My understanding is that running Fail2ban using ipset is faster. To that end:

I downloaded and installed per instructions (modified for Fedora 37) ritsu/ipset-fail2ban from Git.

My banaction is still set as: banaction_allports = firewallcmd-rich-rules[actiontype=]

When I try to add or replace the above with: banaction = firewallcmd-ipset

I get errors like:

2023-04-09 15:51:46,130 fail2ban.actions        ...

I have Debian 11 server with installed Wireguard with wg0 interface and 3 peers. Server bandwidth speed is 100 MBit and traffic is around 500 GB per month.

What I need is: these 3 peers can use 100 GB/month traffic at top speed (meaning no bandwidth limit which is 100 MBit), and when peer reaches 100 GB traffic it's bandwidth speed needs to be lowered to around 2 MBit.

Let's assume I solved the p ...

The vsftpd manual describe how to deal with multiple users on the FTP server via an environment variable called user_config_dir :-

user_config_dir

This powerful option allows the override of any config option specified in the manual page, on a per-user basis. Usage is simple, and is best illustrated with an example. If you set user_config_dir to be /etc/vsftpd_user_conf and then log on as the user "ch ...

Reading this: What are the limits of running NTP servers in virtual machines? (2010)

And this: https://github.com/geerlingguy/ansible-role-ntp

I'm not sure what exactly I'm installing. Especially if I'm installing inside a VM.

I'm reading that VMs can synchronise their clock from their host system... but I've never heard of this before, and don't know where I could find the configuration for that. My per ...

We have a software RAID1 array set up in a Supermicro 1u server. Can a SATA hard disk be removed (in a bay drive setup) w/o shutting down the machine? This would be after marking it 'failed' in the RAID1 array.

If so, I would assume you could replace it as well without shutting down, correct? Then you'd go through the process of making it part of the software array again.

Also, if that disk, once re ...

So we have a server application which communicates with clients through websocket and we need to regularly upgrade our server app binary. We may have multiple server instances, I know that I can offline the instance I'm upgrading but you know since websocket is long-lived tcp connections so the instance still holds some existing connections with the client, we don't want these existing connections disco ...

I would like to set up a conf file, which basically listen to all request on a specific port on the nginx server, and all these request should be forwarded to a another group of servers which handle these request.

My set up is like this :

• nginx.conf -> just the normal default coming after installation.

and the content of :

• /etc/nginx/conf.d/load-balancer.conf

upstream backend {
    server ...

I am looking for a way to launch a shell with specific packages installed within, but no unnecessary access to the rest of the system, i.e:

• Only the current directory (pwd) mounted, no access to other parts of the filesystem*
• Only the requested packages being available*, plus the shell
• Being able to disable network access would be a plus
• Generally no access to other parts of the system*
  So I'm lo ...

I am running a t3 small instance on AWS. Whenever its CPU usage reaches 80%, it becomes unresponsive, and we are unable to access it via SSH. After stopping and starting the instance, everything comes back online. Here are the things I have checked:

1. I checked the logs, but there was nothing special in them. 2.The VM is already running in unlimited CPU mode, and we have more than enough credits.
 ...

I'm working on a (powershell) script which creates a Service Principal using MS Graph and then wants to grant that principal permissions in MS Exchange. Both the Graph and Exchange are in the same Azure tenant (domain).

I would like the script to ask the user for credentials only once to do this, but both the Connect-MgGraph and Connect-ExchangeOnline commands prompt for credentials.

Is there some way t ...

Is there something like /etc/hosts file for SRV records? I would like my Alpine Linux server to find the value of _xmpp-server._tcp SRV record locally.

I am running BIND 9.18.12-0 on Ubuntu 22.04 and I have the following problem on more than one installation. I have even installed bind locally with a simple test configuration and I am still seeing this issue.

Whenever i run rndc showzone somezone and sonezone is a valid zone it returns the very unhelpful error message rndc: 'showzone' failed: failure.

The server is otherwise working, I can query it.

We have a website which is fairly large. we update content every week but it is fine to serve stale for the first visit after updating backend content. Therefore we dont want to ban or purge whole cached content in varnish which make whole websites slowly for the first visit. So is there anyway to tell Varnish to stale whole cached content without clearing them already until someone visit and Varnish wi ...

I have a Wireguard site-to-site VPN that connects successfully.

• I can ping the remote Samba server using it's IP address 192.168.30.1
• I cannot access a share over the VPN tunnel using its IP address \\192.168.30.1\disk

Some background;

• Two ASUS routers configured with a wireguard site to site VPN.
• router A; the VPN server has 192.168.30.1
• router B; the VPN client has 192.168.20.1
• Router A has a share ...

I'm trying to abort a backup on a NDB cluster like this:

ndb_mgm> abort backup 2304081512
Abort of backup 2304081512 ordered

But there is no change, the backup seems to be stalled :

ndb_mgm> all report backup
Node 2: Backup not started
Node 3: Local backup status: backup 2304081512 started from node 12
 #Records: 1950 #LogRecords: 8705
 Data: 635312 bytes Log: 2676612 bytes
Node 4: Local ba ...

