[solved] DHCP snooping in environment with core and access switches
Hello,
I'd like to know what steps are needed to configure DHCP snooping in my environment:
1) two core switches Catalyst 6500 (VSS): VLAN defined here, DHCP server connected here
2) access switches Catalyst 3750: clients connected here
Access switches are connected to core ones via trunk ports (fiber optics).
How many snooping databases are required? One for core and next for each stack?
Hi Marian,
If your network is properly designed and connected so that clients, including DHCP clients, are attached to the access layer switches, then the DHCP Snooping should be run only on access switches. Running DHCP Snooping on core switches is not going to increase the security because the DHCP communication has already been sanitized on the access layer.
If you intend to save the DHCP Snooping database then each switch performing the DHCP Snooping needs to have its own database if you intend to use a persistent storage for it. However, you can always have the switch to save the database to its own FLASH, alleviating the need for a centralized networked storage.
I am not sure if this answers your question so please feel welcome to ask further.
Best regards,
Peter
Similar Messages
-
Uk date format issue with ASP and Access Database
I have an Asp form which updates records in an Access
database. Problem is
that the date format in the database record is dd/mm/yyyy
(UK), when
the record is displayed on the form it is mm/dd/yyyy(US)
which after I
update the record in the database the date has changed to the
new format.
I have tried everything I can to change the format but to no
avail...anyone any ideas how I can resolve this issue?
Thanks
Stevestevo.s wrote:
> Hi
>
> I have tried changing the format on the date field on
the server behaviours
> panelto ddmmyyy. Also have tried to set the form field
format to ddmmyy. I have
> also tried to use a function I got from a posting
somehwere on the net to no
> avail. <%function ddmmyyyy(varDate)
> ddmmyyyy = Day(DateValue(varDate)) & "/" &
Month(DateValue(varDate))
> & "/" & Year(DateValue(varDate))
> end function
>
> I believe that this is a recognised issue with
Dreamweaver and Access but
> can't seem to grasp the work around! Problem being I am
teaching myself through
> books and internet articles and can be weeks at a time
without being able to
> look at the issue..each time I come back to it it is
like starting all over
> again! I was hoping that somewhere out there there is a
simple solution the
> issue perhaps a date picker with the built in
functionality to address the
> issue...I am keen to understand how to deal with the
issue rather than just
> change my database date field to fudge the problem as I
am in the UK and when I
> eventually start to use the application I would like
there to be some
> consistency with dates and that users are familiar with
the format.
>
> Any help gratefully received!
Its not Dreamweaver, or Access, its your servers locale, its
set to US
format, not the UK.
On your page at the top use:
<% Session.LCID = 2057 %>
This will force the page into using UK formatted dates. Use
it on any
page that needs to format the page correctly.
Dooza
Posting Guidelines
http://www.adobe.com/support/forums/guidelines.html
How To Ask Smart Questions
http://www.catb.org/esr/faqs/smart-questions.html -
Can the system automatically start up with OSX and later switch to windows after starting up?
I mean, I don't want to choose between OSX or Windows when I start up. I just want to start up with OSX. Is it possible to only start with OSX and later switch to Windows after starting up, or is there any option?
you want to override the default and reboot into Windows next time?
Use BootChamp or Option key.
But when there are Windows updates it will need to be set to boot into Windows.
Sounds like you don't want to run Windows natively. -
[solved]partially working network, problems with ssl and irc
Hi,
for a weird reason I can't access any websites with https anymore nor can i connect to any irc servers with irssi and connection attempts with ssh time out. The system is up2date and I am using kdemod as DE.
