ranch
# [email protected]
# Updates
# 05/24/03 - removed a old networking up check that had some
# improper SGML ampersand conversions.
# Source function library.
. /etc/rc.d/functions
# Check that networking is up.
[ "XXXX${NETWORKING}" = "XXXXno" ] && exit 0
[ -x /sbin/ifconfig ] || exit 0
# The location of various iptables and other shell programs
# If your Linux distribution came with a copy of iptables, most
# likely it is located in /sbin. If you manually compiled
# iptables, the default location is in /usr/local/sbin
# ** Please use the "whereis iptables" command to figure out
# ** where your copy is and change the path below to reflect
# ** your setup
IPTABLES=/usr/sbin/iptables
# See how we were called.
case "$1" in
start)
/etc/rc.firewall-2.4
stop)
echo -e "nFlushing firewall and setting default policies to DROPn"
$IPTABLES -P INPUT DROP
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT DROP
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -F -t nat
# Delete all User-specified chains
$IPTABLES -X
# Reset all IPTABLES counters
$IPTABLES -Z
restart)
$0 stop
$0 start
status)
$IPTABLES -L
mlist)
cat /proc/net/ip_conntrack
echo "Usage: firewall-2.4 {start|stop|status|mlist}"
exit 1
esac
exit 0
But it just won't work! If you can spot any problems please let me know!
UPDATE:
Just talked to my ISP, and they tell me that my IP-adress is locked to one PC. Could this be the problem? or does the forwarding handles this as well?Hey tgc, thank you for posting your problem so generously explained!
I had no idea of how to do it, and I only had to change a small obvious typo to make it work. At least I suppose the typo is the reason for your sharing not to work....
Lets see...did you change the
eth0="eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.0.255"
to
eth0="eth0 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255"
just now? I'm sure I had to change that, but I have a strange memory
So, the way the configuraton looks now, works perfectly for sharing my isdn connection with my laptop over wlan.
Desktop: isdn, eth0 -> wireless router / hub
Laptop: wlan0
So, what I'm saying anyway, is that your configuration works for me Thanks! -
Divide JscrollPane into 2 picure viewer with scroll bar
Hello to all, help me, i must divide a JScrollPane into 2 sub-windows in witch putting 2 different images.
The image that i put at left is loaded by a JFileChooser.
This is the code, my problem is into load_file() function.
Help me, thanks a lot.
Escuse me for my bad english.
package Crypto;
import java.awt.*;
import java.awt.event.*;
import java.awt.image.*;
import java.applet.*;
import java.net.*;
import javax.imageio.*;
import javax.swing.*;
import javax.swing.event.*;
import java.io.File.*;
import javax.swing.filechooser.FileFilter;
import java.io.*;
public class Crypto extends JFrame implements ActionListener {
private BufferedImage sorgente = null;
private BufferedImage shares = null;
private BufferedImage somma = null;
private JMenuBar mb;
private JMenu menu1;
private JMenu menu2;
private JMenu menu3;
private JButton go;
private JButton set_n;
private JButton set_k;
private JButton op;
private JButton schemi;
private JMenuItem item_01;
private JMenuItem item_02;
private JMenuItem item_03;
private JMenu item_04;
private JMenuItem item_04_a;
private JMenuItem item_04_b;
private JMenuItem item_05;
private JMenuItem item_06;
private JMenuItem item_07;
private JMenuItem item_08;
private BorderLayout layout = new BorderLayout();
private JToolBar tb = new JToolBar();
private int k = 2;
private int n = 4;
private String formato = "PNG";
private File original;
private File sovra_imp;
private Schema curr;
private ImageIcon ii = new ImageIcon();
private JScrollPane JSPanel;
private ScrollablePicture picture;
public Crypto() {
this.getContentPane().setLayout(layout);
this.getContentPane().add(BorderLayout.NORTH,tb);
JSPanel = new JScrollPane();
//JSPanel.setSize(150, 250);
this.getContentPane().add(BorderLayout.WEST, JSPanel);
mb = new JMenuBar();
mb.setAutoscrolls(true);
setJMenuBar(mb);
menu1= new JMenu("File");
mb.add(menu1);
item_01 = new JMenuItem("Apri file ...");
menu1.add(item_01);
item_02 = new JMenuItem("Quit ...");
menu1.add(item_02);
menu2= new JMenu("Impostazioni");
mb.add(menu2);
item_03 = new JMenuItem("Formato salvataggio shares");
menu2.add(item_03);
item_05 = new JMenuItem("Modifica numero partecipanti");
menu2.add(item_05);
item_06 = new JMenuItem("Imposta grado di visibilit�");
menu2.add(item_06);
item_04 = new JMenu("Schemi");
item_04_a = new JMenuItem ("Schema corrente");
item_04.add (item_04_a);
item_04_b = new JMenuItem("Modifica schema corrente");
item_04.add (item_04_b);
menu2.add(item_04);
menu3= new JMenu("Help");
mb.add(menu3);
item_07 = new JMenuItem("Guida");
menu3.add(item_07);
item_08 = new JMenuItem("About");
menu3.add(item_08);
op = new JButton ("Apri file ");
op.addActionListener(this);
tb.add(op);
go = new JButton("Crea shares");
go.addActionListener(this);
tb.add(go);
set_k = new JButton("Modifica visibilit� shares");
set_k.addActionListener(this);
tb.add(set_k);
set_n = new JButton("Modifica n. partecipanti");
set_n.addActionListener(this);
tb.add(set_n);
schemi = new JButton("Modifica schema corrente");
schemi.addActionListener(this);
tb.add(schemi);
item_01.addActionListener(this);
item_02.addActionListener(this);
item_03.addActionListener(this);
item_04_a.addActionListener(this);
item_04_b.addActionListener(this);
item_05.addActionListener(this);
item_06.addActionListener(this);
item_07.addActionListener(this);
item_08.addActionListener(this);
curr = Schema.carica_schema ("2-2-b-w");
this.setBounds(150, 150, 800, 500);
this.setDefaultCloseOperation(EXIT_ON_CLOSE);
this.setTitle("Crypto magic");
this.setVisible(true);
public void actionPerformed(java.awt.event.ActionEvent ae) {
Object source = ae.getSource();
Class sourceClass = source.getClass();
if (sourceClass.getName().equals("javax.swing.JMenuItem")){
JMenuItem ch = (JMenuItem) source;
if (ch == item_01){
load_file();
}else if (ch == item_02){
close_frame();
}else if (ch ==item_03){
scegli_formato();
}else if (ch == item_04_a){
schema_corrente();
}else if (ch == item_04_b){
cambia_schema();
}else if (ch == item_05){
set_n();
}else if (ch == item_06){
set_k();
}else if (ch == item_07){
guida();
}else about();
if (sourceClass.getName().equals("javax.swing.JButton")){
