In our example we take "sound.mp3" and convert it to .wav.
Generally Asterisk for its wave needs one audio channel (-ac 1) / mono and 8000hz (-ar 8000) instead of the standard CD/MP3 of 44100hz.
Here is the command to convert into Asterisk .wav format:
ffmpeg -i sound.mp3 -ac 1 -ar 8000 sound.wav
Errors Asterisk may give you if the format is wrong:
-- Executing [91781891@cme:3] Playback("SIP/234-000........
#Remember that you need a valid gateway IPunless the Asterisk server is on the same subnet and LAN
Set Valid Gateway IP (if you don't have one already)
ip route 0.0.0.0 0.0.0.0 GATEWAYIP
Enable VOIPTrust
voice service voip
ip address trusted list
ipv4 0.0.0.0 0.0.0.0
sip
Set Credentials For Asterisk and Register To Asterisk
sip-ua........
This is how we configure outside PSTNaccess or dialing through another SIPtrunk. Beware that this a simplistic example that neglects most security including SRTP
First you'll need to be in config mode:
Step - 1 Enter Voice Service VOIP security options
There are more options but for now we'll just focus on security/allowing connections to and from our phones and the trunk.
Router(config)#voice service voip
........
In newer versions this is a very stubborn issue. Here is how you fix it.
Step 1 - Create networks.conf
sudo mkdir /etc/vbox/
sudo vi /etc/vbox/networks.conf
put this in:
In our case we can use the slash /16 range of 192.168.0..0, change the subnet accor........
Since newer versions of Ubuntu like 20, you will find there is no longer dynagen and that the dynamips provided is faulty and will segfault each time:
Cisco Router Simulation Platform (version 0.2.14-amd64/Linux stable)
Copyright (c) 2005-2011 Christophe Fillot.
Build date: Apr 3 2018 12:20:29
Local UUID: 3c1c0b7f-2fab-4fda-b40b-74841d1bcfe0
Instance ID set to 1.
netio_tap_create: unable to open TAP device tap1 (No such fi........
Make sure this makes sense for you but I've started to block a lot of commercial Cloud services and easily accessible providers as they are a very high source of abusive traffic. The cost savings for a lot of organizations are huge, as you now have less bandwidth usage and less resource usage from garbage/bot/malicious traffic. This mainly works for when you can be reasonably sure that your audience has no business visiting your service(s) from freely accessible commercial IP ........
Your frontend CDN (eg. Cloudflare or even your own load balancer/proxy) must be sending the X-Forwarded-For and you must be running Apache on the backend.
This solves the problem where your logs and services will only see the proxy/CDN IP and not the real client IP.
mod_rpaf will fix all of this
This solution transparently sets the real IP of the client for Apache and any services that rely on........
yum update
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the onl........
Use gs or ghostscript as below, specify the output file and also the input file.
In the example below the output file is "outputfile-resized.pdf" and the input file is "original-pdf.pdf". Change the input file to the name of your pdf
gs -sDEVICE=pdfwrite -dCompatibilityLevel=1.4 -dPDFSETTINGS=/prepress -dNOPAUSE -dQUIET -dBATCH -sOutputFile=outputfile-resized.pdf original-pdf.pdf
For........
This example is using RTL8821AU chipset from a TP-Link T2U Plus USB adapter and other similar ones should work the same.
Here's how to get this chipset RTL8821AU working in Linux.
Here's how to get RTL8812 and RTL8822 working in Linux.........
apt install tftpd-hpa
#change TFTP_ADDRESS to by setting address to 192.168.1.1:69 or the IP you need, otherwise it will listen on all IPs and interfaces which could be a security risk.
# edit /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="192.168.1.1:69"
TFTP_OPTIONS="--secure"........
This can break things easily in remove environments where it was normally easy to convert a normal eth0 to a bridge under br0, and that bridge would normally have the same MAC address by default, which is desirable for most situations.
In Debian 11 this is different for some reason now.
https://unix.stackexchange.com/questions/681013/bridge-gets-random-mac-........
Assign way more replicas than you have of memory on all nodes and watch the Swarm crash which can easily reproduce in a small VMfor testing.
root@Deb11Docker01:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAM........
The error below can be caused by a gateway that is unpingable:
docker swarm join --token SWMTKN-1-1kogg8da68gtb1j7ezaddowyy9s0an5s9tue758o20k18liskw-5h3f61hrrmv3u6agshvbtcklf 172.16.1.80:2377
Error response from daemon: manager stopped: can't initialize raft node: rpc error: code = Unknown desc = could not connect to prospective new cluster member using its advertised address: rpc error: code = DeadlineExceeded desc = context deadline exceeded........
You can do a static lease that is tied to the MAC address but what a lot of users prefer is that they come into the office or lab the next day and that their device gets assigned the same IP address (if possible).
As we can see in the dhcpd logs that there is threshold that is defaulted as we'll show later. Whatever the threshold is set at, if the lease is younger than the threshold, it will keep the same lease. In other words, if the device goes to sleep or is powered off........
This seems to happen in many different drivers but it happened more often in newer versions such as 530 vs 525.
Then nvidia-modeset goes to 100%
There are many reports of this appearing since driver 4.70 and I can confirm I've seen this in various machines.
https://forums.de........
Have you got this error from Apache?
[notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[error] (28)No space left on device: Cannot create SSLMutex
At first glance it appears that you may be out of disk space but the issue is ipc or interprocess communication.
This will clear out the ipcs processes so things can work, this often happens during high traffic and may be a sign of DDOS.
The command below will fix it, it will list al........
Have you ever tried mounting a partition that you exists but you get this error?
mount: /mnt: can't read superblock on /dev/sda1.
The superblock in this example was bad because the physical disk had corruption and bad blocks/sectors. However, the data was generally accessible and you can always try this trick below (with caution and no warranty).
This is specifically for filesystems that place superblocks in multiple locations, which........
Is python3-pip pip3 not working anymore?
Traceback (most recent call last):
File "/usr/bin/pip3", line 11, in
sys.exit(main())
File "/usr/local/lib/python3.5/dist-packages/pip/__init__.py", line 11, in main
from pip._internal.utils.entrypoints import _wrapper
File "/usr/local/lib/python3.5/dist-packages/pip/_interna........
Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp ........
If you have du, you may want to check your bill, as you can read about a longstanding issue with fraudulent charges showing up and many users claiming they did not subscribe or solicit those offers.
These don't normally show up on new accounts, but they seem to target established users and maybe even users they suspect are not watching their phone or bills, while they are on vacation.
These charges can frighteningly happen with 0 interaction from the user despite what........
A lot of companies are unsure which solution to choose and many may not be aware of Docker Swarm as an alternative to Kubernetes. One thing that many Sysadmins find is that Docker Swarm is simply easier, quicker to setup and maintain by far than Kubernetes.........
When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider?
Choosing the right hosting solution—be it Virtu........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
This is for the situation that you're doing other things that may conflict or have your own custom rules and ufw keeps overriding iptables.
A lot of guides don't work, and even ufw reset does not work, because it still leaves the old ufw chains.