My rc.conf looks like this:
# /etc/rc.conf - Main Configuration for Arch Linux
# LOCALIZATION
# LOCALE: available languages can be listed with the 'locale -a' command
# HARDWARECLOCK: set to "UTC" or "localtime", any other value will result
# in the hardware clock being left untouched (useful for virtualization)
# TIMEZONE: timezones are found in /usr/share/zoneinfo
# KEYMAP: keymaps are found in /usr/share/kbd/keymaps
# CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
# CONSOLEMAP: found in /usr/share/kbd/consoletrans
# USECOLOR: use ANSI color sequences in startup messages
LOCALE="de_DE.utf8"
HARDWARECLOCK="localtime"
TIMEZONE="Europe/Berlin"
KEYMAP="de"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# HARDWARE
# MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
# MOD_BLACKLIST: Prevent udev from loading these modules
# MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
# NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
MOD_AUTOLOAD="yes"
#MOD_BLACKLIST=() #deprecated
MODULES=(!b44 !mii !ipw2200 !libipw !ac97_bus !snd-mixer-oss !snd-pcm-oss !snd-page-alloc !snd-pcm !snd-timer !snd !snd-ac97-codec !snd-intel8x0 !snd-intel8x0m !soundcore b44 mii ipw2200 libipw ac97_bus snd-mixer-oss snd-pcm-oss snd-page-alloc snd-pcm snd-timer snd snd-ac97-codec snd-intel8x0 snd-intel8x0m soundcore)
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# NETWORKING
# HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
HOSTNAME="horst-lp"
# Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
# Interfaces to start at boot-up (in this order)
# Declare each interface then list in INTERFACES
# - prefix an entry in INTERFACES with a ! to disable it
# - no hyphens in your interface names - Bash doesn't like it
eth0="dhcp"
# Wireless: See network profiles below
#Static IP example
#eth0="dhcp"
eth0="dhcp"
INTERFACES=(!eth0 !eth1 !wlan0)
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# - prefix an entry in ROUTES with a ! to disable it
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
# Enable these network profiles at boot-up. These are only useful
# if you happen to need multiple network configurations (ie, laptop users)
# - set to 'menu' to present a menu during boot-up (dialog package required)
# - prefix an entry with a ! to disable it
# Network profiles are found in /etc/network.d
# This now requires the netcfg package
#NETWORKS=(main)
# DAEMONS
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
DAEMONS=(syslog-ng hal !network networkmanager avahi-daemon avahi-dnsconfd alsa cdemud kdm samba mpd lighttpd)
Earlier I had some problems with not resolving addresses, which I somehow got rid of. At the time I blamed my isp.
Perhaps something broke when I had a program running in wine to play with a car too and I had to switch the laptop off bc it didn't want to react anymore.
thx for reading
e: I don't know why, but it worked when I started Arch this morning.. while it didn't yesterday although everything worked correctly on my other PCs.
Last edited by dt (2009-11-07 09:02:46)Hi,
for a weird reason I can't access any websites with https anymore nor can i connect to any irc servers with irssi and connection attempts with ssh time out. The system is up2date and I am using kdemod as DE.
My rc.conf looks like this:
# /etc/rc.conf - Main Configuration for Arch Linux
# LOCALIZATION
# LOCALE: available languages can be listed with the 'locale -a' command
# HARDWARECLOCK: set to "UTC" or "localtime", any other value will result
# in the hardware clock being left untouched (useful for virtualization)
# TIMEZONE: timezones are found in /usr/share/zoneinfo
# KEYMAP: keymaps are found in /usr/share/kbd/keymaps
# CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
# CONSOLEMAP: found in /usr/share/kbd/consoletrans
# USECOLOR: use ANSI color sequences in startup messages
LOCALE="de_DE.utf8"
HARDWARECLOCK="localtime"
TIMEZONE="Europe/Berlin"
KEYMAP="de"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# HARDWARE
# MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
# MOD_BLACKLIST: Prevent udev from loading these modules
# MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
# NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
MOD_AUTOLOAD="yes"
#MOD_BLACKLIST=() #deprecated
MODULES=(!b44 !mii !ipw2200 !libipw !ac97_bus !snd-mixer-oss !snd-pcm-oss !snd-page-alloc !snd-pcm !snd-timer !snd !snd-ac97-codec !snd-intel8x0 !snd-intel8x0m !soundcore b44 mii ipw2200 libipw ac97_bus snd-mixer-oss snd-pcm-oss snd-page-alloc snd-pcm snd-timer snd snd-ac97-codec snd-intel8x0 snd-intel8x0m soundcore)
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# NETWORKING
# HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
HOSTNAME="horst-lp"
# Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
# Interfaces to start at boot-up (in this order)
# Declare each interface then list in INTERFACES
# - prefix an entry in INTERFACES with a ! to disable it
# - no hyphens in your interface names - Bash doesn't like it
eth0="dhcp"
# Wireless: See network profiles below
#Static IP example
#eth0="dhcp"
eth0="dhcp"
INTERFACES=(!eth0 !eth1 !wlan0)
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
# - prefix an entry in ROUTES with a ! to disable it
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
# Enable these network profiles at boot-up. These are only useful
# if you happen to need multiple network configurations (ie, laptop users)
# - set to 'menu' to present a menu during boot-up (dialog package required)
# - prefix an entry with a ! to disable it
# Network profiles are found in /etc/network.d
# This now requires the netcfg package
#NETWORKS=(main)
# DAEMONS
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
DAEMONS=(syslog-ng hal !network networkmanager avahi-daemon avahi-dnsconfd alsa cdemud kdm samba mpd lighttpd)
Earlier I had some problems with not resolving addresses, which I somehow got rid of. At the time I blamed my isp.