JButton jb = (JButton) source;
if (jb == go){
crea_shares();
}else if (jb == set_n){
set_n();
}else if (jb == op){
load_file();
}else if (jb == set_k){
set_k();
public void load_file() {
JFileChooser fc = new JFileChooser();
fc.setAcceptAllFileFilterUsed(false);
fc.setFileFilter(new ImageFilter());
int retval = fc.showOpenDialog(this);
try{
if (retval == JFileChooser.APPROVE_OPTION){
original = fc.getSelectedFile();
//String nome = original.getName();
sorgente = ImageIO.read (original);
ii.setImage(sorgente);
picture = new ScrollablePicture(ii, 1);
JSPanel = new JScrollPane(picture, JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED, JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
this.getContentPane().add(BorderLayout.WEST, JSPanel);
this.repaint();
}catch (Exception e){}
void close_frame(){
System.exit(0);
void scegli_formato(){
Impostazioni i = new Impostazioni(0);
void set_n(){
Impostazioni i = new Impostazioni(2);
void set_k (){
Impostazioni i = new Impostazioni(1);
Schema schema_corrente(){
return curr;
void cambia_schema(){}
void guida(){
void about(){
void crea_shares(){
public class Impostazioni extends JFrame implements ChangeListener{
JTabbedPane panel = new JTabbedPane();
Impostazioni(int i){
FSS c1 = new FSS();
SET_K c2 = new SET_K();
SET_N c3 = new SET_N();
panel.add("Formato shares", c1);
panel.add("Modifica K", c2);
panel.add("Modifica N", c3);
panel.addChangeListener(this);
if ( i == 0){
panel.setSelectedComponent(c1);
}else if ( i == 1){
panel.setSelectedComponent(c2);
}else if (i == 2){
panel.setSelectedComponent(c3);
getContentPane().add(panel);
this.setResizable(false);
this.setBounds(200, 200, 500, 300);
this.setTitle("Impostazioni");
this.setVisible(true);
public void stateChanged(ChangeEvent e) {
int pos = panel.getSelectedIndex();
String title = panel.getTitleAt(pos);
setTitle(title);
public class FSS extends JPanel implements ActionListener{
private JComboBox cb;
private JLabel et;
JLabel ico;
Icon i1 = new ImageIcon("C:/forte/sampledir/Crypto/JPGIcon.jpg");
Icon i2 = new ImageIcon("C:/forte/sampledir/Crypto/PNGIcon.jpg");
FSS(){
this.setLayout(new FlowLayout(FlowLayout.CENTER, 20, 30));
int i;
String item []= {"JPG", "PNG"};
for (i = 0; i < 1; i++)
if (item == formato) break;
String msg = "\n\n\n\n\nIl formato attualmente in uso � "+formato+"\n\n";
et = new JLabel(msg);
add(et);
JLabel et2 = new JLabel ("Modidica il formato di salvataggio delle shares ");
if (formato =="JPG"){
ico = new JLabel(i1);
}else {ico = new JLabel(i2);}
add (ico);
add (et2);
cb = new JComboBox(item);
cb.setSelectedIndex(i);
cb.addActionListener(this);
add(cb);
public void actionPerformed(java.awt.event.ActionEvent ae) {
JComboBox cb = (JComboBox)ae.getSource();
String selectedItem = (String)cb.getSelectedItem();
int ind = cb.getSelectedIndex();
formato = selectedItem;
et.setText("Il formato attualmente in uso � "+selectedItem);
if (formato == "PNG"){
ico.setIcon(i2);
}else{
ico.setIcon(i1);
public class SET_K extends JPanel implements ActionListener{
private JLabel et3;
SET_K(){
this.setLayout(new FlowLayout(FlowLayout.CENTER, 40, 40));
String msg = "Il valore attuale di k � "+k+"\n\n";
et3 = new JLabel(msg);
et3.setFont(new Font("Tim", Font.BOLD, 16 ));
add (et3);
JButton but2 = new JButton ("Modifica K");
add (but2);
but2.addActionListener(this);
public void actionPerformed(java.awt.event.ActionEvent ae) {
Object source = ae.getSource();
int value;
Class sourceClass = source.getClass();
if (sourceClass.getName().equals("javax.swing.JButton")){
Kappa kappa= new Kappa();
value = kappa.get_K();
if ((value > n) ||(value < 2)){
JOptionPane err = new JOptionPane();
String err_msg ="Errore, il valore di K deve essere un intero compreso tra 2 e " +n;
err.showMessageDialog(null,err_msg , "Errore", JOptionPane.ERROR_MESSAGE);
this.setVisible(false);
}else{
k = value;
JOptionPane ok_ = new JOptionPane();
ok_.showMessageDialog(null, "Modifica effettuata con successo. ");
et3.setText("Il valore attuale di K � " +value);
this.setVisible(false);
public class SET_N extends JPanel implements ActionListener{
private JLabel et4;
SET_N(){
this.setLayout(new FlowLayout(FlowLayout.CENTER, 40, 40));
String msg = "Il valore attuale di n � "+n+"\n\n";
et4 = new JLabel(msg);
et4.setFont(new Font("Tim", Font.BOLD, 16 ));
add (et4);
JButton but3 = new JButton ("Modifica N");
add (but3);
but3.addActionListener(this);
public void actionPerformed(java.awt.event.ActionEvent ae) {
Object source = ae.getSource();
int value;
Class sourceClass = source.getClass();
if (sourceClass.getName().equals("javax.swing.JButton")){
Kappa kappa= new Kappa();
value = kappa.get_K();
if (value < k){
JOptionPane err = new JOptionPane();
String err_msg ="Errore, il valore di N deve essere un intero superiore o uguale a " +k;
err.showMessageDialog(null,err_msg , "Errore", JOptionPane.ERROR_MESSAGE);
this.setVisible(false);
}else{
n = value;
JOptionPane ok_ = new JOptionPane();
ok_.showMessageDialog(null, "Modifica effettuata con successo. ");
et4.setText("Il valore attuale di N � " +value);
this.setVisible(false);
public int salva_schema(Schema s){
String nome = s.get_name();
nome = nome + ".ctm";
try{
FileOutputStream fos = new FileOutputStream (nome);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(s);
oos.close();
return 1;
catch (Exception ioe){
return -1;
public Schema leggi_schema (String nome){
try{
nome = nome + ".ctm";
FileInputStream fis = new FileInputStream (nome);
ObjectInputStream ois = new ObjectInputStream(fis);
Schema salvato = (Schema)(ois.readObject());
ois.close();
return salvato;
catch (Exception ioe){
return null;
public static void main(String args[]){
try {
UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
} catch (Exception e) { }
JFrame f = new Crypto();
f.setVisible(true);
package Crypto;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import javax.swing.border.*;
/* ScrollablePicture.java is used by ScrollDemo.java. */
public class ScrollablePicture extends JLabel
implements Scrollable,
MouseMotionListener {
private int maxUnitIncrement = 1;
private boolean missingPicture = false;
public ScrollablePicture(ImageIcon i, int m) {
super(i);
if (i == null) {
missingPicture = true;
setText("No picture found.");
setHorizontalAlignment(CENTER);
setOpaque(true);
setBackground(Color.white);
maxUnitIncrement = m;
//Let the user scroll by dragging to outside the window.