Here is what works to disable ufw completely
systemctl stop ufw
systemctl disable ufw
ufw disable
rm -f /et........
find /usr/share/zoneinfo/|sed s#"/usr/share/zoneinfo/"##g|grep "/"|grep -v posix|grep -v ^"Etc/"|grep -v ^right|grep -v ^"SystemV"
Africa/Addis_Ababa
Africa/Abidjan
Africa/Blantyre
Africa/Lusaka
Africa/Casablanca
Africa/Libreville
Africa/Asmara
Africa/Bujumbura
Africa/Dakar
Africa/Lagos
Africa/Malabo
Africa/Harare
Africa/Kigali........
If you are using a hypervisor to test Proxmox (eg. Vbox) then changing the video card/display adapter can fix it.
For example VboxSVGA causes the issue but switching to VMSVGA fixes it.
For example VboxSVGA causes the issue but switching to VMSVGA fixes it.
........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
This should work for most console ports of other manufacturers too. It is a quick and simple method for emegencies or deploying a few appliances/devices in a non-standard environment or small environment.
However, if this is a route thing, or the equipment is not physically close to you, it would be best to use some sort of "Terminal" server which is an IP connected switch with several serial ports built-in for this purpose. Normally they accessible by web/........
The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself.
I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all.
docker run -it --runtime=nvidia --gpus all ubuntu bash
These works for most images li........
Welcome to our in-depth guide on configuring NVIDIA GPUs with Docker on Ubuntu. This post is tailored for developers, data scientists, and IT professionals who are looking to leverage the power of NVIDIA's GPU acceleration within Docker containers.
Whether you're working on machine lea........
You'll notice that /etc/resolv.conf contains dire warners on most Linux Desktops.
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use........
Just hit **# on the keypad and the CIPCwill enable the button in settings for a factory reset. Sometimes the phone may run into issues or may be unable to register to another tftp server (eg. another CME or CUCM server) due to a bug or maybe due to the security settings tying it to a specific server.
Step 1 - Click Settings
Step 2 - Hit "**#"........
So you started a process or other important task that is remote but it is in the foreground and on a pts. This means if you background with Ctrl + Z or otherwise logout or get disconnected that the process will be stopped.
Here is how you can solve the problem:
1.) Hit Ctrl + Z to suspend the process.
2.) Type bg to restore the process into the background. If you do a ps aux on the process you will see it was restored with the & at the end, which puts........
By default if you create a private key for SSH, it will create something like .ssh/id_rsa
Linux will always search for and offer this key when connecting to servers.
If you put extra keys in your .ssh directory like id_rsa_realtechtalk.com, they will be ignored by default and NOT used or offered (you can verify this with ssh -v) and see it is not being offered.
Here is how you add the extra SSH keys so they are all offered:
#this gives........
A lot of developers want to go to 3.11 because of the speed improvements, but most distros never have the latest Python version.
Using the deadsnakes third party repo is the easiest way aside from compiling it yourself (which is safer and recommended):
Step 1 - Add the repo
apt-add-repository ppa:deadsnakes/ppa
If you get an error about requests then install it:........
This sort of thing normally happens your python3 or pip3 has been updated, because you have to in order to use pip, but the newer pip now breaks compatibility with your old python (3.5 in this case).
There are a few solutions, the easiest is perhaps to upgrade to a newer OS with a newer distro provided Python 3 or to manually install a newer version of Python/OR use a PPA like deadsnakes that provides newer versions.
........
haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx.
haproxy is used by many large sites per Wikipedia:
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
If you are installing ta-lib for Python and get this error then you can normally solve it by manually getting the ta-lib source files and compiling.
tar -zxvf ta-lib-0.4.0-src.tar.gz
cd ta-lib;./configure;make;make install
Collecting ta-lib
Downloading https://files.pythonhosted.org/packages/39/6f/6acaee2eac6afb2cc6a2adcb294080577f9983fbd2726395b9047c4e13ec/TA-Lib-0.4.26.tar.gz (272kB)
&nbs........
If you plugin your phone to your computer and enable USB File Transfer/Allow on the phone side but the contents of your phone on the computer side are empty in the file manager, you probably don't have mtp-tools.MTP or media transfer protocol is the standard protocol that most phones use to communicate over USB to the computer.
Just do this to fix it and get access to your files:
apt install mtp-tools
After that you should be a........
Virtualbox is a very powerful tool, but for some use cases it is less than optimal.
Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet.
NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
In this example we install debian 10 with --variant=minbase which gives us a minimal/tiny install. Don't use variant if you want the full size install.
mkdir /tmp/deb10files
debootstrap --variant=minbase buster /tmp/deb10files/
Did you get an error?
debootstrap --variant=minbase buster /home/theuser/VMs/deb10files/
You'll get this error if you make a directory in your home........
You can read lots of posts about this issue but there is not much information about why this is the case or how grub determines the root= device name. Some even suggest modifying grub.cfg manually which is a disaster as the next kernel update will cause grub to revert back to the device name.
For most people this won't be an issue but those using template system, automated deployments and working in embedded may run into this issue with custom embedded and created minimal kernel........
Remember that control connections are established on port 1723 and then actual data is transferred over GRE protocol 47.
If you have a NAT setup this will work without special forwarding or accepting of GRE packets (normally if you are not blocking outgoing connections and accepting established and related connections).
The below two commands will get things going so PPTP and GRE work
We first load the ip_nat_pptp module which allows PPTP to work with........
Have you checked your router/firewall logs and disconcertingly see connections to an unknown IP207.246.119.209:3478 from your Grandstream VOIPphones?
You're not alone and the Grandstream forums have discussed this issue.
However, even their own staff d........
So say you happen to have 2 NICs of the exact same chipset, they will generally show up as the same name, with possibly a different revision in lspci. Normally this is not an issue if you have a server with 4 NICs, generally the eth0 to eth3 appears from left to the right (or right to left on some vendors) so it doesn't take much figuring out.
Generally if you have different chipsets for different NICs, it should be easy to know which one is eth0 or the first NIC in the OS.........
If you find your NAT Network is not working properly, the first thing you may want to do is list the networks, check their status and make sure the Network is actually started and configured as you expect (eg. is DHCP on and enabled?).
This is a long known, unresolved bug that seems to affect Version 6 randomly and disportionately on especially Mint 20/Ubuntu 18.
https://www.virtualbox.org/ticket/1474........
Are you new to the company, datacenter or a third party who is responsible for deploying a fleet of servers from scratch.
The first step is to normally login to the KVM so you can perhaps manually reinstall, PXE boot the Cloud Image or reimage/reinstall an OS but you need access to the KVM/IP or what Dell calls iDRAC.
It's common that you may have forgotten this information or that another employee or colleague has changed the info and did not tell you, that they have left the........
Later versions of ls try to be helpful and smart to prevent errors in dealing with files with spaces that were tradtionally a pain.
However if you need the raw/real filenames, this can break scripts or if you are pasting into a csv etc....
How do you make ls not add the quotes?
Add the capital "-N" switch
ls -N
You could also add an alias to make it more permanent
Do this to add it to ~/........
If you are converting a generic wifi IP camera to ethernet, it may not be that simple as many are default hard coded to a static IP of 192.168.1.168 and login info admin/admin.
From there you can login to the camera and assign it to DHCP by going to http://192.168.1.168
For security these cameras +DVR should be on a separate untagged VLAN or if possible a physically isolated non-internet connected switch/network.
