• iptables linux firewall recommended rules for public computing


    Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything): # Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018 *nat :PREROUTING ACCEPT [160:19844] :INPUT ACCEPT [4:357] :OUTPUT ACCEPT [2955:182236] :POSTROUTING ACCEPT [2955:182236] COMMIT # Completed on Fri Dec 14........
  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~] BootModuleConfig.sh echo host-ind nfcd........
  • Apache htaccess Custom ErrorDocument not working properly for root home page 403 Error Issue and Solution


    So I have a domain "testdomain.com". Inside test domain.com's root is the following .htaccess: Options +FollowSymLinks -Indexes ErrorDocument 403 /launch/index.html Order Deny,Allow Deny From All Allow From 192.168.1.2 When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html It will show the right error in /launch/........
  • ffmpeg how to watermark and concatenate in one command


    If you were in my boat you were frustrated that you had to double encode, eg. one separate encode for watermark and a separate from concat and it's not easy to figure out this with ffmpeg on your own. However it is a nice way to save time! ffmpeg -i file1.mp4 -i file2.mp4 -i file3.mp4 -i watermark.png -filter_complex "[0:v]setpts=PTS-STARTPTS[v0]; [1:v]setpts=PTS-STARTPTS[v1]; [2:v]setpts=PTS-STARTPTS[v2]; [v0][0:a][v1][1:a][v2][2:a]concat=n=3:v=1:a=1[v][aout]; [v][3:........
  • ffmpeg trouble concatenating similar but different files


    When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right. Solution for me: My example uses 3 videos in total so "n=3" and a=1 to include audio. ffmpeg -threads 12 -i file1.mp4 -........
  • ffmpeg Unable to Use Hardware Encoding with Nvidia 3.40 Driver and GT210 card


    I believe from what I've read that this card's driver doesn't support the features after trying all known troubleshooting methods. ffmpeg -i uservideoRendered.mp4 -filter:v hwupload_cuda,scale_npp=w=1920:h=1080:format=nv12:interp_algo=lanczos,hwdownload -c:v hevc_nvenc -profile main -preset slow -rc vbr_hq -c:a copy uservideoRendered.mp4-test ffmpeg -i uservideoRendered.mp4 -filter:v hwupload_cuda,scale_npp=w=1920:h=1080:format=nv12:interp_algo=lanczos,hwdownload........
  • ffmpeg Linux Mint download, compile and install howto


    #if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2 tar -jxvf ffmpeg-3.3.2.tar.bz2 cd ffmpeg-3.3.2/ ./configure --disable-yasm install prefix /usr/local source path ........
  • Openshot 2.2 is very unstable always crashing in Linux Mint 18.1!


    Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user: Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4 Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
  • use ffmpeg to watermark videos if mencoder/bmovl fail


    If you have this problem: http://realtechtalk.com/mencoder_bmovl_error_vf_bmovl_Unknown_command_Ignoring_-1860-articles Then ffmpeg is for you. Go here if you are using Linux Mint and cannot find or install it to use an external PPA........
  • OpenVZ vzctl update changes how iptables work - iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. updated solution


    Are you getting the same old error message even though your iptables settings for OpenVZ are correct? iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. The reason is because in newer vzctl the old way of setting IPTABLES="" in vz.conf is completely deprecated (I spent some time fiddling wondering why my settings were correct but........
  • Postfix how to secure outgoing authenticated e-mails for privacy and hide the IP address, mailer and other things


    The most common solution is to use the /etc/postfix/header_checks but this is a big problem. Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible. I adapted this solution to the client's custom config, they are configur........
  • Asterisk iptables block bruteforce attacks howto with fail2ban


    yum -y install fail2ban vi /etc/fail2ban/jail.conf [asterisk-tcp] enabled = true filter = asterisk action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp] sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com] logpath = /var/log/asterisk/messages maxret........
  • iptables v1.4.10: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)


    I have iptable_filter loaded on the hostnode so I don't understand this issue.........
  • Thunderbird How-To Copy/Backup/Restore Accounts and Settings to Another Computer


    The best way is to use rsync, I've set it up so it doesn't copy unnecessary files, or at least ones I'm sure aren't needed. Here is the rsync command Iused (adapt to your specific Thunderbird profile location): rsync -hazv user@remotehost.com:/home/user/.thunderbird/sbrer.default/* /home/user/.thunderbird/4nyb0.default/ --exclude=global* --exclude=Cache --exclude=ImapMail --exclude=Mail This is a great way to get your e-mail accounts going on a new c........
  • ip_conntrack: table full, dropping packet. solution for Linux RHEL/Centos/Debian


    ip_conntrack: table full, dropping packet. A lot of clients I've seen have this issue, it really seems the default level is way too small. Once this connection tracking table becomes full then packets get dropped which is obviously a bad thing. One thing to be mindful of though is that 350 bytes of memory are used per entry so there is some justification for not keeping it too high. However, if you have multiple servers running or high traffic daemons........
  • bash script remove non-printable special characters/white space