setAutoscrolls(true); //enable synthetic drag events
addMouseMotionListener(this); //handle mouse drags
//Methods required by the MouseMotionListener interface:
public void mouseMoved(MouseEvent e) { }
public void mouseDragged(MouseEvent e) {
//The user is dragging us, so scroll!
Rectangle r = new Rectangle(e.getX(), e.getY(), 1, 1);
scrollRectToVisible(r);
public Dimension getPreferredSize() {
if (missingPicture) {
return new Dimension(320, 480);
} else {
return super.getPreferredSize();
public Dimension getPreferredScrollableViewportSize() {
return getPreferredSize();
public int getScrollableUnitIncrement(Rectangle visibleRect,
int orientation,
int direction) {
//Get the current position.
int currentPosition = 0;
if (orientation == SwingConstants.HORIZONTAL) {
currentPosition = visibleRect.x;
} else {
currentPosition = visibleRect.y;
//Return the number of pixels between currentPosition
//and the nearest tick mark in the indicated direction.
if (direction < 0) {
int newPosition = currentPosition -
(currentPosition / maxUnitIncrement)
* maxUnitIncrement;
return (newPosition == 0) ? maxUnitIncrement : newPosition;
} else {
return ((currentPosition / maxUnitIncrement) + 1)
* maxUnitIncrement
- currentPosition;
public int getScrollableBlockIncrement(Rectangle visibleRect,
int orientation,
int direction) {
if (orientation == SwingConstants.HORIZONTAL) {
return visibleRect.width - maxUnitIncrement;
} else {
return visibleRect.height - maxUnitIncrement;
public boolean getScrollableTracksViewportWidth() {
return false;
public boolean getScrollableTracksViewportHeight() {
return false;
public void setMaxUnitIncrement(int pixels) {
maxUnitIncrement = pixels;Instead of "new ImageFilter()", use this file filter:
public static javax.swing.filechooser.FileFilter SOLOMENTE_JPG_GIF_PNG=
new javax.swing.filechooser.FileFilter(){
public String getDescription(){
return "jpg, gif, o png";
public boolean accept(java.io.File file){
String n= file.getName();
return n.endsWith(".jpg") || n.endsWith(".gif") || n.endsWith(".png");
public void load_file() {
JFileChooser fc = new JFileChooser();
fc.setAcceptAllFileFilterUsed(false);
fc.setFileFilter(SOLOMENTE_JPG_GIF_PNG); // <-- NUEVO
int retval = fc.showOpenDialog(this);
try{
if (retval == JFileChooser.APPROVE_OPTION){
original = fc.getSelectedFile();
//String nome = original.getName();
sorgente = ImageIO.read(original);
ii.setImage(sorgente);
picture = new ScrollablePicture(ii, 1);
JSPanel = new JScrollPane(picture, JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED, JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
this.getContentPane().add(BorderLayout.WEST, JSPanel);
this.repaint();
}catch (Exception e){} -
Creating a Business Service for Start/Stop Application Service in CCB 2.3.1
Hi,
I'm in the process of creating a BPA script that invokes a Business Service to perform a Start/Stop for a given Account ID/Premise ID combination. The Business Service is using the base Application Service: Start Stop (CILCSSEP). I am moving the Account ID and Premise ID, along with the start date and requested by fields to the data area of the Business Service, prior to invoking it. When I invoke the Business Service via the BPA script, it throws the below error message... I'm at a loss because the BILL_ADDR_SRCE_FLG is being set to a default of "PREM" on the Business Service Schema:
A Bill Address Source is required on the address override record. Please enter a valid value.
One of these two is true:
1) The Bill Route Type on this record has a Bill Routing Method of 'Postall', or
2) The main customer on the Account has a Quote Route Type with a Quote Routing Method of 'Postal'.
In either case, the Bill Address Source must be populated with a valid value.
If you need support please supply the following info to system support:
Message number: 3, 59204
Business Service: CMSTARTSERVICE
Application Service: CILCSSEP
Schema:
<schema pageAction="fastChange">
<accountId mapField="ACCT_ID"/>
<df mapField="DEFAULT_FOR_FLG"/>
<startDate mapField="STRT_START_DT"/>
<startOption mapField="STRT_TYPE_FLG"/>
<premiseId mapField="STRT_PREM_ID"/>
<premAddress mapField="ADDRESS1"/>
<premCity mapField="CITY"/>
<startCisDiv mapField="STRT_CIS_DIVISION"/>
<startReqBy mapField="STRT_STRT_REQ_BY"/>
<bldStrtSaSw mapField="BUILD_START_SA_SW" default="true"/>
<accountIdtwo mapField="ACCT_ID2"/>
<mainCustPerId mapField="MAIN_CUST_PER_ID"/>
<billFrmtFlg mapField="BILL_RTE_TYPE_CD" default="POSTAL" private="true"/>
<billAddrSrcFlg mapField="BILL_ADDR_SRCE_FLG" default="PREM"/>
<billAddrSrcFlg2 mapField="BILL_ADDR_SRCE_FLG2" default="PREM"/>
<startStopTelephoneOverride type="list" mapList="OVRD_PHONE">
<accountId mapField="ACCT_ID"/>
<sequence mapField="SEQ_NUM"/>
<phoneType mapField="PHONE_TYPE_CD"/>
<internationalPrefix mapField="COUNTRY_CODE"/>
<phone mapField="PHONE"/>
<extension mapField="EXTENSION"/>
<version mapField="VERSION"/>
</startStopTelephoneOverride>
<startBtn mapField="ACTION_START_SW" default="true" private="true"/>
</schema>
I'm running CC&B 2.3.1 - Any help in pointing me in the right direction to get this working would be greatly appreciated, Thanks!