The reference below is applicable to many of the r........
Docker adds iptables rules that break a lot of things including MASQUERADE or anything that needs the FORWARD table. If NAT is not working after Docker installation, it is probably because it set the iptables FORWARD policy to DROP.
This may also make you think that your br0 or bridge is not working, but it's likely just due to what we'll mention later on below, that, Docker probably set your FORWARD chain to default DROP all packets, so nothing on your bridge ever makes it out........
Router#show license
Index 1 Feature: ipbasek9
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
Lic........
Solution for python pip3 not working anymore
from pip._internal.cli.main import main
File "/usr/local/lib/python3.5/dist-packages/pip/_internal/cli/main.py", line 60
sys.stderr.write(f"ERROR: {exc}")
wget https://bootstrap.pypa.io/pip/3.5/get-pip.py
python3 get-pip.py
DEPRECATION: Python 3.5 reached the end of its life on September 13th, 20........
pip3 install requests
Traceback (most recent call last):
File "/home/user/.local/bin/pip3", line 7, in
from pip._internal.cli.main import main
ModuleNotFoundError: No module named 'pip._internal'
As a quick and temp fix call the OS installed python and not the user .local/bin installed pip3
/usr/bin/pip3 install requests
Collecting requests
Cache e........
If you are in enable mode and make a typo, the router will treat it as a domain name and try to resolve it, and if it can't resolve it, you'll have to wait until it times out.
Here's how to solve the Translating domain server error in Cisco
Enter this in config mode:
no ip domain-lookup
Be sure to sav........
How To Fix This Cisco Switch/Router Error %Error opening tftp
%Error opening tftp://10.0.2.2/network-confg (Permission denied)
%Error opening tftp://10.0.2.2/cisconet.cfg (Permission denied)
%Error opening tftp://10.0.2.2/router-confg (Permission denied)
%Error opening tftp://10.0.2.2/ciscortr.cfg (Permission denied)
%Error opening tftp://10.0.2.2/network-confg (Perm........
Adding a default route is very simple with this command
Just replace 192.168.1.1 with the IPof your GW.
ip route add default via 192.168.1.1
How can you delete this default route if you messed it up?
It's just the opposite with "delete" instead of add
ip route del default via 192.168.1.1
This is the equivalent of the "route command's" route add default gw 192.168.1.1........
cat /proc/mdstat
Personalities : [raid1] [raid10] [linear] [multipath] [raid0] [raid6] [raid5] [raid4]
md124 : inactive sdj1[0](S)
1048512 blocks
Solution, we "run" the array
sudo mdadm --manage /dev/md124 --run
mdadm: started array /dev/md/0_0........
Just an FYI that the installer ignores your selection of Boot Loader, as it was intended for MBR/Legacy. The installer horribly, even when choosing "Something Else" and manually partitioning and creating an EFIin your install drive, will still install grub to the first EFI partition it finds, even if you are following a guide like this to avoid wiping out the M........
Here is how Ifixed it on a Mint/Ubuntu install
1.) First download the latest AMDGPU-Pro driver from here:
https://www.amd.com/en/support
Navigate to your relevant video card:
2.) Download the installer
One issue is that by default they give you a version for the latest version of........
Just use apt-cache policy to find the repo of a package:
apt-cache policy lxd
lxd:
Installed: 3.0.3-0ubuntu1~18.04.2
Candidate: 3.0.3-0ubuntu1~18.04.2
Version table:
*** 3.0.3-0ubuntu1~18.04.2 500
500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
&nb........
Sometimes manual intervention on various Linux system's, including Debian, is required to fix things after waking up from sleep.
One persistent issue is the sound system / pulseaudio needing to be reset and not working until you do that after waking up. It's not clear if it's an OS issue itself or the sound driver, but this will fix things.
Where do we put scripts or commands that need to be used upon wakeup automatically?
/lib/systemd/syst........
ID3 2.4 can cause various MP3 players, especially on vehicles or even computers, not to play or at least not to display the ID3 tags.
In many cases though, since ID3 2.4 is much different than version 2.3, it will cause some players, especially in cars like Lexus not to play. Even on the computer, you may notice if you check the properties of the MP3 that it won't open or show any details (eg. frequency, bitrate and ID3 tags).
One symptom of this in a vehicle (eg. Leuxs,........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
If you are using mint, delete the preference that stops snap from installing (as it is required for lxc)
sudo rm /etc/apt/preferences.d/nosnap.pref
1. Install lxd:
sudo apt install lxd
Issues install lxd or errors? Click here
Debian at this time does not have lxd so you'll need to use snap:
sudo apt in........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
This happens during an apt update and is related to an issue with sources.list, which is particularly troubling, if you are doing a "live-build".
P: Configuring file /etc/apt/sources.list
Hit:1 http://deb.debian.org/debian bullseye InRelease
Get:2 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB........
(firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory)
ExceptionHandler::GenerateDump cloned child 9743
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
[Parent 9562, Gecko_IOThread] WARNING: pipe error (40): Connection reset by peer: file /build/firefox-EymEXX/fire........
There is a random bug that sometimes occurs with Vbox NAT mode DNS, although it has never happened in the past and Vbox was working fine until recently.
The symptom is that you can see it does get an IP+ DNS from the Vbox NAT DHCP.
Below we use resolvectl dns and verify the DNS server is set to 10.0.2.3 which is the DNS from Vbox NAT. We can ping it but it does not respond to any DNS requests when we use dig @10.0.2.3 realtechtalk.com........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Have you been given a Zoom password that the meeting owner says is correct but it doesn't work anymore or never works?
If the meeting name says "Zoom Meeting" and it's not really named that (which most meetings are not), then the issue is usually that there is an initial password to be able to join, aside from the passcode. It basically means that Zoom has deauthenticated you randomly or maybe after X amount of uses, without clicking on the Join Meeting URL which contains a........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
In our 2024 VPS Server/Cloud Buyer's Guide, we place the location of your VPS/hosting/server as one of the priorities that is often overlooked.
2024 Update - Datacent........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
Let's say we have an IP that is dropped by iptables 192.168.20.2
service iptables status|grep 192.168.20.2
184 DROP all -- 192.168.20.2 0.0.0.0/0
You can use iptables itself like this to list the line numbers:
iptables -L --line-numbers
Two Ways To Delete The iptables Rule........
1. Let's work from an environment where we can install Ansible on.
If you are using an older version of Linux based on Mint 18 or Ubuntu 16, you may want to get the PPA and get the latest version of Ansible that way:
sudo apt install gpg
sudo add-apt-repository ppa:ansible/ansible
sudo apt update........
Are you getting this error in Proxmox while trying to apt update or install Ceph?
apt update
Hit:1 http://security.debian.org bullseye-security InRelease
Err:2 https://enterprise.proxmox.com/debian/pve bullseye InRelease
401 Unauthorized [IP: 144.217.225.162 443]
Hit:3 http://ftp.hk.debian.org/debian bullseye InRelease ........
How To Enable HA in Proxmox
Test Your HA
Shutdown the node that has the HA VM.
........
zip is useful to share files across multiple platforms.
A simple way if you want to zip all pdfs:
zip Labs.zip *.pdf
If you want to zip everything in the current directory and subdirectories do this:
zip -r stuff.zip *........