I don't know much about DSR technology but as I am aware both load balancer and servers need to be behind same router because of virtual IP addresses.

I need solution to have cloud-based geo-based load balancers which will receive request with some geoDNS service but i want them to just be transparent proxy with some software which will be used as discovery for mesh network of active raspberry pi ...

I use dropbear for SSH tunneling, and I use this method as a VPN. Is there a way to find how much bandwidth that I have used per SSH account?

I have a similar problem as outlined here: Cant access GCP Compute Engine

Yesterday I lost access to my GCP server. I thought Google was having issues but almost 40 hrs later I'm thinking their issues would be resolved by now.

I've tried:

• From home & work and both access attempts fail (SSH in-browser fails & Putty).
• Both Connection via Cloud Identity-Aware Proxy Failed & without IAP failed ...

I have a win2k12r2 SharePoint server, I cannot access its admin shares c$ admin$.

SMB 1.0/CIFS installed, SMB2 enabled Can ping, and resolve hostname UDP ports 137 not open and 138 not, and TCP ports 139 open and 445 open. this is the same result as for our other servers with accessible admin shares. UAC enabled (tried disabling)

this was all working until recently after these patches were installe ...

I have a jenkins server which jenkins was upgraded from version 2.220 to 2.387.1, all plugins have been upgraded.

When I rebuilt jobs, it gave me these output:

Started by user abc
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/DEF_GW_ENROLL_USER_PREPROD
[DEF_GW_ENROLL_USER_PREPROD] $ /bin/bash -x /tmp/jenkins81696621479514690.sh
+ export SSH_CONF=/var/lib/jenkins/.ssh/config/ssh_co ...

I am running an Ubuntu 20.04 LTS Focal Server and am tying to stand up VMs on the server using Multipass. I am able to successfully launch VMs and can ssh to them from the server. However I am unable to establish an ssh session from my laptop and presumably any other traffic.

I followed this post, but haven't picked out any details that will help me yet. Here are some pertinent details I've alrea ...

I have to connect our company network with the network of a customer to access some of their resources. The IT department of the customer defined a IPsec VPN in tunnel mode with two phase 2 configuration for two different subnets on their side. For both phase 2 configuration they defined a single address as our local network, because the customer needs no access to our side.

I'm facing a few hosts sending a flood of requests to my webserver (NGINX). I'm trying to block them via iptables, with ipset and a good old DROP rule.

The rule is effective against NEW connections, but as soon as the kiddies can come in and set up an ESTABLISHED or RELATED connection, my DROP rule fails because my firewall also has a iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCE ...

I have a server with 4 nic cards. I configured them to be on the same network. Ex: 10.10.1,1, 10.10.1.3, 10.10.1.5, 10.10.1.7. Will I need to configure a default gateway on all? Meaning, if I have set the default gateway on 10.10.1.1 to 10.10.1.1 do I have to set the other nics to the same or leave them blank?

I have the following NGINX configuration:

# HTTP Redirect
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

# HTTPS Server
server {
    # Port to listen on, can also be set in IP:PORT format
    listen  443 ssl;

    ssl_certificate      bitnami/certs/server.crt;
    ssl_certificate_key  bitnami/certs/server.key ...

I've been using instance templates for Instance Groups, and I never had to go to "Advanced Options" because everything was working as expected. But today, while creating a new instance group with a template it started throwing the following error:

" Operation type [compute.instanceGroupManagers.insert] failed with message "Instances with guest accelerators do not support live migration." "

which upon  ...

First off I would like to apologize as I am a noob to this. I have have been trying to figure out how to get a website to be able to be accessed publicly with Google Domain. I made the website with Java being locally hosted on my raspberry pi with tomcat. I can access the tomcat server home page by going to the private address at 192.168.1.29:8080 but not localhost:8080 for some reason not sure if this  ...

setup is fresh debian 11

Bonded connection (bond0) is created using all nmcli commands

sudo nmcli con add type bond con-name bondcon ifname bond0 mode active-backup +bond.options "primary=eth0,fail_over_mac=none,miimon=500,primary_reselect=always,updelay=200"

bond mode is active-backup Slave connections are added for Ethernet (bond-eth) and wifi (ssidname) nmcli con add type ethernet con-name bond-eth s ...

Im no expert at IT or apache but I have used linux for years. Ive done my best to harden/secure my server online which I use for a mobile app which needs to serve up its content etc.

Ive noticed some attempts at hacking my Apache 2.4.57 server (apparently?) using wget and log4j today. I do not have tomcat, just a simple httpd running php.

Here's a log entry. (Ive changed the IP ADDRESS info in the log e ...

First of all, English is not mu native language, so if I make a mistake don't shoot me. :) Here's my problem: when I use every thing works fine, as soon as there is a port number or a comma direct after the IP-address is involved, it never has a match.

Here is a snippit from the logfile:

[08/Apr/2023 17:48:27] SMTP Spam attack detected from 91.223.169.83:60616, client sent data before SMTP greeting ...