Regards,
JackHi,
Can you try and do this transaction online and see if the error occurs as well? If so run it with traces on and check for the details just before the error is thrown. ( you can also switch on debug via the service call, but it may be easier to debug when doing this online. ) I am predicting this error will occur also when you do it online.
When you are using an Account with its main Person set up with BILL_ADDR_SRC_FLG as PREM you will need a valide PREM_ID on the CI_ACCT record for MAILING_PREM_ID and the premise needs to have a switch set to YES indicating it is a Mailing Address type Premise.
Good luck
Arjen -
Creating NAT for multiple subnets
Hello I want to create a 1 NAT for 5 sub networks on a windows 2008 machine the sub networks are; 192.168.224.0/27 192.168.224.32/27 192.168.224.64/27 192.168.224.96/27 192.168.224.128/27 I intend to have a server on the 192.168.224.0/27 sub network. After
installing 2 network cards on the server, 1 for the private addressing scheme and 1 for the external network address and installing RRAS I am wondering how nodes on the other sub networks will find their way out to the external network, will RRAS take care
of that? or is it not possible to have only 1 NAT for several sub networks?It is possible, but I would think that you would need six NICs in the server - one for the public connection and one for each private subnet.
It sounds as if you want to implement VLANs. If you do, RRAS does not so that.
Bill -
Validation error when using a cutsomer converter
Hey i'm trying to use a customer converter to convert between an object and a string, i can get it to display but when i submit my form i get the error Validation Error: Value is not valid.
Here is my jsp code
<h:selectManyCheckbox value="#{AddModuleBean.selectedSchemes}" converter="schemeConverter" id="scheme" >
<f:selectItems value="#{AddModuleBean.schemeList}" id="schemeList" />
</h:selectManyCheckbox>Maybe you just did something incredibly wrong. If I copy my "Objects in selectOneMenu" example and make small changes to your needs accordingly (Foo --> Scheme, selectOneMenu --> selectManyCheckbox and Foo selectedItem --> List<Scheme> selectedItems), then it just works flawlessly.
Here it is:
JSF<%@taglib uri="http://java.sun.com/jsf/core" prefix="f" %>
<%@taglib uri="http://java.sun.com/jsf/html" prefix="h" %>
<f:view>
<html>
<head><title>Test</title></head>
<body>
<h:form>
<h:selectManyCheckbox value="#{myBean.selectedItems}">
<f:selectItems value="#{myBean.selectItems}" />
<f:converter converterId="schemeConverter" />
</h:selectManyCheckbox>
<h:commandButton value="Submit" action="#{myBean.action}" />
<h:messages />
</h:form>
</body>
</html>
</f:view>MyBeanpackage mypackage;
import java.util.ArrayList;
import java.util.List;
import javax.faces.model.SelectItem;
public class MyBean {
// Init ---------------------------------------------------------------------------------------
private static SchemeDAO schemeDAO = new SchemeDAO();
private List<SelectItem> selectItems;
private List<Scheme> selectedItems;
fillSelectItems();
// Actions ------------------------------------------------------------------------------------
public void action() {
System.out.println("Selected Scheme items: " + selectedItems);
// Getters ------------------------------------------------------------------------------------
public List<SelectItem> getSelectItems() {
return selectItems;
public List<Scheme> getSelectedItems() {
return selectedItems;
// Setters ------------------------------------------------------------------------------------
public void setSelectedItems(List<Scheme> selectedItems) {
this.selectedItems = selectedItems;
// Helpers ------------------------------------------------------------------------------------
private void fillSelectItems() {
selectItems = new ArrayList<SelectItem>();
for (Scheme scheme : schemeDAO.list()) {
selectItems.add(new SelectItem(scheme, scheme.getName()));
}Schemepackage mypackage;
public class Scheme {
// Init ---------------------------------------------------------------------------------------
private String name;
// Constructors -------------------------------------------------------------------------------
public Scheme() {
// Default constructor, keep alive.
public Scheme(String name) {
this.name = name;
// Getters ------------------------------------------------------------------------------------
public String getName() {
return name;
// Setters ------------------------------------------------------------------------------------
public void setName(String name) {
this.name = name;
// Helpers ------------------------------------------------------------------------------------
public String toString() {
// Override Object#toString() so that it returns a human readable String representation.
// It is not required by the Converter or so, it just pleases the reading in the logs.
return "Scheme[" + name + "]";
}SchemeDAOpackage mypackage;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
public class SchemeDAO {
// Init ---------------------------------------------------------------------------------------
private static Map<String, Scheme> schemeMap;
static {
loadSchemeMap(); // Preload the fake database.
// Actions ------------------------------------------------------------------------------------
public Scheme load(String name) {
return schemeMap.get(name);
public List<Scheme> list() {
return new ArrayList<Scheme>(schemeMap.values());
public Map<String, Scheme> map() {
return schemeMap;
// Helpers ------------------------------------------------------------------------------------
private static void loadSchemeMap() {
// This is just a fake database. We're using LinkedHashMap as it maintains the ordering.
schemeMap = new LinkedHashMap<String, Scheme>();
schemeMap.put("schemeName1", new Scheme("schemeName1"));
schemeMap.put("schemeName2", new Scheme("schemeName2"));
schemeMap.put("schemeName3", new Scheme("schemeName3"));
}SchemeConverterpackage mypackage;
import javax.faces.component.UIComponent;
import javax.faces.context.FacesContext;
import javax.faces.convert.Converter;
public class SchemeConverter implements Converter {
// Init ---------------------------------------------------------------------------------------
private static SchemeDAO schemeDAO = new SchemeDAO();
// Actions ------------------------------------------------------------------------------------
public Object getAsObject(FacesContext context, UIComponent component, String value) {
// Convert the unique String representation of Scheme to the actual Scheme object.
return schemeDAO.load(value);
public String getAsString(FacesContext context, UIComponent component, Object value) {
// Convert the Scheme object to its unique String representation.
return ((Scheme) value).getName();
}faces-config.xml<?xml version="1.0" encoding="UTF-8"?>
<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd"
version="1.2">
<converter>
<converter-id>schemeConverter</converter-id>
<converter-class>mypackage.SchemeConverter</converter-class>
</converter>
<managed-bean>
<managed-bean-name>myBean</managed-bean-name>
<managed-bean-class>mypackage.MyBean</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
</managed-bean>
</faces-config> -
Hello all,
2 NW 6 - 10.69.0.1 & 10.69.0.3
1 OES (NW) - 10.69.0.2
1 Windows 2000
1 Windows 2003
Yesterday my Netware & OES servers started broadcasting traffic on UDP port
427 to 10.0.0.34 port 1025. 10.0.0.34 is an invalid address. I can't find
any configuration changes that occurred before they started this
broadcasting. It's creating quite a bit of traffic and I would like to shut
it down.
