Latest Server related questions

I am setting up a robotics platform, which, while in maintenance mode will be connected via ethernet to the ground station. However while in operation, this same device will be connected via WiFi.

The ground station will have a router running DD-WRT where I can do some firewall manipulation.

How can I configure iptables such that inbound packets to a specific port will first be routed to Ethernet (@ .1 ...

For a long time I've been wanting to deploy an OpenID IdP of the ones that didn't caught on that you entered and address, i.e; an OpenID, and the service would take you to your IdP SAML-style where you'd authorize it afterwards, the ones that had this logo: It was even supported on the Stack Exchange Network too; that logo should look familiar to most users here.

However, the fact that that address is ...

I have a program that reads data from shared memory and send it to a non-blocking socket in a single-threaded manner. When I'm hammering the traffic into that application, I can only see the TOP cpu percentage about 60% and not going higher, even the data I pump up into the shared memory is overflowing in the producer side.

I want to understand if this 60% is the true limit or some dubious behavi ...

i want to limit the ssh tunneling per user I did create a user with only ssh tunneling permission ( no shell, no directory ) now I want to limit this user not be able to connect multi devices simultaneously to this tunnel ( I don't want to bind device's mac address to the user since they might change their device or firewall things ). does changing the user maxlogin on /etc/security/limits affect ssh tu ...

I'm new to *bsd systems. Usually in linux-based I add routes like that:

# eth0 ip address
ip a add 10.100.1.2 dev eth0

# gw is accessible via eth0 interface
ip route add 10.100.2.1 dev eth0

# default route via 10.100.2.1
ip route add default via 10.100.2.1 dev eth0

I don't understand what's wrong with my command for openbsd. It's freshly installed with no custom configs at all.

# that's one's o ...

I have a full fledged AD DS running on Windows server 2016. I have a spring app which I am using to authenticate against my active directory database using a simple authentication bind over a ssl connection. I want to examine the contents of all incoming bindRequests to the AD server, whether they succeed or fail.

Furthermore, I want to troubleshoot whether the name form in the bind request is be ...

I have the current network setup: two subnets are connected using an Ubiquiti EdgeRouterX, subnet 1 has a switch mirroring all traffic on that subnet to the router and on subnet 2 there is a host where I want to receive all the mirrored data.

Using a RaspberryPi I managed to send all the mirrored traffic using an IPIP tunnel, but I'm unable to do it using the router.

When I run tcpdump on the router ...

I am curious to understand if there is any documentation around automating and scheduling the data transformation pipelines using GCP+BigQuery+JupyterLab.

For instance, if there are 6 BigQuery tables under a project. I would like to design data transformations on these tables with the help of 3 Jupyter Lab files and aggregate the resultant dataframe to produce a BigQuery table with the help of au ...

So my question is - is there any concern to add a CNAME for one domain controller to provide to copiers and other internal sites/applications?

I read that Active Directory doesn't truly "need" a load balancer so if that's true then providing a "VIP" via CNAME to one specific IP would accomplish my goals.

Example: CNAME Ldap.example.com 10.1.1.2
Existing: domain controller: A dc1.example.com 10.1.1.2

I frequently have to create Directories and set permissions on Samba-Shares which are joined to foreign Domains without Trust Relationship to my "home" Domain.

Mounting and creating Directories works fine

New-PSDrive -Name "F" -PSProvider FileSystem -Root $someNAS -Persist -Credential $admin_in_foreign_domain

New-Item -Path "F:\a\b\testdir" -ItemType Directory

but changing Permissions on that newly crea ...

I have a scenario that repeats itself every few hours. In every few hours, there is a sudden increase in row exclusive locks in PostgreSQL DB. In Meantime there seems that some queries are not responded in time and causes connection exhaustion to happen that PostgreSQL does not accept new clients anymore. After 2-3 minutes locks and connection numbers drops and the system comes back to normal sta ...

We have an SFTP server running using OpenSSH for Windows, with basically the default settings.

An automated client, which I have no control over, sends thousands of XML files at once, and uses a separated connection for each file (open, drop file, close).

This results in the server getting hammered by 20+ connections per second, spiking the CPU up to 80 - 100%. Now this wouldn't be a problem, but I  ...

I have created a container with Debian (Debian 11 template) on top of Proxmox 7.0.8. It is essential that the operating system keep the time synchronized and for this I installed chrony, but it does not start.

journalct -xe dump:

root@pamiweb:~# journalctl -xe
-- Support: https://www.debian.org/support
--
-- A start job for unit chrony.service has begun execution.
--
-- The job identifier is 103811 ...

I have several directories in an ext4 filesystem that I can't delete. When I run rm -rf on the directories ps aux | grep rm shows a status of D for the process. I have tried allowing it to run for several days.

The same directories have the same issue with ls. I have tried to mv and to rsync the directories to a different block device - these commands have the same issue. I can mv directories withi ...

I want to know how I can check why one of my ctrl node and kubernetes consumes more cpu than the others.

I have a cluster with 3 ctrl nodes and 4 worker nodes.

I have an nginx load balancer with the least_conn algorithm to distribute the requests to the ctrl nodes.

Monitoring the resources with the top command, I observe that of the three ctrl nodes, the kube api server process always in the first ctrl ...

we have CentOS server installed on 83GB FS size while the OS disk size is 480gb

how can we increase the FS to use the whole disk (sda, 480gb)?

