I'm using ocserv as VPN server in my company on ubuntu, and I want to view how much traffic each user is using. Users are set in ocpsswd file. Do ocserv have this feature or any library I can use? As I search Google and I'm confused. Anybody can help me?

I have been trying to track down why my backups have been slow using ghettoVCB from the ESXI host.

I'm currently backing up my virtuals using ghettoVCB to a NFS share on TrueNAS from the host OS.

When I copy files to the NFS share from a guest (Ubuntu 20.04) on the ESXI machine I get about 257MB/s (which is about right as I have a dedicated 2.5gb channel between the NAS and ESXI)

su@test:/mnt/guest$ time ...

My curent Network:

Router         - 192.168.1.1   (static)
Windows PC     - 192.168.1.10  (static)
Synology NAS   - 192.168.1.11  (static)
DockerPihole   - 192.168.1.12  (macvlan-static)
DockerUnbound  - 192.168.1.13  (macvlan-static)
DockerTraefik  - 192.168.1.14  (macvlan-static)

Docker Bridge Network (For Traefik to work)

DockerTraefik  - 192.168.10.2  (bridge-static)
DockerNginx1   - 192.168.10.10  ...

Do we have support for Nodelocaldns in Micork8s clusters. If not, How it is handling the Cluster DNS performance without caching agent?

I have a high availability cluster with two nodes configured, after a maintenance carried out by an external company when restarting the system my mysql resource stopped working.

when executing the drbd-overview command I get the following.

Node Principal:
0:home Connected Primary/Secondary UpToDate/UpToDate C r-----
1:storage Connected Secondary/Primary UpToDate/UpToDate C r-----
2:mysql StandAl ...

I am new to Kubernetes, I know there are multiple ways to log collection. but I am specifically asking about my scenario. we have a Syslog xyz.com port 8090. now we want our pods to send logs to our server xyz.com. what is the best way to achieve this? is there any centralize way of customizing logs from all deployment pods, or should we have to configure rsyslog service in a container and rebuild the c ...

I have created a postfix server for my domain : residencebauge.fr.

I have also configured SPF to authorize only my public IP address : "v=spf1 a:vps.residencebauge.fr ip4:51.77.220.62 -all"

I have then configured DKIM and DMARC and when I check in different website, everything seems correct.

When I send an email directly from the server everything seems OK and the mail is never considered as SPAM :

Our team has to host and maintain a publicly-visible FTP server for the needs of our application. It's currently hosted on a Google Compute Engine VM, and the FTP server software in use is Pure-FTPd. Also, we tried FileMage.

When accessing the server through any mainstream FTP client, like FileZilla, by its public address, the server seems to work perfectly fine, being capable of ingesting/exportin ...

I've been trying to setup domain name inside a container and check how the embedded Docker DNS deals with those settings. But I was surprised to see that I was only given a truncated domain name when doing reverse ns lookup.

I set the fqdn to be like ldec<i>.n18.org The command hostname --fqdn inside the container returned me ldec1.n18.org as expected, the ping ping ldec1.n18.org is working as expe ...

MySQL 5.7 standard install with standard my.cnf (server) one table 20mb size

Dell R210II Windows Server 2019 Xeon 1230 v2 16gb ram

1 queries executed, 1 success, 0 errors, 0 warnings

Query: CALL do_import

0 row(s) affected

Execution Time : 53.650 sec
Transfer Time  : 0 sec
Total Time     : 53.650 sec

Laptop i7 L620 8gb ram

1 queries executed, 1 success, 0 errors, 0 warnings

Query: call do_import ...

I'm trying to convert the following SSH command on a SSH File entry.

My command is as follows:

ssh -i identity-file.pem -L 20000:internal-host.com:8080 [email protected] -N

An this is the current SSH file

Host remote-host-tunnel
  IdentitiesOnly yes
  HostName remote-host.com
  User user
  PubKeyAuthentication yes
  IdentityFile ~/.ssh/identity-file.pem
  ServerAliveInterval 30

Host internal-host- ...

Network Scheme - IP addresses are fictitious

Firewall SO: Centos 6

I recently enabled two-factor authentication, using Google Authenticator, and with that transfers via SCP for some users were impossible to carry out. So the solution I found was to transfer files via FTP (active), using VSFTP (Ubuntu 22.04 LTS). I am using active FTP due to strict network restrictions at my university (passive FTP i ...

My organization sends 60k of email a week on SES. I track bounces and complaints in CloudWatch and with an SNS topic. Every now and again I need to confirm delivery of a specific email. I used to grep for stat=sent in the mail log. I never thought I'd miss those days but setting up an SNS topic and subscribing to it just to get the log is a real cringe, don't you think? That's just a lot of unnecessary  ...

We are trying to redirect requests on port 8555 to port 8443. In our httpd.conf file, we have the following:

<VirtualHost *:8555>
SSLEngine on
# SSL configuration that is irrelevant to this question

RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}:8443%{REQUEST_URI}
</VirtualHost>

However, when a user goes to https://example.con:8555/foo, they get redirected to https://example.com: ...

I was going to add something to my php.ini file so I added it and rebooted the server. My site went down after the reboot citing that it could not connect to the database so I reversed the changes and rebooted again but nothing changed.

I have been debugging for a while and so I have narrowed it down to the local instance of mysql running on the server has a problem

● mysql.service - MySQL Communit ...

I have a sync script that does a mysqldump on the mysql database on a source server, then imports that dump on the target server, followed by privelege flush. Systems are CentOS 7.

