Latest Server related questions

I have 2 Machines:

MachineDev
ens5: 10.41.12.63 (the default net device)
ens8: 10.41.10.111

 MachineProxy
ens5: 10.40.9.106 (the default net device)
ens6: 10.40.2.114

And I want use MachineProxy as proxy to establish a tcp between MachineDev and some ip like 3.117.113.6:443(just a example).

Here is what I set the iptables on MachineProxy

sudo iptables -I PREROUTING -t nat -p tcp --dport 8250 -j DNAT -- ...

I have set up user fingerprint auth on Fedora 37 laptops.

With fingerprint auth as default auth choice, pam is waiting by default for 10 seconds for a valid fingerprint. Now, I would like to reduce the fingerprint timeout from 10s to 3s , as to fall back to passwords more earlier, when using the machine from remote.

I tried to modify the pam config line to

auth  sufficient   pam_fprintd.so   max_tries=1  ...

I'm learning about squid proxy in a Windows environment. I have verified that the list of allowed urls in a notepad file and add it to squid.config file as path of allowed url is functioning well.

However,

I have a question about if it is possible to allow a specific domain in a HTTP port.

I'm unable to connect to my own server, which has a MySQL database which I want to access. I correctly opened the 3306 port on the router and called my internet provider that confirmed so. But when I try telnet x.xxx.xxx.x 3306 it stucks on

Trying x.xxx.xxx.x...

Same with traceroute command, the route seems to go till my PC and then find some blockage and it's unable to reach it.

I checked if there is  ...

I am be able map my NodePort service to localhost using a configuration file like this:

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
  extraPortMappings:
  - containerPort: 32000
    hostPort: 3000
    protocol: tcp
- role: worker
- role: worker

What is the equivalent of extraPortMappings when i use kubeadm to create my clusters?

i have a apache 2 installed on my ubuntu 22.04 server, the server the server was working with multiple sites configured with http://ip_address/site_name and every site was in /var/www/html/site_name .

After an bad installion of another site i lost the configuration of apache and i would like to reconfigure a site as previous config.

Is there somebody that can help me?

Thanks in advance!

<network-listeners>
              <network-listener protocol="http-listener-1" port="8080" name="http-listener-1" thread-pool="http-thread-pool" transport="tcp"></network-listener>
              <network-listener protocol="http-listener-2" port="8181" name="http-listener-2" thread-pool="http-thread-pool" transport="tcp"></network-listener>
              <network-listener p ...

I'd like to have long lived connections(if possible infinite), from app containers to RabbitMQ behind HAProxy 2.8.1.

The problem is that the HAProxy severs the connection at exact client timeout, even though there was communication in the middle of that period.

If the timeout is set to 10 minutes and the RabbitMQ communication occurs at minute 5 of that period, the timeout isn't extended to minute 1 ...

I've installed RabbitMQ on kubernetes(k3s) on ARM (Oracle OCI Ampere A1) using the community docker image.

I'm seeing very regular periodic CPU usage spikes (two series of spikes, both with a period of 60 seconds and offset by about 20 or so seconds). Is this normal? Is there something I can do to reduce these?

This is an entirely empty installation of RabbitMQ, I haven't even tried to connect t ...

A friend of mine asked for help, basically any app listening on some local tcp port on localhost can't be reached. For example a node.js server running on port 8080 or 3000. Executing the command sudo lsof -i -P | grep LISTEN | grep 8081 gives:

node      3109 someuser   23u  IPv6 0x4b0c58c629ba9f33      0t0    TCP *:8080 (LISTEN)

so it seems the app is correctly listening on that port. But when tryi ...

I'm opening a ssh connection and then go into a psql shell. This works, I get the prompt. I can also input commands like "\dt". But I don't get any output. As I can get output in general, I rather think the input didn't get to the remote or psql shell. How can I fix this? I thought the -tt option to ssh already handled it, but apparently not.

Pseudo code:

#!/bin/bash -i
ssh -tt user@host <<<  ...

There is a difference in version between httpd24-httpd installed with Software Collections on CentOS 7.9 and httpd24-httpd installed with RHEL (Universal Base Images).

CentOS 7.9

yum install centos-release-scl centos-release-scl-rh
yum install httpd24-httpd

rpm -q --changelog httpd24-httpd | head -3
# * Tue Sep 20 2022 Luboš Uhliarik <[email protected]> - 2.4.34-23.5
# - Related: #2035029 - CVE- ...

I bought a laptop with windows 11 and installed arch linux on it. The laptop has 3 internal 500GB SSDs. Two of them are in a RAID configuration to make a single 1TB partition which Windows came installed on. I installed Arch on the empty third SSD.

UEFI settings/BIOS recognizes all drives and I can easily boot into both Windows and Arch by changing the boot priority from the settings boot menu. W ...

Now migrating an ISAPI classic application to IIS 10 on Windows Server 2022 Standard.

The application uses path info to call many different functions in the ISAPI app. Calls are now failing with HTTP/1.1 404 Not Found - http//webserver/appfunction .

In IIS 7 there was web configuration file: system32\inetsrv\config\applicationHost.config (see Getting Started with Configuration in IIS 7 and Above.. ...

I've setup a transport rule to redirect all messages from [email protected] to [email protected].

The redirection is working fine, but the support system identifies [email protected] as a participant because it matches the To: field in the original mail header and that will trigger a notification to the same [email protected] address to confirm that a support ticket has b ...