SLP hasn't been configured on this network for 6 years and it has been
working fine. Does anyone have any idea what could be causing this?
Daniel Blake
Milford Central SchoolWe thought so too. I was wondering if some sort of communication loop could
have been started and when the filter was put in place it broke the loop.
Here is another piece of the puzzle. When I pinged the 10.0.0.34 address
the reply I got was a NATED 192.168. address. I thought it was quite that
one private IP scheme was NATing to another private IP range. Then I
thought someone might have brought in a Linksys or D-link router to try and
get around our policies. A BoarderManager tech from BOCES told me he had
seen this kind of behavior from the firewall sometimes when it got
unexpected traffic.
I don't think it could be a rouge router seeing as the traffic didn't start
right back up when I removed the filter.
Daniel Blake
Milford Central School
>>> Edison Ortiz<[email protected]> 12/5/2006 4:51 PM >>>
On 12/5/2006 Daniel Blake wrote:
> I removed the
> filter after a few minutes and that traffic didn't show back up.
Interesting ....
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !) -
Hello,
I have the following goals of implementing my 877w:
1) Two vlans, one for wired, one for wireless.
2) DHCP giving IP leases for both vlans, using a pool for each vlan.
3) Allowing the clients of both vlans to access the internet through my adsl modem.
I worked for over 8 hours during the past two days, repeating all gui setup on cli. I reached a point where I can't verify what I did correctly and what I didn't.
Someone please, recalibrate me. This is all self effort, I'm a college student trying to learn (experiance), never got into cisco wireless or ccnp. Just basic ccna. I'm kind of, loosing out.
Here is my config:
Current configuration : 1957 bytes
! Last configuration change at 12:35:40 UTC Sun Apr 8 2007
! NVRAM config last updated at 11:21:19 UTC Sun Apr 8 2007
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 877w
boot-start-marker
boot-end-marker
no logging console
enable secret xxx
no aaa new-model
resource policy
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp pool wireless.AlKhaldi.net
network 10.99.99.64 255.255.255.192
domain-name wireless.AlKhaldi.net
dns-server 212.77.192.59
lease infinite
ip dhcp pool Wired
network 10.99.99.192 255.255.255.192
dns-server 212.77.192.59
domain-name wired.AlKhaldi.net
lease infinite
shutdown vlan 2
shutdown vlan 12
bridge irb
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface Dot11Radio0
no ip address
broadcast-key vlan 1 change 45
encryption vlan 1 mode ciphers tkip
encryption vlan 2 mode ciphers tkip
ssid Alkhaldi.net
vlan 1
authentication open
authentication shared
guest-mode
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
rts threshold 2312
station-role root
interface Vlan1
no ip address
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
interface Vlan2
no ip address
interface BVI1
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
shutdown
ip classless
no ip http server
no ip http secure-server
control-plane
bridge 1 protocol ieee
bridge 1 route ip
line con 0
exec-timeout 0 0
timeout login response 300
logging synchronous
no modem enable
line aux 0
line vty 0 4
scheduler max-task-time 5000
end
Thanks in advanceOk... config looks good so far. I'll go out on a limb and see if I can help. It appears as though you have the right idea... but you never fully configured NAT. The only NAT statement I see is on your BVI interface. You need to set you NAT perimeters... your outside should be your DSL interface. Then you have to build a PAT pool for which clients can be translated. Why? You have configured your internal clients on private address schemes (10.x.x.x). In order for these clients to be Internet routable, you must translate these addresses to the public address of the DSL interface. This happens on most home-based routers without any configuration, but is required for Cisco's to work in an Internet environment. Lots of examples available for this... check out here: http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml
Anymore questions let use know. Hope this helped!
-Mike
http://cs-mars.blogspot.com -
Hi,
I have an ASA5510 running version 8.2(5). I have set up a new network on interface Ethernet0/1.777 of the fwl. The firewall works perfectly with remote access VPNs but has now given me the error with the new network that has been set up:
%ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.159.159.3/49204 dst tru777:10.1.34.19/3389 denied due to NAT reverse path failure
The difference between the other networks and the new one that I have set up is that this is the first one using a private addressing scheme. I understand that NAT is not allowing something along the way but I cant figure out what needs to change in order to get it to work. My config is as follows:
interface Ethernet0/1.777
description TRU 777
vlan 777
nameif tru777
security-level 50
ip address 10.1.34.17 255.255.255.240 standby 10.1.34.18
access-list acl_tru777 remark * ALLOW ALL OUTBOUND *
access-list acl_tru777 extended permit ip any any
access-list RA-VPN extended permit ip 10.1.34.16 255.255.255.240 10.159.159.0 255.255.255.0
access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 10.0.0.0 255.0.0.0
access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 172.16.0.0 255.240.0.0
access-list acl_no-nat extended permit ip 10.1.34.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list acl_ra-lock-tru777 extended permit ip 10.1.34.16 255.255.255.240 10.159.159.0 255.255.255.0
access-list acl_ra-lock-tru777 extended permit ip 10.159.159.0 255.255.255.0 10.1.34.16 255.255.255.240
ip local pool ra-pool 10.159.159.0-10.159.159.254 mask 255.255.255.0
nat (tru777) 4 access-list acl_no-nat
nat (tru777) 2 10.1.34.16 255.255.255.240
global (outside) 2 x.x.x.x
crypto isakmp nat-traversal 20
I think that is everything you should need, if not please just ask.