Perhaps something broke when I had a program running in wine to play with a car too and I had to switch the laptop off bc it didn't want to react anymore.
thx for reading
e: I don't know why, but it worked when I started Arch this morning.. while it didn't yesterday although everything worked correctly on my other PCs.
Last edited by dt (2009-11-07 09:02:46) -
[SOLVED] systemd-arch-units conflicts with mdadm and xinetd packages
Trying to upgrade my testing box today to latest/greatest and running into a file conflict between systemd-arch-linux providing systemd profiles for xinetd and mdadm which also think they control the same files:
error: failed to commit transaction (conflicting files)
/usr/lib/systemd/system/mdadm.service exists in both 'mdadm' and 'systemd-arch-units'
/usr/lib/systemd/system/xinetd.service exists in both 'systemd-arch-units' and 'xinetd'
Errors occurred, no packages were upgraded.
Should I just do a force? I am not relying on systemd yet. Or should I just remove systemd?
Chester
Last edited by chetwisniewski (2012-05-15 18:17:45)silent wrote:So now the new version of mdadm and xinetd moved to [core] and I have the same conflict with systemd-arch-units in [community].
Try -Syu again? -
[SOLVED]Script to replace compiz with metacity and the other way round
Hi. I would like You guys to help me. I don't want to use fusion-icon (many complex reasons I wouldn't like to state here, just please take it for granted) and I'd like to bind a key combination for a command which would let me replace compiz with metacity and the other way round. So I think I need a script.
What I'd need:
detect if compiz is running
yes -> metacity --replace
no -> compiz --loose-binding --replace
Can You help?
Last edited by warnec (2010-06-23 19:38:46)The scripts by mojlac024 replaces compiz by metacity when compiz is running, but when metacity is running it doesn't bring compiz back.
How to incorporate that test:
dbus-send --print-reply --type=method_call --dest=org.freedesktop.compiz /org/freedesktop/compiz/dbus/screen0 org.freedesktop.compiz.list | wc -l
into the script?
PS.:
When compiz is running, it prints 1. But when compiz is not running, it prints:
Error org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.compiz was not provided by any .service files
0
So a simple logical test of "is this 0 or not?" won't work, I'm afraid.
Last edited by warnec (2010-06-23 17:01:44) -
Airport wifi problems with uverse and gigabit switch resolved
I think there is a bug in airport firmware 7.6 with how spanning tree works in addition to problems with the Uverse router. Having an Airport with a uverse 2wire 3801 and gigabit switch will not work. Putting the extreme in NAT mode with DMZ plus behind the uverse resolved the problem.