I'm trying to setup a VLAN across my ESXi network and my physical switch network, but fail to get the VMs on the ESXi port group communicate with physical network. Specifically, my VM doesn't see responses from physical network.

The setup:

• VLAN 112 on the ESXi port group
• VLAN 112 on the switch attached to a firewall interface in the same VLAN
• Firewall also works as a DHCP server for that VLAN/su ...

I have a few VMs on a XenServer. One is a RHEL 8.7 running SSH server. Another is a Rocky Linux 8 client and also some other Ubuntu and Windows systems. The Ubuntu and Windows systems can telnet to the RHEL server just fine. The Rocky VM cannot. All static IPs with firewalls disabled. The Rocky system can ping the RHEL machine but not telnet. It just says "Trying " and then fails after a couple minutes  ...

I'm launching a setup playbook for a docker-compose service (apache solr) via extra vars. Those vars are set while executing since this playbook should be flexible and multiple configurations exists on one server.

My idea is, that the user can setup the variable in the ansible ui (ansible semaphore) as string:

• Variable name project_cores
• Variable value (string) main_en:english,main_de:german

I  ...

I have a simple application running inside AKS. I'm trying to get the IP of the source user when accessing the application. I have created an ingress for the application. When I curl -I https://example-app.xyz I see the source IP in the logs of NGINX ingress controller (It just shows as client IP in the logs). My requirement is to do something like below.

annotations:
    nginx.ingress.kubernetes.io/se ...

Got a problem with my service written in C. It runs as an init.d service and has been working fine for many months on many devices. Today I've made some changes in the software and very strange thing occurs. I upgraded the package and noticed that it does not start by init.d, but when I try to run it invoking the command manually it runs perfectly well. That application gives a lot of diagnostic informa ...

I have a VM on Oracle Linux 8.8 I need to install nginx-1.22.1, but only version nginx-1.14.1 can be installed from the official repository:

https://yum.oracle.com/repo/OracleLinux/OL8/appstream/x86_64/index.html

This version nginx-1.22.1 is present in this repository. Also this repository is enabled:

[ol8_appstream]
name=Oracle Linux 8 Application Stream ($basearch)
baseurl=https://yum$ociregion ...

I was trying to make a WordPress plugin work, when I found, after hours of debugging, trial, errors and praying ancient Greek gods, that the plugin did not work because it was impossible for the server to reach a particular file.

The website is hosted in a basic shared hosting environment, so the only thing that can be configured is a .htaccess file. This file is full of rules but I eventually found whi ...

I have written some (intranet) web applications for a small customer of mine (< 50 employees) who have now incorporated a cloud Citrix server into their network for remote access. They still have physical PCs as well. The cloud-based Citrix VDIs are peers on their on-premise network and can see the web server there.

Before the company got the Citrix cloud solution, I had been creating a self-s ...

I've tried everything. Alias, ProxyPass, different config files (sites-available/000-default.conf, mods-enabled/alias.conf). My issue is simple. I have an apache2 server hosted at xyz.com/name/. I'd like to alias xyz.com/name so it is treated as xyz.com/name/ and routing works properly.

xyz.com is the main server (university-owned) and proxies requests to xyz.com/name/, which my server is under.

Apa ...

I'm trying to figure out how to configure a FreeBSD CLI installation to only allow authentication via X.509 certificates. I'm not talking about SSH, I'm talking about locally in front of the server. I'd ideally like to completely remove passwords from the entire infrastructure with the exception of a password on the key used for login, which will only exist in one place. I've reviewed the security manua ...

I did setup a kubernetes cluster using kubeadm. Somehow kubectl refuses to connect to that cluster in non-periodic occasions with an error message as in the following;

The connection to the server 192.168.1.3:6443 was refused - did you specify the right host or port?

I am guessing that my cluster going down and restarting itself? Can someone provide me some insights.

console output

I have 3 specific problems: the first, with the choice of id mapping, the second with the usermap from root to administrator, and the third with remote administration from a windows 10 computer using MMC and RSAT.

The first one, I tried to use 'ad' backend, but on the member server I don't see the users/groups created in the domain, so I can't set permissions on the shared folders. When I switch  ...

I have an Asp.Net Core application running in an Azure Web App and I need it to be able to call itself.

Part of a long-running process in the app needs to be able to open a connection to https://my-app-name.azurewebsites.net/api/check-for-updates.

This works fine in a public-facing environment, it failed on an IP-restricted one until I gave it local VNet access, and it doesn't work at all on an environm ...

Trying to test a dev web service endpoint.

Firewalls and Windows Defender are off on both.

From different machine

Test-NetConnection -Port 80 -ComputerName 192.168.1.5 -InformationLevel Detailed
TcpTestSucceeded        : True

Test-NetConnection -Port 5178 -ComputerName 192.168.1.5 -InformationLevel Detailed
TcpTestSucceeded        : False

When I test on same machine

Test-NetConnection -Port 80 -Comput ...

I'm setting up a reverse proxy that has to forward all the requests to a given url.com/resource. Now, that resource is behind a proxy, so it has to use the CONNECT request. The idea is that squid, once it receives a request, creates an http tunnel using the CONNECT request, and then forwards that request to the desired server.

It does not have to be necessarily squid, it can be any other similar  ...