Just install these packages and restart the VM:
1.) Enable guest-utils on the host side:
sudo apt install virtualbox-guest-utils virtualbox-guest-x11
2.) Enable guest editions on the VMside
This must be done for each VM that you want to have the guest additons for accelerated GPU performance and for drag and drop/clipboard sharing
First insert the Guest Addtions CD image........
Kubernetes Easy Beginners Tutorial/Architecture Guide
Kubernetes is known as container orchestration and we should start at explaining the container part of it.
A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
This assumes that you've already installed the relevant HWIC cards eg. Cisco Asynchronous Serial NIM
These are essentially cards that you install into your router, once installed you connect an Async cable to one of the ports on the card which normally gives you 8 console cables and are normally labelled 1 through 8.
You connect all of the cables to the devices you need (even non-Cisco devices) whether switches, routers or firewalls, they will usually work.
The real m........
A lot of older devices either support telnet or very old SSH keyx algorithms which are insecure and disabled by all newer/modern SSH clients for security reasons. However, sometimes you may be on a LAN via VPNor some other secured network or for whatever reason, absolutely, need to connect to this device and sometimes old/embedded devices may not be possible to update to a newer SSH server.
If you run into this you may be using a modern/newer SSH client and get thi........
This seems to be an ongoing issue that is still reproducable in the latest Ubuntu Vbox 6.x.
The default NAT Network range is usually 10.0.2.0/24. If you change this range it does not seem to work properly.
Say we change the range to 10.50.1.0/24
If you get a new lease you will find that you get an IP from the old range but the default gateway is from the new range.
........
So you're trying to browse to a properly configured Samba share but you get this error:
Unable to mount location
Failed to retrieve share list from server: Connection timed out
If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it.
You can test this out to see with the smbclient tool........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
It seems that QEMU/KVM's default PS2 mouse and keyboard doesn't work right in most cases. I have especially observed issues using Ctrl+C and Ctrl+V and in Linux you may see repeated key presses in the terminal and you will wonder why you copied something and it's not in the clipboard when you try to paste. The way to temporarily fix it is to press the key that is repeating once(works in Linux but not really in Windows).
Sometimes when moving your mouse it will also s........
Many people may not be aware that you can turn commodity hardware into a Mikrotik OS and there are various options which is "CHR" (Cloud Hosted Router) which is a VMimage meant for Virtualization only (seriously, I've tried to dd the image to a physical server and it just crashed as it does not contain any drivers for physical).
One note as well if you are trying to do a baremetal install you may get an error "Error Loading Operating System" or........
It took a lot of fiddling to make a Huion Kamvas 13 Pro work in Linux but it simple once you know what to do. Don't bother searching as it is unlkely there is a guide out there that will actually make your tablet work.
It mainly comes down to the fact that the hid_uclogic kernel module is buggy or doesn't support MANYof these wacom based/Huion tablets properly.
What was happening with me is that Ihad the Kamvas 13 Huion setup as a secondary screen/monitor.&nb........
This normally works but if not use my mencoder solution if the output video does not play past the joined time.
the contents of list.txt need to look like this:
file somefile.mp4
file somefile2.mp4
then run ffmpeg
ffmpeg -f concat -i list.txt -c copy CME-2-router-dial-peer-final.mp4
The result is almost instant joining since there is no video processing since we are........
A very common use case is that you don't want to waste time using a video editor that requires you to open it up and manually import the video clip and audio clip, then manually delete the old audio track and import the video and new audio. That's too much work and time since we don't want to go through the hassle.
ffmpeg is our solution, all we have to do is specify 3 variables and we're done!
-i Windows2019-Server-Noaudio.mp4 is our in........
The idlepc value is very important to dynamips and it is both image and often CPU dependent. There is no "magic"value that will work for all images and all CPUs so this is why I'll show you a quick and handy way.
Also don't be disappointed, some values do not work well but idlepc gives you several. For example in my example below #6 didn't help at all but #7 got me down to about 6% CPU from 99-100%.
*Befo........
This tutorial will get your router up and running using emulation tools. In this case we'll be getting a Cisco C7206 (C7200 series) VXR router going which also supports SCCP VOIP services.
dynamips is the emulator itself and dynagen is the front-end tool that helps us control everything. It is used by tools such as gns3 and eve-ng.
Together the two tools (dynamips and dynagen) allow us to create and emulate REAL router........
This assumes your system is a fresh and normally working install.
What often happens is that many new devices have multiple audio outputs which are generally analog and HDMI/Digital out. Sometimes the OS defaults to the wrong one that you didn't want.
For example if your sound is supposed to play over the HDMI, perhaps the output is set to analog or vice versa.........
Before you try to install and dual boot it is very important to understand the concept of "what boot mode your BIOS is in" and "what mode you booted the installer to".
Then follow the example of Linux Mint (but most Linux installers are very similar)to carefully understand WHERE you are installing your Boot Loader to whether that be MBR or EFI.
How Am IBooted?
First it's important to check your BIOS to see........
kernel: [549267.368859] mate-terminal[7871]: segfault at 2000000101 ip 00007f5d0a9548f0 sp 00007fff7012c610 error 4 in libgobject-2.0.so.0.4800.2[7f5d0a920000+52000]
This seems to be a long-time bug in Mint mate-terminal where you sometimes move or detach a terminal and it crashes losing all of the other open terminal sessions.........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
This seems to happen on most if not all Nvidia cards but the good news is that if you are using any of the Linux drivers and have the nvidia-settings tool installed it is just a simple command.
Solution:
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceFullCompositionPipeline = On }"
Enter the above command in your terminal and the screentearing will be fixed which is like enabling Tear Free on AMD cards.&........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
Unless you are using OpenStack, AWS etc then cloud-init is just some bloat that slows down the booting of your VMand can actually halt it from booting if it doesn't have a proper working IP (not good!).
#remove cloud init!
Debian based Ubuntu / Mint
sudo apt remove cloud-init
RHEL / CentOS based
yum remove cloud-init
........
Iam going to build this based on a series of small howto QEMU / KVMposts I've made as I feel much of the information is actually hard to find and piece together from the rest of the web.
What I'm going to focus on is how to use virtio as the NIC because if you don't you get very slow NIC speeds but with the virtio NIC model you basically get host speeds.
/usr/libexec/qemu-kvm -enable-kvm -smp 8 -m 16000 -net user -net nic,model=virtio -drive file=ubuntu-gpt2l........
Most newer distros inexplicably cause your NIC to have what Icall "random" non-standard name conventions because of systemd.
This is a big problem for many people and especially those running servers. Imagine that you have a static IPconfigured for ens33 but then the hard disk is moved to a newer system, the NIC could be anything from ens33 to enp0s1, meaning that manual intervention is required to go and update the NIC config file (eg. /etc/network/interfa........
This is caused because the user is running as qemu for virt-resize and if qemu does not have privileges to read from the source and write to the destination, it will fail with the below. So either change the uid of qemu or change the ownership of the source and target.
Solution:
export LIBGUESTFS_BACKEND=direct
virt-resize --expand /dev/sda2 /root/kvmtemplates/windows2019-eval-template.img /root/kvmguests/kvmkvmuser4515........
