Latest Server related questions

I have Haproxy which load balance the traffic to two apache servers.
When I benchmark with apache benchmark tool I have no errors and everything works as expected.

But when I activate the proxy protocol communication between HAProxy and apaches I start having issues.

There are two scenarios

1- Load testing with less then 500 request/second everything works well.

2- Load testing with concurrent reque ...

To establish a backup between a local file server and a remote webspace (with ssh and rsync access) I wanted to use rsync.

With the command

rsync -aPv -e "ssh -vv IonosSB" --delete /volume1/fff/sss/ [email protected]:aaa/fff/sss

I receive the error message:

...
bash: home123456789.hostdomain.host: command not found
debug2: channel 0: written 55 to efd 6
debug2: channel 0: obuf  ...

I use High avaibility pfSense 2.6.0 cluster and I strange behavior with UDP when use Discord voice channel. In fact, discord voice channel display "No route" and traffic analysis paquets traffics seem be discarded.

The pfsense configuration is very simple :

re0: WAN - 192.168.1.251/24 (CARP 192.168.1.253/24) Upstream GW : 192.168.1.254
Gateway 192.168.1.254 is Netgear device configured in router mode  ...

I can find many interweb articles about amount of RAM required for Kubernetes, but I'm struggling to find minimum spec CPUs.

I have a machine with Xeon E5410 @ 2.3GHz, and 16GB of RAM.

I'm finding I'm struggling to run k3s on it and deploy just Loki, Grafana and Prometheus (including kube metrics and node exporters) - I see many pod restarts due to readiness probes timing out, and CPU usage is very  ...

I'm trying to setup OpenLdap on ubuntu.

The following command is trying to add the accesslog database:

ldapmodify -Y EXTERNAL -H ldapi:/// -f test.ldif

When the name is "{2}mdb", the result is success:

dn: olcDatabase={2}mdb,cn=config
changetype: add
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {2}mdb
olcDbDirectory: /var/lib/ldap/accesslog
olcSuffix: cn=accesslog
olcRoot ...

I have this setup with a local LAN where I have changed the main router from PFSense to a UDM PRO router and new VPN Active Directory users no longer see their documents while working remote.

The network has several servers and one of them is a Windows Active Directory. While everything works fine if the users are working from the local network, when I connect with a VPN things are no longer working ...

I installed AWS CLI on GCP Cloud shell as per instructions for Linux:

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

This works as expected but when returning after an overnight break I get the error:

-bash: aws: command not found 

The AWS folder is still in my home directory:

ls ~/aws
dist  install  README.md  THIRD_PARTY_LICEN ...

Hi All been beating my head all day and will continue to do so but hoping someone can guide me in a direction.

I am currently trying to plug an IP Cam directly into ubuntu machine that has an eth0 and wlan0 interface. I'm trying to route it so that PCs on SubnetA can access the IPCam on Subnet B. So far, I have managed to get the PCs to access eth0 on the machine but not the IP Cam.The way I did this was ...

I am manually sending MDNS response packets from the server using SCAPY to the mobile (Both in same network) when it looks for a chrome cast (The cast device is in another network).

The packet is been sent to the 224.0.0.251 by the server, I have seen it log in wireshark. (The packet I copied when the actual cast connection was happening when the chrome cast is in same network as the mobile),

I also ...

This question is very similiar to this

In sumary you need local access to the server or RDP into it, but because I'm running a "domained" Server Core how do I install a SSL certificate?

Is it better to install the AD CA role, or is it possible install the certificate locally and how?

Thanks for the help :)

EDIT

After a more carefull analysis the CA of my SSL Certificate (ZeroSSL) only a provides a  ...

From pptp documentation, defaultroute and replacedefaultroute are used to route all traffic through PPP0 tunnel.

with these options, route -n results:

0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0

this results in internet traffic going through ppp0

However this isn't what I want to use the ppp0 tunnel for. How do I get all internet traffic through wlan0 but still have a VPN  ...

I have been following some tutorials online, and I have gotten my flask app up and running. I have added domain names, and they work correctly. However, now im trying to use Certbot to get a SSL certificate for nginx.

This is the command since I already have created the certificate.

certbot install --cert-name domainname.com

I keep getting the error:

Saving debug log to /var/log/letsencrypt/letsenc ...

Using an in-prem kubernetes installation on baremetal (Ubuntu) servers, installed with kubeadm.

Kubernetes version is 1.25.3

Need to have multicast on a pod's loopback for the automated tests running, and I didn't find a way to get it. For a single-pod scenario it's probably possible by using the host network in yaml:

hostNetwork: true

But it's not an option in our case since we have multiple pods  ...

Checking the service shows the following:

firewalld.service
   Loaded: masked (/dev/null; bad)
   Active: inactive (dead)

So i tried forcing it to shutdown

[root@localhost ~]# ps aux |grep firewalld
root      1414  0.1  0.5 363088 31968 ?        Ssl  19:40   0:01 /usr/bin/python                                                                  2 -Es /usr/sbin/firewalld
root      1737  0.0  0.0 112 ...

After getting certbot certificates i get the following error when doing nginx -t :

nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80,ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Here is my server  ...