Network configuration:
Uverse 2wire 3801 router
3801 provides prioritization for upstream traffic so skype and VoIP work better when doing a lot of stuff on Internet
Airport extreme firmware 7.6
two airport express 802.11n hardwired to extreme. Set up in bridge mode. All access points have same SSID "create a network" to enable roaming. Ignore anything to do with extending a network. firmware 7.6
two gigabit switches
Netgear GS608 - 8 port gigabit switch
Trendnet TEG-S80g - 8 port gigabit switch
100BT 5 port switch - did not figure into problem
Three Uverse set top boxes wired on Ethernet. They have to be wire directly to the 2wire box to work correctly. See: http://forums.att.com/t5/Features-and-How-To/At-amp-t-U-Verse-modem-setup-Airpor t-Extreme/td-p/2300785
However, you need to be careful to place your own PCs and other internet devices on the network created by your gear (airport extreme in your case), but keep AT&T's set top boxes for the IPTV services IN FRONT of your own router - so they remain on AT&T's provided network.
So it would work like this ...
Network 1: 2wire RG (4 lan ports) -> Any Set tops, and to the WAN port on your AirportExtreme
Network 2: Airport Extreme LAN ports -> to any computers or internet devices (but not AT&T set top boxes).
The RG prioritizes the traffic for your Uverse Voice and your Uverse TV ahead of internet data traffic, as it rationalizes data heading out of your home. If you place your own equipment in that equation (like putting AT&T set top boxes behind your Airport Extreme) the performance and function of your AT&T set top boxes could really flake out on you.
Symptom:
Everything would be working fine, then intermittently all my wifi access points would stop working. ~6,000 ms latency, dropped packets. Ethernet worked fine. Here is an example of my macbook pinging the extreme when associated with the extreme over wifi with a strong signal.
ping: sendto: Host is down
Request timeout for icmp_seq 23
Request timeout for icmp_seq 24
64 bytes from 192.168.1.64: icmp_seq=25 ttl=255 time=267.051 ms
Request timeout for icmp_seq 26
Request timeout for icmp_seq 27
Request timeout for icmp_seq 28
64 bytes from 192.168.1.64: icmp_seq=26 ttl=255 time=3402.599 ms
Request timeout for icmp_seq 30
Request timeout for icmp_seq 31
Request timeout for icmp_seq 32
64 bytes from 192.168.1.64: icmp_seq=30 ttl=255 time=3060.673 ms
64 bytes from 192.168.1.64: icmp_seq=34 ttl=255 time=24.115 ms
64 bytes from 192.168.1.64: icmp_seq=35 ttl=255 time=31.056 ms
64 bytes from 192.168.1.64: icmp_seq=36 ttl=255 time=39.828 ms
Root cause:
It looks like the 2wire 2801 router has a problem with spanning tree when interoperating with gigabit switches and airports. There is interplay with the airport.
I did not have this problem until the 7.6 airport firmware. I had been using the Netgear hub for about a year with the extreme in bridge mode. I added the Trendnet hub and upgraded airport firmware at the same time which made fault isolation difficult.
Problem recreation:
Set up airport expresses hard wired to extreme
Connect gigabit switch anywhere to network
Everything OK
Dettach one computer from wifi then reattach, then all wifi stops working. It takes a few seconds for the problem to propagate.
Ethernet still works fine
Problem Resolution:
Connect to 2wire with ethernet
Set 2wire route to have subnet as 192.168.2.x
Set extreme in NAT mode behind 2wire. It will complain about double NAT. Override the warning. Set the subnet to 192.168.1.x so you don't have to change any static IP addresses. Note that 2wire uses 192.168.1.254 as default route whereas airport uses 192.168.1.1.
I set DHCP to start at .10 to leave the lower addresses for assigning static IP addresses to computers I want to expose outside the firewall.
Go into firewall settings. Select airport extreme. Select the bottom setting which is "DMZ Plus". When you go into the airport extreme settings, you will now see that it has the uverse public IP address on its WAN port. NAT port mappings work fine on the extreme behind the 2wire router.Keeping this very short here is a summary of the actual problem and solution to allow your Apple Airport Extreme to run in Bridge mode on the same subnet as your uVerse settop boxes (if your Layer 2 switch is configurable).
Devices: Uverse, Cisco SG300, and Airport Extreme
uVerse uses Multicast to broadcast video streams between the uVerse network to the settop box, and from settop box to settop box.