When authentication times out that is one thing, but when it just fails like below Asterisk by default will not re-register until you the admin reload the sip or asterisk server:
voipserver*CLI> sip show registry
Host dnsmgr Username Refresh State&........
base64 has legitimate uses too and can be an easy way to store a file or data within actual code for developers to keep things in a single file.
For example let's take an image we'll see for an application's background:
base64 -w 0 some.jpg >some.jpg-base64
-w 0 makes it output to a single line which makes it easy to store in a variable. Without the -w 0 it will wrap over multiple lines.........
yum -y install wget unzip
wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip
unzip nextcloud-18.0.2.zip
yum -y install php php-mysqlnd php-json php-zip php-dom php-xml php-libxml php-mbstring php-gd mysql mysql-server
Last metadata expiration check: 0:58:02 ago on Fri 13 Mar 2020 02:12:49 PM EDT.
Dependencies resolved.
===================================================================........
pip install PIL
ERROR: Could not find a version that satisfies the requirement PIL (from versions: none)
ERROR: No matching distribution found for PIL
The import name is PILbut the actual pip package is called "Pillow"
pip install Pillow........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
This is sure simple if you follow the guide but it took a lot of hacking around to make this work on Debian/Ubuntu!
Now before you ask why bother running wine and python, the reason is because Python executables are NOT cross-platform. If you run pyinstaller in Linux, that binary will only run on Linux and the same if you do it in Windows. So it is preferable if you have a single environment that you can create Linux and Windows binaries from rather than running 2 separate........
Occasionally my whole screen locks up and I cannot even swith to the console and I find this in my syslog:
*-display
description: VGA compatible controller
product: Mullins [Radeon R3 Graphics]
vendor: Advanced Micro Devices, Inc. [AMD/ATI]
 ........
This is only really necessary in the case you don't want DHCP. If you are dealing with an encrypted LUKS server on the internet, you will often want to have a static IP so you know which IP to connect to (or if you have a semi-static IP assigned by DHCP).
SET IP Address by /etc/initramfs-tools/initramfs.conf
IP Address=192.168.1.27
Gateway=192.168.1.1
Subnet Mask: 255.255.255.0
Hostname=myhome.com
IP=192.1........
This is the reason that I don't like the new ADATA USB drives such as the UV128/64GB or 128GB drives and other ones that look to be the same style (the green sliding USB connector).
They just don't work well from new and never work properly at any point.
[ 788.242463] usb 1-1.2: new high-speed USB device number 16 using ehci-pci
[ 788.339816] usb 1-1.2: New USB device found, idVendor=125f, idProduct=db8a
[ 7........
In this case I am executing using "python3" but what you find in cases like this can be surprising.
The most common issues are that someone has a module for python 2 "pip" and doesn't realize they need "pip3" to install it for python3, but this is not one of those cases.
ModuleNotFoundError: No module named 'bs4'
OKmaybe we didn't install it for python3?
[........
This is not about using ssh as a proxy, but rather, using a proxy when you are SSHing to another host and using ProxyCommand (where we normally use nc as our proxy tool).
In newer versions of nc the syntax has changed to the following:
ssh -o ProxyCommand="nc -x 127.0.0.1:1234" %h %p user@host
The format must be like above in newer nc versions.
Just be sure to change the 1234 to the port of your SOC........
Symbolic link not allowed or link target not accessible: /path/httpdocs/news.html
There are a few reasons that can cause this message and this is for people who have ruled out the basics, eg. your symlinks are enabled and the right permissions are applied (but read on to learn about ownership requirements above the directory in question).
So there are a few key things here that cause Apache not to follow symlinks:........
If you just do a normal chown user.user somedir it won't work. You will see the ownership is still the previous owner.
How To Change Ownership Of Symlink:
The simplest part is just adding the -h which means no dereference so it applies the ownership on the symlink and does not try (and fail) to change ownership of the dereferenced symlink destination.
chown -h user.user somedir........
It is fairly simple to use once you know how to use it. However, the tricky thing is that by default it doesn't seem to be active or listen on any interface on manually specified.
How To Install ifplugd
First we install ifplugd
sudo apt install ifplugd
Let's enable it on our desired device(s)
vi /etc/default/ifplugd
set this line as so:........
dd is a very handy tool and there are some more practical things we can do. For example if we want to dump a 3TB drive and want to preserve it and only 200GB are being used on the 3TB we can save a lot of space with gzip.
Backing Stuff up with dd
How to Use dd to backup a raw hard drive and tar gzip at once
Change /dev/sda to the drive you want to backup
Change /mnt/extras........
I find that the default settings for the radeon driver that is applied to most AMD cards is horrible. For example by default TearFree is not enabled and it causes videos to have some kind of square artifacts.
Here are the settings I have found most suitable for AMD cards:
You need to create file in the following path and restart Xorg or your computer to apply it:
*Beware that making a mistake here will possibly make your computer........
This is a gotcha but be aware sometimes iptables may be active and loaded by default.
Also make sure you don't just disable firewalld but also stop it otherwise it will still block stuff:
systemctl stop firewalld
If the above is not the issue then it is possible iptables is running and blocking stuff too, so you'll need to stop iptables.
So in addition to opening firewalld or disabling it, you would need to disable iptables........
Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide.
apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar -zxvf asterisk-16-current.tar.gz
cd asterisk-16.6.2/
./configure
If you get this error change y........
If you can print other PDFs but not a particular one it is very likely that the PDF size is A4 (the longer, skinnier Asian paper size) instead of the North American letter size ( 8.5" x 11"). This breaks printing in most cases. Or it may print if you find a program that ignores the size issue.
Here is an example of an A4 being rejected by a printer in Ubuntu Linux via CUPS
Cannot print PDF CUPS Samsung C460:
Processin........
Most of us know the heredoc method but what if you need a basic query done repeatedly and manually while working from bash? It is a pain to manually type mysql and login each time.
With this command below you can semi-automate those queries:
echo "use somedb; select * from auctions" | mysql -u root --password="yourpassword"
Just modify the above to suit your needs and you can add more queries by adding a sem........
It is very silly but the default on the ifup-eth script tells dhclient ( the program that obtains a DHCP IPaddress if you have selected DHCPin your ifcfg-eth* config file) to EXIT / QUIT if the first attempt to obtain a lease fails.
No amount of dhclient.conf settings will fix this because if dhclient is started with -1 (which it is by default)then dhclient will quit.
This is obviously very bad for MOST cases. Say for example you have a power outage or........
Just edit your tftp file for xinetd like this:
*Change the IPto be the IPof the interface you want to listen on.
To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open.
Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available servic........
sudo pip3 install python-docx
[sudo] password for :
Downloading/unpacking python-docx
Downloading python-docx-0.8.10.tar.gz (5.5MB): 5.5MB downloaded
Running setup.py (path:/tmp/pip_build_root/python-docx/setup.py) egg_info for package python-docx
no previously-included directories found matching 'docs/.build'
warning: no previously-included files matching '.DS_Store' foun........
Video Links:
How To Setup 2 Phones on a Single CME Router and get the GUI going.
How to use Dialpeers with CME with two routers
How to implement call restrictions using COR / Class of Restriction
Set your clock:
HH:MM:SS
clock set 22:00:00 24 September 2024........