Thank you very much in advance,
ChrisHi Julio,
Here you go:
FWL01# sh nameif
Interface Name Security
Ethernet0/0 outside 0
Ethernet0/1 CLIENTS 50
Ethernet0/1.314 tru01 50
Ethernet0/1.313 dmz01 50
Ethernet0/1.316 tru02 50
Ethernet0/1.776 dmz776 50
Ethernet0/1.777 tru777 50
Management0/0 management 100
FWL01# sh run nat
nat (tru02) 1 192.168.3.0 255.255.255.240
nat (tru777) 4 access-list acl_no-nat
nat (tru777) 2 10.1.34.16 255.255.255.240
FWL01# sh run glob
global (outside) 1 interface
global (outside) 2 x.x.x.x
Thanks,
Chris -
please bear with me. I have lost afew too many hairs over this code. Here is the sqlj file I am using in the jdeveloper 3.2.
===========================================
package ReviwerPkg;
import sqlj.runtime.*;
import sqlj.runtime.ref.*;
import java.sql.*;
import java.util.ArrayList;
* A Sqlj class.
* <P>
* @author Natural Resources
public class DBInsertclsBean {
private String relaID = null; // relationship ID
private String busPrtyID= null; // business Party ID
// Method to set the relaID property
public synchronized void setrelaID(String relaID) {
this.relaID = relaID;
// Method to set the busPrtyID property
public synchronized void setbusPrtyID(String busPrtyID) {
this.busPrtyID = busPrtyID;
public DefaultContext fctx = null; // database connection context
//-- Pre defgined FPARScontext in the tab ---
// Method to process the submitted classfications
public synchronized String processClassfications (String sAllFlg, ArrayList classfication) {
sAllFlg = sAllFlg == null?"N":sAllFlg;
if (((classfication == null) | | (classfication.size() == 0))&&((sAllFlg == "")| |(sAllFlg == "N"))) {
return ("No classfication items to insert!");
try {
// Connect to the database
fctx = oracle.sqlj.runtime.Oracle.getConnection("jdbc:oracle:thin:@146.76.1.19:1521:devl", "pgat490", "pgat490");
//fctx = oracle.sqlj.runtime.Oracle.getConnection("jdbc:oracle:oci8:@", "pgat490", "pgat490");
// Insert the classfications into database
//------------------------------------------------------debug 1/31/2001----
//set default connection to url, user, password specified in the
//connection.properties file.
//Oracle.connect(FPARSconnection.class, "connect.properties");
//Connection conn = DefaultContext.getDefaultContext().getConnection();
DBInsert(sAllFlg,classfication);
//DBInsert(sAllFlg,classfication,conn);
// No errors occurred!
return ("Classfications processed successfully!");
} catch (SQLException e) {
String str = new String();
str = e.getMessage();
return ("SQL Error:" + e.getMessage());
} finally {
try {
// Disconnect from the database
fctx.close();
} catch (SQLException e) {}
// DBInsert expects a 'Y' or 'N' value for sAllFlg, with 'Y' signifying selection -
private void DBInsert(String sAllFlg, ArrayList classfication) throws SQLException {
//private void DBInsert(String sAllFlg, ArrayList classfication, Connection conn) throws SQLException {
//Statement stmt = conn.createStatement();
//String sqry = new String();
if (sAllFlg.equals("Y")) { //process the all selection.
//sqry = "DELETE fprevr_fp_class WHERE bus_prty_rela_id = " + relaID;
//stmt.executeUpdate(sqry);
// First, delete all entries in the class relation ship table
#sql [fctx] { DELETE fprevr_fp_class
WHERE bus_prty_rela_id = parseLong(:relaID) };
//--- WHERE bus_prty_rela_id = 400 };
//sqry = "UPDATE bus_prty_rela SET fprevw_all_class_flg = '" + sAllFlg + "' ";
//sqry = sqry + " WHERE bus_prty_id = " + busPrtyID + " and bus_prty_rela_id = " + relaID;
//stmt.executeUpdate(sqry);
// Next, update the BUS_PRTY_RELA table. Set the all flag
#sql [fctx] { UPDATE bus_prty_rela
SET fprevw_all_class_flg = ':sAllFlg'
WHERE bus_prty_id = parseLong(:busPrtyID) and bus_prty_rela_id = parseLong(:relaID) };
//--- SET fprevw_all_class_flg = 'Y'
//--- WHERE bus_prty_id = 183 and bus_prty_rela_id = 400 };
#sql [fctx] { COMMIT };
} else { //process the individual class codes
//sqry = "DELETE FROM fprevr_fp_class WHERE bus_prty_rela_id = " + relaID;
//stmt.executeUpdate(sqry);
// First, delete all entries in the class relation ship table
#sql [fctx] { DELETE FROM fprevr_fp_class
WHERE bus_prty_rela_id = parseLong(:relaID) };
//sqry = "UPDATE bus_prty_rela SET fprevw_all_class_flg = '" + sAllFlg + "' ";
//sqry = sqry + "WHERE bus_prty_id = " + busPrtyID + " and bus_prty_rela_id =" + relaID;
//stmt.executeUpdate(sqry);
// Next, update the BUS_PRTY_RELA table. Set the all flag
#sql [fctx] { UPDATE bus_prty_rela
SET fprevw_all_class_flg = ':sAllFlg'
WHERE bus_prty_id = parseLong(:busPrtyID) and bus_prty_rela_id = parseLong(:relaID) };
// Now, insert each line items from the submitted classfication
for (int i = 0; i < classfication.size(); i++) {
//sqry = "INSERT INTO fprevr_fp_class( bus_prty_rela_id,fp_cl_ty_cd ) VALUES (";
//sqry = sqry + relaID + ",'" + classfication.get(i) + "') ";
//stmt.executeUpdate(sqry);
#sql [fctx] { INSERT INTO fprevr_fp_class
( bus_prty_rela_id,fp_cl_ty_cd )
VALUES (parseLong(:relaID),':(classfication.get(i))') };
#sql [fctx] { COMMIT };
} //end else
} //end DBInsert
=======================================
Now here is the jsp file that calls this as a bean.
========================================
<%@ page language="java" import="java.util.ArrayList" session="true" autoFlush="true" isThreadSafe="true" contentType="text/html; charset=ISO-8859-1" isErrorPage="false" %>
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=WINDOWS-1252">
<META NAME="GENERATOR" CONTENT="Oracle JDeveloper">
<TITLE>
<jsp:useBean class="ReviwerPkg.DBInsertclsBean" id="dbInsert" scope="page" ></jsp:useBean>
</TITLE>
</HEAD>
<BODY>
DBupdcls.jsp : Attempting to update the database........<BR>
<%
String sbusPrtyID = request.getParameter("ReviewerID"); //busPrtyID
String srelaID = request.getParameter("hidBusPrtyRelaID"); //relaID
//special handling for the possible array of values returned for selected classes
String[] sArrClassCodes = request.getParameterValues("chkcls"); //delimited list of selected class codes.