In MariaDB 10.5, mysql.user is no longer a real table, it's a view. The source system is running MariaDB 10.2, where mysql.user is a real table.

When the sync runs, it breaks mysql. To fix it I have to kill mariadb, st ...

I am trying to create an Answer file to pass domain login credentials (not to join the domain) when the WDS server is booted via PXE to install Windows 10 on a laptop. The server is on the domain and is running Window Server 2016 Standard version 1607 OS build 14393.5786.

I have followed several examples on this website as well as other walkthroughs, but not having any luck getting this to recog ...

My home network is composed of a 4G router (Huawei E5885LS-93A) and three Ubiquiti Access Points (UAP-AC-M). Within my network I run ZoneMinder on a Raspberry Pi 4.

From within my network I can just connect to ZoneMinder via 192.168.8.142:80/zm, this works as expected.

I also want to connect to ZoneMinder from outside of my network. Therefore I tried to create a port forwarding on the Huawei rout ...

The glances program tells that a google chrome page consumes 1.10 TB virtual memory and my PC does not have this capacity (RAM + Hard Drive).

About this, quora explains the following: "virtual memory can exceed physical memory. Virtual memory is a system memory management technique that allows a program to use more memory than is physically available on the computer by temporarily transferring data to ...

My architecture is like so: I have a static website xyz.com hosted on s3 and served with cloudfront. The website is accessing an api that seats behind a load balancer. I want to make sure that only requests from my website xyz.com are allowed thorough my load balancer to my api. I thought that the flow is user -> cloudfront -> load balancer - so I added a rule on my load balancer's security group  ...

Currently I have the following scenario:

• First server: I have the Zabbix components: server, gateway and web interface (along with a mysql database), all running via Docker containers (released port: ufw allow 10051).

• Second server: I have the Zabbix agent running via Docker as well (released port: ufw allow 10050).

Both are Ubuntu 20.04.6 LTS.

...

On the second server where I run the Zabbix agent, I  ...

Who has expertise on how to work with osquery (or maybe you solved this problem):

1. Based on articles like this one - https://blog.palantir.com/auditing-with-osquery-part-two-configuration-and-implementation-87a8bba0ef48 I understand osquery can be used in conjunction with auditd rules in auditd/audit.rules. However, when I try to change in osquery.flags --audit_allow_config=false to use my rules, th ...

I have a Node.js-driven site running in a Docker container, and there's a public-facing proxy site driven by Nginx server that redirects traffic to the dockerized Node.js site. Studying the Nginx logs, I see a lot of directory/path traversal attacks on all kind of paths:

GET /.env
GET /phpmyadmin/index.php
GET /owa/auth/logon.aspx
GET /+CSCOE+/logon.html
GET /ecp/Current/exporttool/microsoft.exchan ...

I've recently configured a brand new Postfix server (latest version) on Debian 11, it's working great but on the old installation I used to receive an email whenever something went wrong when sending/receiving an email via Postfix. On the main configuration I've set the following parameters, thing is, I've yet to receive any error email from Postfix and I am sure (from experience) that every single day  ...

In order to avoid mangling nginx.conf with automated deployments, we rely on overrides in /etc/nginx/conf.d. As of nginx 1.3.10, the files in conf.d are included in alphabetical order...which is useful for overriding things as later configs (alphabetically) should override earlier ones.

We have a default conf, say conf.d/00-overrides.conf which has default overrides overriding things set in /etc/n ...

Recently I have upgraded to the mainline Debian 10 backport kernel. This morning I've noticed that the web server is very slow, and inspection showed 100% CPU usage by php7.4-fpm:

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
13901 www-data  20   0  461632 240612  91188 R 100.0   0.5  37:09.65 php-fpm7.4
16105 root      20   0  154088 101800  19280 R 100.0   0.2   0:4 ...

1. I'm trying out Proxmox 7.3-3 as a hypervisor and managed to install it using ZFS on my NVMe (Samsung_SSD_970_EVO_Plus_2TB_S6S2NS0T505403V)
2. I also installed a Ubuntu 22.04 VM and its filesystem is ext4
3. Next, I installed MySQL server (8.0.32)
4. I normally don't tune MySQL, its performance is acceptable as-is
5. However, it took 3 minutes to ingest a 20MB uncompressed SQL file using mysql < ...
6. This is mu ...

I have an interesting question.

We have in company proxmox VE with public 46.xx.xx.xx/29 and private IP subnets. Proxmox hasn't got public ip and is connected on interaface vmbr0 to router with subnet 192.168.55.0/24. This router hasn't got public ip too, but i can setup public ip on any virtual computer.

Can you explain me, how it is possible please?

Is possible,that router is using NAT 1:1?? Thank yo ...

This weekend I received an email from Google Cloud warning me that my project would be suspended due to a possible policy violation due to a Denial of Service (DoS). After looking at the logs, I realized that when I generated my HTTPS certificate I had a sudden surge of outgoing network bandwidth usage.

I'm installing a mail service on my VM called Carbonio CE. Carbonio provides me with a CSR, wh ...

There are some IP address that nslookup can't resolve (both on Windows and Linux).

Problem:

I can find the IP of the hostname, but reverse lookup fails.

PS C:\> nslookup.exe somehost2
Server:  corpdns.mydomain.com
Address:  10.248.2.1

Name:    somehost2.corp.mydomain.com
Address:  10.185.140.22

# Reverse lookup of the same IP fails:

PS C:\> nslookup.exe 10.185.140.22
Server:  corpdns.mydoma ...