[root@server ~]# df -kh
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/vg01-lvroot   83G   14G   65G  18% /
devtmpfs                 7.9G     0  7.9G   0% /dev
tmpfs                    7.9G     0  7.9G   0% /dev/shm
tmpfs                  ...

I applied a windows update to Windows 11 and since then I have been unable to connect to remote machines using MSTSC, the error is "An authentication error has occured. The Local Security Authority cannot be contacted." I can connect to the same remote machine from other sources. Googling this focuses on fixing the remote machine, which I have proven isnt the issue.

I have also tried to connect to ...

If you have two rewrite rules, and the first gets applied, does the second use the rewritten result of the first, or the original URL? I cant find this info in the documentation.

I know there are multiple questions about this but none of them fixed my problem. Please don't close my question.

I had created a bash script for itself adding it one by one with ifconfig. I was using those for creating proxies with 3proxy. But after a while it was getting disconnected and slower. I discovered ndppd. It was working on eth0. I have changed a server and it is not working on ens192. I'm  ...

My application uses squid proxy (squid3) and since the requests are sent through a http tunnel to the proxy am unable to fetch some response time parameters like DNS lookup time and TCP handshake time. Am wondering if Squid has any API or logs that contain data like time taken for DNS lookup, TCP handshake, SSL handshake, etc... which I can implement in my NodeJS app.

Thanks in advance !!!

I have a local website on Debian 11 which is rarely used so I thought I might want to start Apache using systemd socket activation when visiting the site and then shut down after few minutes of inactivity.

After installing apache on debian I stop and disable the service with systemctl disable --now apache2.service, then create /etc/systemd/system/apache2.socket with the following content, reload syst ...

I use Kubespray to setup my cluster and run my applications on it. However, my applications need getting client source ip. Therefore, I need set externalTrafficPolicy as Local in svc. But this is not a good solution, especially for building HA applications.

I tried Calico + ebpf, but it doesn't work. (see https://github.com/projectcalico/calico/issues/7252). I aslo tried Cilium and client source ip ...

So couple days ago I installed NGINX 1.23.3 QUIC with Brotli, TLS 1.3, OpenSSL 1.1.1s with HTTP/2 and HTTP/3... so server with fastcgi and php-fpm... when I load site for first time it works with http2 and everything is fine. After reload page, or I visit on site some article or category there is no more domain.com in links... for example https: //example.com/somecat/subcat... with http3 is https ://som ...

I'm trying to set up a Pi Hole to run inside a LXC container on Ubuntu 22.04.

So far I successfully initialized LXC, created the container and installed Pi Hole. The host IP is 192.168.153.2. The container is running on a bridge network with the IP 10.123.145.237.

I then went on to set up a port forward to expose the DNS server of Pi Hole.

$ lxc network forward create lxdbr0 192.168.153.2
$ lxc network  ...

hi I'm running an Ubuntu 20.04.5 server I'm using it for dynamic port forwarding kinda like a vpn but the problem is when I'm downloading something or there is multiple connections ping increases drastically 500ms-1000ms but if I run two tunnels even to the same user and download from one and test my ping from the other the ping is perfectly fine. I've tried tunneling with the root user but still when t ...

I have tried send alert notification for AWS IAM all users activity from lambda python, however its not working, please share any other way to work and find below cloudwatch event patter and lambda code I used in my aws account.

Cloudwatch event patter:

  "source": [
    "aws.iam"
  ],
  "detail-type": [
    "AWS API Call via CloudTrail"
  ],
  "detail": {
    "eventSource": [
      "iam.amazonaws.com ...

here is the crontab for root on my CentOS7 :

# crontab -l
# Lines below here are managed by Salt, do not edit
# SALT_CRON_IDENTIFIER:CLEANCORE
0 * * * * /var/lib/scality/cleancore/clean_core.bash --log --pattern "/var/tmp/core-\%e-\%p-\%t" --maxsize 10G --keep 3
0 18 * * */2 /root/shl/synchro_ADN_To_Scality.sh

The script /root/shl/synchro_ADN_To_Scality.sh did not run last night :

# ls ~/log | g ...

I am trying to create either an iptable or a BPF rule which will only allow Openvpn traffic over udp to my vpn server on destination port 1194 in the hopes of preventing ddos attacks to that port whilst still being able to connect to it. I would normally implement a simple whitelist of me and my friends' ips however one of them has a dynamic ip which changes very regularly so constantly updating my fire ...

Last night our datacenter host had issues filling up their storage (again!!!) and caused all our VMs to drop to r/o. After the admins allocated some more storage, a simple reboot on most of our VMs cleared their filesystem errors with the usual automatic fsck, but a few required it to run manually, halting the boot after the message "UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY". After that, all the VMs ...

I read that NFS v4 requires only port (2049). This is the post I relied on.
However, if I do a rpcinfo -p before starting nfs, I see:

rpcinfo -p
program vers proto   port  service
100000    4   tcp    111  portmapper
100000    3   tcp    111  portmapper
100000    2   tcp    111  portmapper
100000    4   udp    111  portmapper
100000    3   udp    111  portmapper
100000    2   udp    111  portmapp ...