String sAllclsCD = request.getParameter("chkAllcls"); //all class codes flag.
ArrayList arL = new ArrayList();
if (sArrClassCodes != null) {
if (sArrClassCodes.length > 0 ) { //don't process loop unless we have something.
for (int i = 0; i < sArrClassCodes.length; i++) {
arL.add(sArrClassCodes); //add all strings to the array list.
%>
<jsp:setProperty name="dbInsert" property="busPrtyID" value="<%=sbusPrtyID%>" />
<jsp:setProperty name="dbInsert" property="relaID" value="<%=srelaID%>" />
<%= dbInsert.processClassfications(sAllclsCD,arL) %>
<H2>The following output is from JSP code:</H2><P><% out.println("Hello World"); %></P>
</BODY>
</HTML>
==========================================
I keep getting the following error from sqlj file. : SQL Error:ORA-00904: invalid column name . Actually all the tables and columns exist. I use sql plus, same connection, and everything is fine. As you can see in the sqlj file, I have tried everything including JDBC. It simply wont work. I use the same connection for BC4J, it works. The connection works in SQLJ too, but My co-workers and I can't figure why it doesn't work. We have looked at the Oracle samples without luck. Can someone tell us what to do with this? It would be greatly appretiated.Hi Guys, isn't this frustrating? Anyway, I gave up on that issue and decided to create a bean to replace that SQLJ code. Strange as it may sound, the bean didn't work either. Another developer suggested rebooting the machine, and voila; The bean works without a hitch. I still have no clue why SQLJ didn't work. Here is the bean implimentation.
============================================
package ReviwerPkg;
import javax.ejb.*;
import java.util.*;
import java.sql.*;
public class DBinsertClsEJBBean implements SessionBean{
private String relaID;
private String busPrtyID;
private String usrNM;
private String password;
private String schema;
private String conURL;
private Connection conn;
public DBinsertClsEJBBean() {
public void ejbCreate() throws CreateException {
// TODO: Add custom implementation.
public void ejbActivate() {
public void ejbPassivate() {
public void ejbRemove() {
public void setSessionContext(SessionContext ctx) {
public String getrelaID() {
return relaID;
public synchronized void setrelaID(String newRelaID) {
relaID = newRelaID;
public String getbusPrtyID() {
return busPrtyID;
public synchronized void setbusPrtyID(String newBusPrtyID) {
busPrtyID = newBusPrtyID;
public void setUsrNM(String newUsrNM) {
usrNM = newUsrNM;
public void setPassword(String newPassword) {
password = newPassword;
public String getSchema() {
return schema;
public void setSchema(String newSchema) {
schema = newSchema;
public String getConURL() {
return conURL;
public void setConURL(String newConURL) {
conURL = newConURL;
public void setConn(Connection newConn) {
conn = newConn;
public synchronized String processClassfications(String sAllFlg, ArrayList classfication) {
sAllFlg = sAllFlg == null?"N":sAllFlg;
if (((classfication == null) | | (classfication.size() == 0))&&((sAllFlg == "")| |(sAllFlg == "N"))) {
return ("No classfication items to insert!");
try {
// Connect to the database
DBInsert(sAllFlg,classfication);
// No errors occurred!
return ("Classfications processed successfully!");
} catch (SQLException e) {
String str = new String();
str = e.getMessage();
return ("SQL Error:" + e.getMessage());
} finally {
try {
// Disconnect from the database
conn.close();
} catch (Exception e) {}
private void DBInsert(String sAllFlg, ArrayList classfication) throws SQLException {
Statement stmt = conn.createStatement();
String sqry = new String();
if (sAllFlg.equals("Y")) { //process the all selection.
// First, delete all entries in the class relation ship table
sqry = "DELETE FROM fprevr_fp_class WHERE bus_prty_rela_id = " + relaID;
stmt.executeUpdate(sqry);
// Next, update the BUS_PRTY_RELA table. Set the all flag
sqry = "UPDATE bus_prty_rela SET fprevw_all_class_flg = '" + sAllFlg + "' ";
sqry = sqry + " WHERE bus_prty_id = " + busPrtyID + " and bus_prty_rela_id = " + relaID;
stmt.executeUpdate(sqry);
} else { //process the individual class codes
// First, delete all entries in the class relation ship table
sqry = "DELETE FROM fprevr_fp_class WHERE bus_prty_rela_id = " + relaID;
stmt.executeUpdate(sqry);
// Next, update the BUS_PRTY_RELA table. Set the all flag
sqry = "UPDATE bus_prty_rela SET fprevw_all_class_flg = '" + sAllFlg + "' ";
sqry = sqry + "WHERE bus_prty_id = " + busPrtyID + " and bus_prty_rela_id =" + relaID;
stmt.executeUpdate(sqry);
// Now, insert each line items from the submitted classfication
for (int i = 0; i < classfication.size(); i++) {
sqry = "INSERT INTO fprevr_fp_class( bus_prty_rela_id,fp_cl_ty_cd ) VALUES (";
sqry = sqry + relaID + ",'" + classfication.get(i) + "') ";
stmt.executeUpdate(sqry);
} //end else
=============================================
here is the call from JSP.
=============================================
<%@ page language="java" import="java.util.ArrayList, java.sql.*, oracle.jdbc.driver.* " errorPage="errorpage.jsp" session="true" autoFlush="true" isThreadSafe="true" contentType="text/html; charset=ISO-8859-1" isErrorPage="false" %>
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=WINDOWS-1252">
<META NAME="GENERATOR" CONTENT="Oracle JDeveloper">
<TITLE>
<jsp:useBean class="ReviwerPkg.DBinsertClsEJBBean" id="dbInsert" scope="page" ></jsp:useBean>
</TITLE>
</HEAD>
<BODY>
<span><STRONG><FONT size=12 color=#008000>Posting changes to the database .......</FONT> </STRONG></span><BR><p>
<%
String sbusPrtyID = request.getParameter("ReviewerID"); //busPrtyID
String srelaID = request.getParameter("hidBusPrtyRelaID"); //relaID
//special handling for the possible array of values returned for selected classes
String[] sArrClassCodes = request.getParameterValues("chkcls"); //delimited list of selected class codes.
String sAllclsCD = request.getParameter("chkAllcls"); //all class codes flag.