This often happens if you are adding a secondary route, especially with Linux source based routing.
ip route add default via 10.10.10.254 table 10
RTNETLINK answers: Network is unreachable
If that happens you will probably find that it is unreachable because your NIC does not have an IP in the 10.10.10.0/24 range so just assign an IP in that range to your NIC and try again.
eg. ifconfig eth0 10.10.10.254 netmask 255.255.255.0 up........
yum install iptables-services
systemctl enable iptables
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]........
Now older versions of qemu-kvm didn't throw this error say if you just had "-video cirrus" when starting qemu-kvm. But newer versions do care.
And this probably only applies to you if you are running from bash/terminal with remote kvm images.
What you need to do is remove the "-video" part and just add -vnc :5
eg. this would fix the error:
qemu-system-x86_64 -enable-kvm -boot order=cd,once=dc -m 1024 -drive........
Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery.
To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl".
1.) Install the utilities to make our bridge
sudo apt-get i........
cat .htaccess
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
I keep reading there is a "# BEGIN WordPress" and a "# END WordPress" in the wordpress htaccess above but there is clearly not.
Even more strange is that my permissions are just 444 (read only).
so i changed it........
python3 testserver.com-car-scraping.py html.txt
Traceback (most recent call last):
File "testserver.com-car-scraping.py", line 5, in
import mysql.connector
ImportError: No module named 'mysql'
For some reason it won't install properly even though I have the mysql client on this machine installed too.
Solution:
You need the mys........
If you've just installed VBox and it is not starting or working, the most common problem is usually that you don't have your kernel source installed, which means there is no kernel driver for vbox so it can't work.
You may get an error that says "Kernel driver not installed" in your Virtualbox.
So the first thing you should do is install your kernel source by running this:
sudo apt-get install linux-headers-`uname -r`........
By default bind will not respond to outside queries for security reasons.
In most distributions you will find the default in /etc/named.conf looks like this at the top under options:
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";........
This would be crucial especially if the phone is hardened, not being able to reset or change settings could prevent a phone registering in a new environment or even when migrating from office to office. This applies even if you are trying to migrate the phone to another platform such as Asterisk/FreePBX etc...
This guide applies to nearly all of the Cisco IP phones that you would use in CME or CUCM from several years ago including models: 9900, 9971, 8800, 8900, 8845, 8851, 8841........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
There are multiple layers but most are enabled by default such as the setting in the Phone Device Settings.
However the one not enabled by default is the one in "Enterprise Phone Configuration".
Enable "Cisco Camera" and then reboot your phones to enable it.........
DN = Directory Number:
It is basically the extension of the phone
In the example below, 55 is a DN assigned to the phone.........
It is much more useful to have meaningful and detailed logging from tftp to see what is or isn't happening especially for VOIPand other embedded device appications:
Edit the file:
vi /etc/xinetd.d/tftp
Change the server line like this:
server_args = -s /var/lib/tftpboot........
If you visit a site that exploits the WebRTC vulnerability including whatismyipaddress.com it may show "Local IP Address" which would be the real IP of your machine.
The vulnerability works on Windows and Linux machines (contrary to false information on the web which claims it only affects Windows).
The above works and happens even if you are using a proxy or VPNaccount like ProVPNAccounts.com
It is easy........
WARNING: Image format was not specified for '/mnt/space/cucm12.img' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions.
#you should manually specify the format
q........
This is usually because of STP causing a delay in the negotiation.
Edit your ifcfg script eg:
/etc/sysconfig/network-scripts/ifcfg-eth0
Add a LINKDELAY of 30 seconds or whatever works for you:
LINKDELAY=30
After that you should have an IP during bootup.........
The net-tools command brings back all of the oldschool tools that we're used to:
/bin/netstat
/sbin/ifconfig
/sbin/ipmaddr
/sbin/iptunnel
/sbin/mii-tool
/sbin/nameif
/sbin/plipconfig
/sbin/rarp........
This may sound silly but often on the same machine multiple versions of SQL may be installed due to other applications.
How do we know which one we are running and connected to?
Use the query:
select @@version
........
Install Issues:
How to Make CUCM iso /modify to work on non-VMWare machines like QEMU/Xen/OpenStack
If you get kernel panic errors in VBOX usually disabling Nested Paging will fix the issue (thanks to Mark).
ks_pre.sh error is caused by having the wrong VDX pattern (change it do sd per guide link above) and/or the wrong VMSpecs (Cisco req........
If you have an SSHproxy that you need to run automatically from cron you will need it in the background to work.
ssh -N -D 22000 user@domain.com
Basically the -N let's it continue running in the background.........
So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside?
Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.
Requirements
On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up.
In my case the first goal is often connectivity with the LAN and WAN.
LAN = your local area network (eg. in the office/home )
WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet).........
for ip in `netstat -nt|awk '{ print $5 }'|cut -d ":" -f 1|tail -n +3|sort|uniq`; do
echo $ip;whois $ip|grep -i netname;echo "---------------------------"
done
77.88.47.40
netname: YANDEX-77-88-47
---------------------------
40.77.167.5
------........
Switch#show ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface&nb........
The key thing is that you must use a "machine"id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as you........
Idid a systemctl restart networking and it broke Proxmox VM connectivity!
#proxmox is the problem after restarting the network the tap devices go to disabled state
[2230884.919905] vmbr0: port 7(tap118i0) entered disabled state
[2230884.948864] vmbr0: port 8(tap122i0) entered disabled state
[2230884.972748] vmbr0: port 6(tap119i0) entered disabled state
[2230885.004745] vmbr0: port 5(tap117i0) entered disabled state
[2230885.03673........
A lot of people think arp wil do it but the arp table will only show devices you have communicated with.
Using nmap is a quick and simple way to scan a range to find a machine you may not know the IP for:
eg:
nmap -sP 10.1.5.0/24
Just change the above to your subnet........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
The defaults in Windows 2016 server leave clients crippled so they can't even download basic files or software. But Group Policy Management Editor comes to our rescue!
Use cmd or Powershell and run:
gpme.msc
Choose your domain/computer and then navigate like below and create a new menu entry for IE11 or whatever your version is. Don't be worried if the highest version is IE10 it means that it applies to IE10 AND above.........
Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything):
# Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
*nat
:PREROUTING ACCEPT [160:19844]
:INPUT ACCEPT [4:357]
:OUTPUT ACCEPT [2955:182236]
:POSTROUTING ACCEPT [2955:182236]
COMMIT
# Completed on Fri Dec 14........
The main use I have for this is virtual servers being able to use an LVM volume but not occupying all of the space. It saves time in deploying machines and copying them so you are only copying the space they are using (eg. 5GB / 60GB vs the full 60GB). There are some disadvantages which is mainly the fact that thin pools by their nature allow you to "overallocate" disk space which is that you could use more space than is available on the disk itself and corrupt your data........
By default VMWare Workstation often doesn't work as we would like.
If you create a VM with a default NAT IP it won't work you will find the NIC is disconnected (even though on the VMWare side it says connected including at Power On).
How To Solve It
1.) Create New VMNet for NAT
Click "Edit" -> "Virtual Network Editor"
Click "Add Network"
Select Network To Add "VMNet1" (........
cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4]
md127 : active (auto-read-only) raid10 sdc1[0] sdb1[2]
1953382400 blocks super 1.2 512K chunks 2 far-copies [2/1] [U_]
resync=PENDING
bitmap: 15/15 pages [60KB], 65536KB chunk
Solution force repai........