X number of Multicast Groups are created based on X number of settop boxes you have. You can see the multicast definitions by logging into the webinterface of the iNid. Each settop box is a member and can choose to display a broadcasted TV stream or not.
Multicast membership is setup by the use of ICMP messages for IPv4 (MLD for IPv6). Each of the settop boxes become members of each others multicast group by reporting up to the iNid (MultiCast Proxy).
In an ideal world a layer 2 switch will track these memberships and only forward a broadcast packet to the ports on the switch to which the settop boxes are connected to. The switch would do these via snooping on the ICMP packets. Most switches by default do not do this by default and simply forward the broadcast packett out every one of it's switch ports.
Here in lies the problem. Problem is that the Apple AES doesn’t do ICMP snooping / filtering and floods the wireless network with these broadcast streams.
In order to fix this you must turn on ICMP snooping and filtering on the switch (or buy a switch that does this). I have a Cisco SG300 and list out the configuration below.
Other notes:
Ensure that all Media renderers (settop boxes) and servers are wired directly off the switch and not attached to any of the Airport Express ports. This way no media transverses the Airport (only control point traffic goes through the WiFi - which is fine). Obviously if the IGMP snooping switch sees any client requesting Multicast streaming traffic on the same port as the WAP, it will add that Multicast address to the forwarding table for that port, and then, yes it could get flooded.
Remember, you need to allow some Multicast traffic through your WAP to allow UPnP discovery to work (assuming that you will be using Wireless control points.)
Read the Multicast chapter in the SG 300 switch Admin Guide as it explains things very well.
Setting up multicast on the SG300s using the WebUI:
1. Multicast/Properties/
Tick enable Bridge Multicast Filtering Status for VLAN 1, and
set the Forwarding Method to IP Group Address for both IPv4 & IPv6.
2. Multicast/ IGMP snooping/
Tick enable IGMP snooping status then select and edit the entry and ensure that IGMP querier status is ticked.
It's essential for IGMP snooping to work that there must be at least one active IGMP querier on the network - if more than one is enabled, they will carry out an "election" to decide which one should be active (normally the one with the lowest IP address.)
3. Multicast Router Port
Set whichever port that is connected to the uVerse iNid to Status which means that it the uVerse router connected to this port is the Multicast Router
4. Multicast/ Unregistered Multicast
set all ports to Filtering. (The default is Forwarding.)
There are a lot of other variables within all the above - the defaults are OK, you should probably leave them alone!
In the config file you would then expect to see the above appearing as something like this:
ip igmp snooping
ip igmp snooping vlan 1
ip igmp snooping vlan 1 immediate-leave
interface vlan 1
bridge multicast mode ipv4-group
bridge multicast ipv6 mode ip-group
interface range gi1-10
bridge multicast unregistered filtering
ip igmp snooping vlan 1 querier
ip igmp snooping vlan 1 querier address <IP-Addr> -
DHCP SNOOPING IN CISCO SF200-48 SMALL BUSINESS SWITCH
Please help me out. I need to know whether dhcp snooping is available in cisco firmware version 1.3.7.18.
Hi Bonnie, as far as I know DHCP snooping is not on the SX200 switch.I also am unable to find documentation within release notes and the admin guide stating it does.
-
Open mode (monitor mode) with ise and catalyst switches
Hi There,
Anyone know if the following observation is correct ?
From the TrustSec 2.1 "Monitor Mode" guide i get the idea that Open mode, is not really as zero impact in a data gathering part of an ISE deployment is a was expecting. The guide describes using Profiling to authorize Cisco IP phones for the Voice VLAN.
- Does this mean that regular methods like using CDP won't work to for this once i enable dot1x on an access switch port interface ?
- And that i will need to figure out which ports should be set for multi-domain (phone+pc), and which should be set for multi-auth(possibly multiple devices on one port) during the open mode period ?
Regards
JanHello Jan-
Below is my input to your questions:
From the TrustSec 2.1 "Monitor Mode" guide i get the idea that Open mode, is not really as zero impact in a data gathering part of an ISE deployment is a was expecting.