    In bash you test like this for problems that can be caused by non-printable characters since if you don't know how to identify it because it basically breaks your script. echo "url=$url" should print something like this normally if you have properly formatted input/text: url=::http://someaddress.com:: But if you have some weird hidden characters (not visible in a text editor of any sort you'll get something like this ::l=::http://s........
  • iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) - OpenVZ Container Problem iptables module problem solution


    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below. The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted. How To Enable IPTables Modules in OpenVZ........
  • How to view UDP and other protocol connections?


    netstat is weak and can't show udp connections and most other protocols, use "ss" which is what netstat should have been: The "-u" switch stands for udp, here's a list of other options: Usage: ss [ OPTIONS ] ss [ OPTIONS ] [ FILTER ] -h, --help this message -V, --version output ver........
  • List of Free Public DNS Servers IP Addresses


    One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service. The other danger with such widely used and pu........
  • Enable SPAMASSASSIN on Postfix in 5 minutes


    Centos 5 Postfix and SPAMASSASSIN Tutorial yum install spamassassin chkconfig spamassassin on vi /etc/mail/spamassassin/local.cf ############## #required_hits 5 #report_safe 0 #rewrite_header Subject [SPAM] #5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives require........
  • Thunderbird copy filters to other accounts


    cp msgFilterRules.dat /other/mail/folder edit msgFilterRules.dat change all instances of your old mailbox: actionValue="mailbox://joes@mail.server.com/name" to: actionValue="imap://joes%40server.com@mail.server.com/INBOX" sed s/'actionValue="mailbox:joes@mail.server.com'/imap://joes%40server.com@mail.server.com/g msgFilterRules.dat-........
  • Realtek r8169 1gbit/1000mbit NIC/Ethernet Goes Down/Halts on Large File Transfer/Heavy Network Usage


    This is obviously a bug in the r8169 kernel module and it seems to affect a lot of people. I upgraded to the latest kernel and hope this won't happen anymore, as it is a very serious error. This is especially serious for those who are running servers with this chipset, who can afford for the NIC to randomly go off-line for no apparent reason? [655548.189113] type=1505 audit(1277067560.902:5): operation="profile_load" name="/usr/bin/freshclam&q........
  • Openvz Enable Most Common iptables modules


    The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ. 1.) Add the modules to iptables and restart iptables: vi /etc/sysconfig/iptables-config Edit the line as so: IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp" 2.........
  • Telus + 2Wire 2700 Router Horrible


    Telus + 2Wire 2700 Router HorribleWell first of all let me say this is the only router/switch that sometimes seems to crash/disconnect computers on the local network. This device also thought it would be smart to block VOIP packets coming from my Sipura ATA VOIP adapters so I disabled the [quote:cb89ba7bff]"Invalid TCP Flag Attacks (NULL/XMAS/Other)"[/quote:cb89ba7bff] option Then all of a sudden I couldn't get onto any web pages, the wireless........
  • OCFS2 crash


    When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it. More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things. Output of /var/log/messages for OCFS2 Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........
  • Latest Articles

  • Virtualbox Error Cannot register the hard disk because a hard disk with UUID already exists solution
  • kernel: [549267.368859] mate-terminal[7871]: segfault at 2000000101 ip 00007f5d0a9548f0 sp 00007fff7012c610 error 4 in libgobject-2.0.so.0.4800.2[7f5d0a920000+52000]
  • apcupsd how to setup and monitor APC UPS units
  • How To Password Reset, Recover, Bypass, Remove and Unlock on Windows 10,8,7,Vista,XP,NT,2000,2003,2008,2012,2016,2019 Administrative Login Programs
  • Nvidia Ubuntu Linux Screentearing Video with solution driver
  • ?? Question Marks for time, permissions and size of a file?
  • mdadm how to stop a check
  • access denied by acl file qemu-kvm: bridge helper failed
  • Linux NIC connecting at 100M instead of 1000M gigabit speeds? It could be overheating
  • "This kernel requires the following features not present on the CPU: cmov Unable to boot - please use a kernel appropriate for your CPU.
  • http://vault.centos.org/5.9/os/i386/repodata/filelists.xml.gz: [Errno -1] Metadata file does not match checksum solution
  • Linux Ubuntu Wifi Disabled Only Works When Laptop Plugged Into Wall AC Power
  • CentOS 6 impossible to compile a newer libguestfs
  • chroot
  • How To Get Started on Ubuntu with gpt-2 OpenAI Text Prediction
  • Remove cloud-init in your VM
  • QEMU-KVM KVM Command Line Practical Guide
  • Linux How To Change NIC Name to eth0 instead of enps33 or enp0s25
  • virt-resize: error: libguestfs error: could not create appliance through libvirt.
  • Asterisk Does Not Retry When Authentication Fails