ArrayList arL = new ArrayList();
if (sArrClassCodes != null) {
if (sArrClassCodes.length > 0 ) { //don't process loop unless we have something.
for (int i = 0; i < sArrClassCodes.length; i++) {
arL.add(sArrClassCodes); //add all strings to the array list.
//create a jdbc connection for use with the EJB
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
//open a connection for the thin driver
Connection conn = DriverManager.getConnection("jdbc:oracle:thin:@146.76.1.19:1521:devl", "pgat490", "pgat490");
%>
<jsp:setProperty name="dbInsert" property="busPrtyID" value="<%=sbusPrtyID%>" />
<jsp:setProperty name="dbInsert" property="relaID" value="<%=srelaID%>" />
<jsp:setProperty name="dbInsert" property="Conn" value="<%=conn%>" />
<span><STRONG><FONT size=12 color=#008000>
<%= dbInsert.processClassfications(sAllclsCD,arL) %>
</FONT></STRONG></span>
</BODY>
</HTML>
=============================================
Here is the same connection but done the way the documentation shows. IT DOESN'T WORK. Compare that to the one above.
String myhost = "146.76.1.19";
Connection conn = DriverManager.getConnection("jdbc:oracle:thin:@(description=(address=(host=myhost)(protocol=tcp)(port=1521))(connect_data=(sid=devl)))", "pgat490", "pgat490");
If you ask me, I suspect that the second syntax won't register the driver. Anyone know why it doesn't work? I still have a lot of unanswered questions eg the SQLJ ones. So simple yet a bear to get working. I am worn out from having to discover everything by trial and error. I know Java but this tool is something else. -
The public interface of my content switch is mapped to a vlan with public addresses. My servers are on a diffent VLAN --> private address schema. On the VLAN where i define my VIP addresses i also have an intrusion detection system installed. We often see packets on the sniffer that have a private address, this should not be happening. The content switch should only forward packets with an ip = to the VIP and not the actual ip of the server.
It looks like to content switch often doesn't do nat to the vip address.
Can anybody help me on the problem.the packet that you see is most probably a FIN.
When the client closes the connection, the CSS keeps it open a few more sec to allow the FIN from the server to go through nated.
But if the FIN comes later, it will be forwarded un-nated.
This is well-known.
There is no way to prevent this.
Gilles. -
Issues with one of the 2 ISP links
Hi,
My tmg 2010 always had 2 ISP links and it worked ok with load balance (no issues at all). Recently I got another ISP link and changed with one of the previous working ones.
Since then, the internet navigation seemed to work very well.. but some applications related to office 365 (lync and outlook) does not connect when the traffic is routed through this new ISP. The apps work with the first link but not with this new one. Without
TMG, the apps do work on this new link!
What can cause this?
thanks.Hi, thanks for the reply.
Yes, I removed the other ISP cable and the internet works well on this new link, except for some applications like lync and outlook (office 365).
During TMG live log, there is no denied packets. I tried rebooting the firewall machine but still no success.
things I tried without success with this new link:
- change the NIC.
- put a router between the link and the firewall and assign a private IP schema (our other link is routed to a private address. This new one is given directly at the interface).
- create an excpetion to allow all traffic from a testing machine.
Our l2tp/ipsec vpn (that always worked on both links) does not connect too on this new link.
That does not make sense at all. -
Public Pool, 2 ASAs, Static NAT ...
I am looking for help on a mixture of Routing and Switching and Firewalling ...
So I have a router connected to the ISP ... the router is also connected to a switch. Into that switch I have pugged two ASAs. A 5505 and 5520.
I was given a /27 (255.255.255.224), 30 address block from the ISP. Let's say the last octet of the router is .1, the ASA#1 is .2, and ASA #2 is .3.
Now I wan't to use the rest of the addresses for Static NAT (the IP addresses are publically registered to their own domain names).
Can I use any of the rest of the addresses .4 through .30, on either ASA in Static NAT (1 to 1 translation)? Possibly even move them back and forth between ASAs?
How does the router know which as ASA it needs to forward the packet to if it is destined for .12 for example? Does the ASA send out an ARP message for each of its static addresses that it is using? They packets aren't broadcast to the subnet, are they?
Or is this a Layer 3 problem. Do I have to segment my /27 into two /28's on my router (requiring an additional interface and use of another IP address)?
I was trying to debate if I could possibly model this in GNS3.
PS the reason for doing this is for dissaster recovery, moving servers between racks without changing IP address scheme (the private addressing scheme behind each ASA is identical), etc.
Thanks so much for the help,
Matt
CCNP, CCDP, CCIP, ASA SpecialistCan I use any of the rest of the addresses .4 through .30, on either ASA in Static NAT (1 to 1 translation)? Possibly even move them back and forth between ASAs?
--> YES you can
How does the router know which as ASA it needs to forward the packet to if it is destined for .12 for example? Does the ASA send out an ARP message for each of its static addresses that it is using? They packets aren't broadcast to the subnet, are they?
--> YES, the ASA will send out an ARP to tell the router that it has that particular static address
Or is this a Layer 3 problem. Do I have to segment my /27 into two /28's on my router (requiring an additional interface and use of another IP address)?
--> NO, you don't have to segment the /27 into /28
Maybe you are looking for
-
2013 Mac Mini slow...
I bought this Mac Mini less than 5 months ago, and for whatever reason it's running slow as ****. Nothing extra is open, very minimal programs, totaling less than 10% cpu and 100MB ram. So why is it running slow? Startup took like 5 minutes, and e
-
Display Purchase Order Approval after Goods Receipt
Hi, I would like to know if there is a way to view/display purchase order even though it was already received (Goods Receipt)? I would like to know who are the approvals of that particular purchase order, the units/quantities and the amount. Thank yo
-
Error with Function Module for Automatically Reversing FI Documents
We are trying to use BAPIACREV to automatically reverse a document as part of workflow but get an error with 2 of the import parameters stating they were never transferred: 1) OBJ_KEY_R 2) OBJ_SYS Does anyone know how to resolve this?
-
This report is required for claiming duty drawback from govenment
Please note the business process: 1. Material is imported and import duty is paid for the same. 2. If the same material is exported to any country, company can claim drawback for the import duty paid The logic for the report can be : 1.System will f
-
May i know how to create Transactional Infocube, Data from cube to cube
Hi All, I need to create a Transactional Infocube. Can anyone help me how to create that. and how it differs from Basic cube while creating Transactional Infocube. My other question is how to load data from one cube to another.( is it possible from b