Yes, a device is still allowed on the network even if it fails all authentication methods (MAB, 802.1x, etc). Basically you use monitor mode to perform discovery and see what would have been blocked had ISE been deployed in production.
The guide describes using Profiling to authorize Cisco IP phones for the Voice VLAN.
Yes, you can use profiling to do this. Keep in mind that you will need advanced licensing for this. Otherwise, you can either use MAB with static MACs imported/entered in the local database or EAP-TLS with phone certificates
- Does this mean that regular methods like using CDP won't work to for this once i enable dot1x on an access switch port interface ?
CDP will still work, in fact some of the profiling happens thanks to CDP, however, the device will simply not going to be allowed to get on the network and the Voice VLAN unless it passes authentication/authorization.
- And that i will need to figure out which ports should be set for multi-domain (phone+pc), and which should be set for multi-auth(possibly multiple devices on one port) during the open mode period ?
This really depends on how secure you want your network to be
Hope this helps!
Thank you for rating! -
My phone while using went green and blue and then switched off, now apple symbol flashes on and off , any ideas as to what is wrong?
NNo seriously, you have to restore it to its last backup, it froze in the middle of something and now it is malfuning
-
Dynamic Login Environment with LDAP and Database level security.
JDeveloper 11.1.1.0.1 + ADF BC + ADF RC
Hi everyone,
We are ready to begin creating a dynamic login environment.
We would like to be able to keep security on the database side, instead of in the application layer.
We also want to be able to use Oracle LDAP for authentication.
Can anyone suggest any good documentation for our situation?
Highly appreciated. Thanks!Alexander,
unlike in Forms, authentication is separate from connection. You can have individual user connections - like in Forms - but this most likely is not of best performance. A document and example for this to follow is
http://radio.weblogs.com/0118231/2008/08/06.html#a902
Note that authentication does not need to be hard coded in either way. If you use a single database connection and container managed authentication, then all users access the database from the same user account but can have their authenticated names passed through. In ADF BC you can use the prepareSession method on the ApplicationModule to pass the name to the database as a prepared statement (e.g. to set the predicate on a VPD database). However, using PLSQL for authorization is a bit difficult because the business logic, unlike in Forms isn't executed in PLSQL. You can look up PLSQ from ADF BC - or Java in general - but its a separate call.
Frank -
[solved] Need a little help with sed and regular expressions
Hello!
I am shure this is something easy for most of you
I want to make a script, which converts filenames of my ripped MP3s (replaces '_' with spaces, removes leading track numbers...)
But I have some problems:
j=$(echo $j | sed 's/_\+/ /g')
j=$(echo $j | sed 's/^[0-9]{0,3}//g')
j=$(echo $j | sed 's/[^ ]-[^ ]/ - /g')
j=$(echo $j | sed 's/_\+/ /g') << this is working fine (converts all "_" to spaces)
j=$(echo $j | sed 's/^[0-9]{0,3}//g') << is NOT working, why??
For Example in "01-somebody_feat_someone-somemusic.mp3" the leading "01" number is NOT being removed..
j=$(echo $j | sed 's/[^ ]-[^ ]/ - /g') << how can I insert spaces before and after the "-"?
So that "someone-somemusic" becomes "someone - somemusic" (but only where "-" is surrounded by letters)
Last edited by cyberius (2011-07-27 18:50:54)For sed, you must escape { and } to use them as you want (just slap a \ before them).
For the last expression, capture the letter before/after the dash -- use \( and \) -- and then substitute it for something like "\1 -" and then "- \1". You'll want to split this into two pieces, one for the front and one for the back so you can get "somemusic -someband" the way you want without a bunch of cases.
Edit: Or, you could just do a replace for "-" to be " - " and then have another expression to reduce spaces. I see you've used \+ before, so I'm guessing you can figure that out
Also, sed has the -e switch so you can do multiple different expressions with one invocation.
Also (also), have you looked into something like Picard with automatic track renaming? You can even customize how they are renamed.