I have a trivial systemd service (called "testpath") which simply prints some output to be captured by the journal. The journal is intermittently and unpredictably losing part of the output. The behaviour seems so erratic, and the test case so trivial, that it's hard to see how it could be any kind of intended behaviour.

Can anyone offer a explanation in terms of expected systemd behaviour? Faili ...

I'm using MariaDB on Ubuntu 22.04 running on a Proxmox container (LXC). I have two instances for two different services, but since upgrading from 21.10 to 22.04 both instances completely freeze once every 1-2 days.

Trying to restart MariaDB doesn't work, because it's frozen and won't close. For the same reason even trying to reboot the container doesn't work, and the only way to unfreeze it is to ...

I am running a local web app on my dev machine. And I want to reach my local web app from a test machine (a phone).

I set up Nginx to listen on port 8888. My test machine can reach my dev machine at this port.

Requests that should go the local web application are reverse-proxied from port 8888 to the local web app port 3000. These requests work fine.

Requests that should go to the internet are forward- ...

I'm using MacOS Monterey 12.6.1 with Homebrew 3.6.6 and MariaDB 10.8.3

The OS crashed out of nowhere and rebooted itself. After the reboot I was unable to connect to the database: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

Current results of "mysqld" command:

[Note] mysqld (server 10.8.3-MariaDB) starting as process 12300 ...
[Warning] Setting lower_case_table_names=2 because ...

Currently, DMARC only requires aligned DKIM or SPF.

However spoofing SPF is relatively simple for an experienced hacker:

• You should only control a single IP address in the often large SPF range of e-mail service providers (Microsoft, Google, Mailchimp, ...). It may be even possible to legally do so if the list contains out of date IP addresses.
• Or you can try to use a bug/hole in the sender verification  ...

I have a Postfix/Dovecot email-server set up, and it all works really well, but when I try to add the email to well-known email clients (e.g. Outlook) it will say the email settings could not be discovered or something of that nature, I then have to fill in the email settings myself (by these settings I mean servers, ports other stuff like that) and then it will work. This made me wonder whether there i ...

I have a problem with crond (dated 13Feb21) on my Slackware 14.2 x86_64 (Linux version 5.12.10) server.

I have a script that crond runs every minute that accesses an external device for current data and logs it to a file. I will call the script Script1, and it runs fine.

I also have anther script that runs every minute and it processes a file that is larger in size each time the script runs. As re ...

The job is person demographic matching/consolidation.

I have incoming person demographic information which I need to determine if it is a match against an existing person in the a dataset. I get the following data;

NAME_LAST VARCHAR2(40), 
NAME_FIRST VARCHAR2(40), 
NAME_MIDDLE VARCHAR2(40), 
NAME_MAIDEN VARCHAR2(40), 
RESIDENCE_ADDRESS VARCHAR2(60),
RESIDENCE_CITY VARCHAR2(50), 
RESIDENCE_STATE VARCHA ...

I recently moved my website from Hostgator to an Amazon Web Services' EC2 instance. From a few days later people/bot started posting spam messages in the forms that are on the website. Is there anything technical that may have triggered this? Is there anything that a system admin can do?

(The messages are being posted through the forms, they are not being sent using any API or by hacking into the ...

I need to allow some IP ranges through Cloudflare, for receiving a webhook.

Setting them through WAF -> Tools one by one works, but I have some /28 subnets masks that are not allowed there, because:

Only an IPv4 range (CIDR) value of /16 or /24 is allowed for IP Access Rules. Use Firewall Custom Rules and IP Lists instead.

I created a list and tried adding it in Firewall rules, ie. (ip.src in  ...

There are two v2ray servers A and B with similar configurations but A works as an intermediary (vmess+websocket on both inbound and outboud) to reach B.

I want to make A to send incoming DNS queries to its localhost:53 where CoreDNS is listening on. How to do it?

I've done this in A:

...
    {
      "protocol": "dns",
      "tag": "dns_out",
      "settings": {
        "address": "localhost",
      ...

I am trying to figure out where a connection is getting dropped in a complex SDN environment that involves a combination of nftables rules and an OpenVSwitch switch with complex flow rules.

I have a connection originating from 111.222.73.199 (not a real address), targeting (also not a real address) 222.333.61.241. The destination address is accessible through a VLAN interface on the target host:

I am currently running an nginx server in front of a number of minio servers. Each minio server runs on its own port on localhost for a single user and nginx is used for SSL termination and forwarding to that internal process. The nginx config looks like this:

server {
    listen              9000 ssl;
    root                /opt/local/share/nginx/foo.rna.nl;
    server_name         foo.rna.nl;
    ssl ...

On Oracle Cloud server, I have set up a Wireguard VPN Server running Ubuntu Server 20.04. Then, I have set up a Raspberry Pi LEMP Web server as the VPN client to the Oracle Wireguard server. My Raspberry Pi LEMP Server successfully obtains the exact IP address of my Oracle Wireguard Server, and tunnels its traffic through the Oracle Wireguard server. This all seems to work. However, Now I am having a st ...

I am running a server with Any ubuntu Control Panel for Canonical Ubuntu aarch64 22.04. Ampere (Arm processor)

I wonder if there is any good Control panel that will work with this ?