Edit (2): Also^3, check out prename. There are different versions, ones which use PCRE and ones that use other standards, but it is for renaming files based on regular expressions, which is what you're doing. In any case, you might want to put you script into the User made scripts thread when you feel more comfortable and get some more critiquing, if you're interested.
Last edited by jac (2011-07-26 23:13:27) -
Combined environment with PHD and MobileMe
Does anyone have any experience with users that hop around different workstations using PHD AND who use MobileMe to sync Address Book? Each workstation they log into the first time does not have their MobileMe details. If they add it, do they just choose Merge on the first sync? Is this a recipe for disaster?
My only experiences so far have been bad. If the entire user home directory is sync'ed, MobileMe sync gets confused and goes through each of the sync items as if they are being refreshed from with the MobileMe data; this can be seen if the "warn if more than 5% of the data is changed" option is on. For example, after logging in, the user has to accept address book sync that will add 200 contacts and delete 200 contacts, ical sync that will add 50 events and delete 50 events, etc.
If you do not sync /Library, then this behavior does not occur, but, of course, you lose a great deal of functionality this way, especially for users who don't use MobileMe.
I had managed to figure out the various /Library files and directories that should not be part of the PHD sync for MobileMe users and excluded them. However, that means the non MobileMe users then will not have the ical, address book, bookmark, etc. preferences follow them to the next machine. Unfortunately, you cannot set Mobility (PHD) preferences up for user groups, only for computer groups, so there is no easy way to setup a different exclude list for the different types of users.
If anyone knows a way around this, I'd love to hear it. -
[Solved]Replaced my /var partition (with dd) and am having boot issues
I recently got a new hard drive and have split /var and root across the two drives. However now I am having issues booting the computer. Each boot it mounts the /var and /home partition (both of which are on the new drive) and hangs for a large period of time before booting. (it does eventually boot fine)
The reliant section of journalctl is:
an 05 04:54:33 ArchPC systemd[1]: Started Trigger Flushing of Journal to Persistent Storage.
Jan 05 04:54:34 ArchPC systemd[1]: Started Load Random Seed.
Jan 05 04:54:34 ArchPC systemd[1]: Started Recreate Volatile Files and Directories.
Jan 05 04:55:58 ArchPC systemd[1]: Job dev-disk-by\x2duuid-e6fa1ae1\x2d5579\x2d439d\x2d94cc\x2d11b2c0e67070.device/start timed out.
Jan 05 04:55:58 ArchPC systemd[1]: Timed out waiting for device dev-disk-by\x2duuid-e6fa1ae1\x2d5579\x2d439d\x2d94cc\x2d11b2c0e67070.device.
Jan 05 04:55:58 ArchPC systemd[1]: Dependency failed for /dev/disk/by-uuid/e6fa1ae1-5579-439d-94cc-11b2c0e67070.
Jan 05 04:55:58 ArchPC systemd[1]: Job dev-disk-by\x2duuid-e6fa1ae1\x2d5579\x2d439d\x2d94cc\x2d11b2c0e67070.swap/start failed with result 'dependency'.
Jan 05 04:55:58 ArchPC systemd[1]: Job dev-disk-by\x2duuid-e6fa1ae1\x2d5579\x2d439d\x2d94cc\x2d11b2c0e67070.device/start failed with result 'timeout'.
Jan 05 04:55:58 ArchPC systemd[1]: Starting Swap.
Jan 05 04:55:58 ArchPC systemd[1]: Reached target Swap.
However I am not sure where this could be, unless it is attempting to mount my windows partition?
As a side note, during this I also moved my windows install to the same drive as my root and it will no longer boot from ether its new or original drive.
Thanks.
Last edited by jarrah-95 (2013-01-04 09:24:59)Jarrah-95,
Thanks for your 'solution' post. I had a problem on boot with the boot process 'stalling' with a "recreate volatile files and directory" message that would after about a 30 second delay eventually finish the boot process. Based on your post I ran 'blkid' and discovered my 'swap' partition in my /etc/fstab file had the wrong UUID for the 'swap' entry.
After entering the 'correct' 'swap 'UUID', the boot cycle is restored and fast as ever. Back to the basics wins again.
Next task is to find out how I created the mistake.
best regards,
marvinudy -
ASA5505 Upgrade to 9.1.5 from 8.4.1 - problem with nat and accessing external host
When running on 8.4 i had a working config with the following scenario.
I have 2 interfaces configured as the outside interface.
One is connected to my internet connection
The other one is connected to a host that has a public ip.
The public host can access internet and also a PAT port on an internal host.
But after the upgrade the internal hosts can't access the external host but everything else on internet
packet-tracer input inside tcp 10.x.x.11 1024 x.x.x.89 22
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in x.x.x.0 255.255.240.0 outside
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (nat-no-xlate-to-pat-pool) Connection to PAT address without pre-existing xlate
If i add 1 to the destination ip:
packet-tracer input inside tcp 10.x.x.11 1024 x.x.x.90 22
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in x.x.x.0 255.255.240.0 outside
Phase: 2
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group inside_access_in in interface inside
access-list inside_access_in extended permit ip any4 any4
Additional Information:
Phase: 3
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (inside,outside) source dynamic any interface
Additional Information:
Dynamic translate 10.x.x.11/1024 to x.x.x.80/1024
Phase: 4
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
nat (inside,outside) source dynamic any interface
Additional Information:
Phase: 7
Type: USER-STATISTICS
Subtype: user-statistics
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 10
Type: USER-STATISTICS
Subtype: user-statistics
Result: ALLOW
Config:
Additional Information:
Phase: 11
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 98586, packet dispatched to next module
Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
Nat rules:
nat (inside,outside) source static IPv6_HOST interface service https https
nat (inside,outside) source static IPv6_HOST interface service http http
nat (inside,outside) source static IPv6_HOST interface service ssh ssh
nat (inside,outside) source static INTERNAL interface destination static EXTERNAL EXTERNAL service apcupsd apcupsd
nat (inside,outside) source static IPv6_HOST interface destination static IPv6_POP IPv6_POP
nat (inside,outside) source dynamic any interface
The EXTERNAL is the host that is connected to an outside interface and that NAT rule works ok.
I can ping the EXTERNAL host from the ASA but not from the internal network.
Any ideas would be appreciated.Hmmm, by adding the following i got it working:
nat (inside,outside) source static IPv6_HOST interface service https https
nat (inside,outside) source static IPv6_HOST interface service http http
nat (inside,outside) source static IPv6_HOST interface service ssh ssh
nat (inside,outside) source static INTERNAL interface destination static EXTERNAL EXTERNAL service apcupsd apcupsd
nat (inside,outside) source static IPv6_HOST interface destination static IPv6_POP IPv6_POP
nat (inside,outside) source dynamic inside interface destination static EXTERNAL EXTERNAL
nat (inside,outside) source dynamic any interface
It is a bit complicated though since the EXTERNAL host get it's address via DHCP and so does the ASA.
Maybe you are looking for
-
I want to get data from iCloud on my new 3GS . But while setting up I used data from iPhone 5 . How to revert back? I want to get rid of back up of iPhone 5 on my new 3GS and want back up of old 3GS on new one.
-
I just got a New Mac pro--wanted to partition..DVD install disc says error.
I just got the new mac out of the box...Partitioned it and installed software. DVD 1 worked good..when it asked for dvd 2...it says error. I cleaned the DVD and tried it again. Same problem. I put it in my power mac to see if it would read it..and it
-
Placement on Page changes for printing in Pages Application
I have a Pages news letter ready to print and it looks fine in the view pages mode (althought the rulers are on the right side instead of centered), but when I go to print preview the whole news letter appears well to the right, no longer centered, a
-
ZReport addition in report tree.
Hi Everybody, Can anyone suggest the steps to be followed for adding a zprogram in a report tree(sret)? Thanks in advance Nazmul
-
a main mailbox with several sub mailboxes shows there are 16 unread emails. When I open the main one all the subs show no unread mail, but the 16 still shows next to the main mailbox. all of it was imported from entourage and I have gone through ever