When using strip_tags and html_entity_decode with PHPit often breaks and produces annoying diamonds with question marks.
It is probably because of characters like these:
… (looks like 3 dots but it is a single weird character).
’ (looks like a normal apostraphe but it is not)
” (looks like a normal double quote but it is not).
An easy way to sort this out is to copy the above and search in an ASCII table to extend the functional........
This should apply to most Linux distributions just incase you get into trouble or wipe out the defaults by accident.
/etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep........
A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging:
Here is another example of more advanced iptables rules.
Take an example iptables rules file
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth1 -p icmp -j ACCEPT........
Just find the relevant file in /etc/NetworkManager/system-connections
sudo vi /etc/NetworkManager/system-connections/Wired connection 1
[802-3-ethernet]
duplex=full
mac-address=00:00:00:FE:FE:FE
[connection]
id=Wired connection 1
type=802-3-ethernet
timestamp=1532403341
[ipv6]
method=ignore
[ipv4]
method=manual........
Set this in /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
#apply the settings
sudo sysctl -p
........
Do you hate it when your ISPhas old cached records because of a high TTLon the DNS record of the relevant domain? In plain English this means you often can't connect to a site or service because your ISP's DNS servers haven't gotten word of the new IP address (probably because they haven't checked). There are also some that are notorious for ignoring TTL and not updating records for days!
But if you are lucky and smart enough to have your own Linux based DNS se........
First we need to create dhclient.conf if it doesn't exist or edit it:
vi /etc/dhclient/dhclient.conf
#add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)
prepend domain-name-servers 127.0.0.1,10.10.25.8;
After you restart your network or run dhclient again you should see the contents of........
The reason for not being able to read one of these dreaded/ fillable "XFA" forms is because no Linux PDF reader that I'm aware of supports them. Part of this reasoning is for security. It is really silly, they should ban these XFA forms or at least replace the Please Wait with the non-fillable version.
Download Adobe Reader 9.5 for Linux from here:
This is the solution but only so much, at least for me I was able to view th........
First you need the "iptables-persistent" package. This gives you an init script that loads your settings from /etc/iptables/rules.v4 and rules.v6
When you install it, it wll save your default setings in /etc/iptables.
sudo apt-get install iptables-persistent
Remember that the rules are stored here:
For IPV4: /etc/iptables/rules.v4
For IPV6: /etc/iptables/r........
Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
It has caused a kernel panic and system crash repeatedly as we can see from the logs.
But SMART says it has "PASSED" its self assessment. SMART is still useful to me but it is more about looking at Current_Pending_Sector.
Any time I have had anything but 0 for that attribute it........
#to show all
VBoxManage list vms
#show ONLY running vms
VBoxManage list runningvms
VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --t........
initiator = client
target = server
These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.
iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).
iSCSI Target (Server)Setup
targetcli is the pac........
function centos7 {
release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]`
if [ "$release" != "" ]; then
centos7='yes'
fi
}
centos7
echo "$centos7"
We create a function called "centos7" and then call it by just typing "centos7"
We then access a variable that may be set........
# a single first slash means first occurrence
# format=${haystack/needle/replacement}
# if you use a double first slash it means ALL occurrences
# format=${haystack//needle/replacement}
email=${file/.txt-marked/}
In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with n........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
In this case it just searches for port 80 it is fairly handy if you have some sort of appliance or something else you aren't sure of the IPof
Of course change the port 80 port to whatever port(s) you want.
for ip in `arp -n|arp -n|tail -n +2|head -n -1 |grep -v incomplete|awk '{print $1}'`; do
echo "checking $ip:80"
nc -w 1 -z $ip 80
if [ "$?" == 0 ]; then
echo "**Port 8........
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
&nbs........
umask are the default permissions that are applied when a file or directory are created. To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.
The first thing Ialways tell people you should know is to NEVER change the defaults unless you are making them more restrictive. But they work well and if you change the defaults you could end up creating a file without permission to read........
You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local
basepath=/sys/class/drm
for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
echo card=$hwmon;
hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
echo "ec........
4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
[ 4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
[ 4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
[ 4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not sup........
wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
--2018-08-16 05:11:16-- https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1525561 (1.5........
An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
**Solution**
Go to about:config........
[root@localhost:~] vmkping -I vmk1 10.0.2.69
PING 10.0.2.69 (10.0.2.69): 56 data bytes
sendto() failed (Host is down)
vsphere distributed switch vmotion not working
[root@localhost:~] esxcfg-route -l
VMkernel Routes:
Network Netmask Gateway Interface&........
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)
Errors like the above are usually because there is an issue with your vSphere or more commonly it i........
It could just be my specific Java but other KVM/IP works ok on my machine but with Supermicro's IPMI for some reason the console window doesn't resize and even putting it in full screen leaves the window cut off as shown below:
As you can see above the screen is cut off you can't see the "Iagree" on the right side.
The window resi........
zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user. It could also be helpful in just notifying a user when they login with a popup window.
I'll give an overview of what's available with zenity:
Application Options:
--calendar Display calendar dialog
--entry Display tex........
You can find many ways to specify the VLANin your network configuration but Ifind this is the simplest and quickest.
In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.
The key here is that in vmbr0 you'll notice there is no IP address. We just specify "manual".
Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change........
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP7 installed so if you reference PHP5 of course things wil be broken!
Take for example here:
cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamica........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Solution:
Edit geoip.ini
vi /etc/php.d/geoip.ini
Comment out the .so like so:
;extension=geoip.so
service httpd restart........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
yes it does create its own json
============================================
cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
--> ........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
SyntaxError: Missing parentheses in call to 'print'
This is an annoying issue where the syntax betweenPython 2 and 3 changed which breaks old scripts.
print "hello"
#change to
print("Hello, World!")........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
INFO [07-19|12:11:51] Imported new block receipts count=590 elapsed=8.440s bytes=74117699 number=4870906 hash=6bc60b…934753 ignored=0
INFO [07-19|12:11:57] Imported new state entries count=499 elapsed=9.963ms processed=71076 pending=1526 retry=2&nbs........
This is often the result of PayPal's "item name" or another name having invalid characters or not supporting Unicode.
173.0.81.1 - - [17/Jul/2018:13:39:45 -0400] "POST //modules/gateways/callback/paypal.php HTTP/1.1" 406 - "-" "PayPal IPN ( https://www.paypal.com/ipn )"
A good clue is if you check the debug output of the IPNand find a mandatory column empty.
........
dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00]
GET [CURRENT] CONFIGURATION:
Mounted Media: 11h, DVD-R Sequential
Media ID: RITEKF1&n........
You can search for this bug and it seems like it may be related to ecryptfs and is many years old.
The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back. But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot.
There is a simple solution:
Ctrl + Alt + F1
Ctrl +Alt + F8
Ba........
iptables allow port 22 example
Of course change --dport and -s to suit your needs
#allow certain IP to access port 22
iptables -A INPUT -p tcp -m tcp --dport 22 -s 192.168.1.0/24 -j ACCEPT
# block others
iptables -A INPUT -p tcp --dport 22 -j DROP........
Ithought I'd post this becuase there is some bad information out there. Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work. The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.
Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you)........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
10/07/2018 03:05:14 PM [IPv4] Got connection from client10.10.25.1
10/07/2018 03:05:14 PM other clients:
10/07/2018 03:05:14 PM Client Protocol Version 3.7
10/07/2018 03:05:14 PM Advertising security type 18
10/07/2018 03:05:14 PM Client returned security type 18
10/07/2018 03:05:14 PM TLS Handshake failed: Could not negotiate a supported cipher suite.
10/07/2018 03:05:14 PM Client10.10.25.1 gone
10/07/2018 03:05:14 PM Statistics:........
Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script.
Prior to that you could also use the auth-user-pass-verify like this:
auth-user-pass-verify ./validate.pl "$username $password $ip" via-env
Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
export ANDROID_HOME=/home/user/Downloads/tools/
Conversations-master$ ./gradlew
Downloading https://services.gradle.org/distributions/grad........
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
vi /etc/group
adm:x:4:syslog,iamtheuser
sudo:x:27:anotheruser,iamtheuser
Find the above lines and add a comma and "ia........
A simple way that may work for a lot of people who just need basic output for their scripts or daemons to announce an action is this:
echo "body or message" | mail -s "realtechtalk.com" user@domain.com
If you want to send a text file as the body just do this instead:
mail -s "realtechtalk.com" user@domain.com < /tmp/sometxtfile.txt
These are some ve........
Centos when copying old files and restarting it seems load everything fine and then says [FAILED] with no log or other message.
service restart named
named [FAILED]
Check more thoroughly you may have missed the error if you have lots of zones!
service named restart|grep error
zone 1.168.192.in-addr.arpa/IN: not loaded due to errors.
zone 2.168.192.in-addr.arpa/IN: no........
Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop.
This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
This happens because Dovecot limits the maximum IMAPconnections per IPto just 10. This may be fine for a single client side IPbut if an entire office or multiple users are behind one IPor a single heavy user is active then you will get bizarre errors in your e-mail clients such as "Password Incorrect" or similar in Thunderbird. It won't be obvious on the client side as to what the problem is and they will probably just think the server is misconfi........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
This usually happens when you are using something like an INT and try to insert a larger valuethan the maximum which is larger than "2147483647"
On a practical term I have seen this and been guilty of this error when using scripts like PHPand generating large random numbers:
$hash = mt_rand(5,9999999999999);
Obviously that many 9's are more digits than the maximum of an INT resulting in that error. Change your code accord........
This is one thing that has me wondering about SMF. It is apparently a known issue but in the latest version and new install nothing looked right because it was using http://127.0.0.1 to find everything! How on earth would it ever do this or think it is normal?
Excerpt of crazy html code it produces that causes the issue:
........
GRANT SELECT, LOCK TABLES ON *.* TO yourmysqluser@localhost;
All you need to do a full MySQL dump on all databases is the SELECT and LOCK TABLES privileges. This way you don't have to use the mysql root user. Data could be compromised this way but at least no harm from manipulation, changes or deletion are possible by locking down the privileges to the minimum for a full MySQL dump and backup.........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
This is useful for security purposes especially on a server which may have a public IP assigned to it but has a second NIC for the LAN.
Here is how you edit smb.conf:
[global]
interfaces = 192.168.1.50
bind interfaces only = yes
As you can see above it will only listen on 192.168.1.50 and remind to keep the "bind interfaces only"option.........
It has been a big pain for a long-time to install Windows from a Linux environment. I used to run a windows install server and it never worked right for some reason (the install would fail on most servers).
Before getting start be sure to setup your samba share so once you boot into WinPE you can mount the install for whatever Windows you want
/etc/samba/smb.conf
[smbwinstall]
path = /tftpboot/images/winstall
guest ok = yes........
Error: Unable to apply new quota values: quota not running
Container start failed (try to check kernel messages, e.g. "dmesg | tail")
Killing container ...
Container was stopped
Error: Unable to apply new quota values: quota not running
Can't umount /vz/private/123123: Invalid argument
[root@rtt 123123]# vzquota on 123123
vzquota : (error) Can't open quota file for id 123123, maybe you need to reinit........
order deny,allow
Deny From All
Allow From 8.8.8.8
A simple and quick way to improve security by only allowing specific IPs to your web application.
In this case the above allows only the IP 8.8.8.8 to access things and everything else is denied.........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Remove the GEOIP from PHP:
php71w-pecl-geoip-1.1.1-1.w6.x86_64
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the........
Install requirements:
yum -y install gmp-devel mpfr-devel libmpc-devel glibc-devel glibc-devel.i686 zip unzip jar
Download, untar, configure, compile and install GCC
http://mirrors.kernel.org/gnu/gcc/gcc-5.5.0/gcc-5.5.0.tar.gz
tar -zxvf gcc-5.5.0.tar.gz
cd gcc-5.5.0
./configure
make
make install
Now you need to cleanup th........
The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.
possible SYN flooding on ctid 42131, port 80. Sending cookies.
Simple fix edit sysctl values for max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=5000
To make them permanent edit /etc/sysctl.conf
echo "net.ipv4.tcp_........
In the "last" command in Linux by default it will show the information with the hostname (not very useful at all especially since it normally truncates long hostnames).
To get last to show the IP address use this:
last -i
The -i makes it show the numeric IP instead of hostname.........
yum -y install samba
vi /etc/samba/smb.conf
https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.zip
mkdir syslinux;cd syslinux;unzip syslinux-6.03.zip
mkdir -p /tftpboot/libs/
cp bios/com32/modules/linux.c32 /tftpboot/libs/
cp bios/com32/libutil/libutil.c32 /tftpboot/libs/
cp bios/com32/lib/libcom32.c32 /tftpboot/libs/
#add lib path
echo "PATH libs" >> /tftpboot/pxeli........
By default Samba SMB/NMB listen on ANY and ALLIPs on your system by binding to 0.0.0.0. Obviously this is a huge security risk if you have a public facing server with both internal and external access. Usually when a system administrator sets up a samba server their intention is just to share with a LAN.
To do this you need to the following options under the [global] section in smb.conf
bind interfaces only = yes
interfaces = 192........
First of all I got this error after accidentally messing up my usergroup by using usermod -G user group
When I would login using SSHkeys it would fail:
sshd[2020]: Authentication refused: bad ownership or modes for directory /home/one
No worries, the fix is simple!
chmod g-w /home/use........
It's really simple and just a matter of the following line within the subnet declaration.
deny unknown-clients;
See example below:
subnet 10.25.20.0 netmask 255.255.255.0 {
range 10.25.20.11 10.25.20.254;
deny unknown-clients;
option routers 10.25.20.10;
option domain-name-servers 208.67.222.222;
 ........
You are using Centos 5 which is deprecated so nothing in yum will work until you follow this post to use the vault:
http://realtechtalk.com/Centos_59_Working_Vault_Repo_file-1921-articles
yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* epel: fedora-archive.ip-connect.vn.ua
Traceback........
This through me for a loop when I would do a cp -rf or mv -f nothing would get overwritten even if piping y or yes to the command.
Type alias and you'll see why:
alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
The -i is a safeguard against messing things up but however does mess things up worse when you know what........
iptables -t NAT -A PREROUTING -s 24.30.44.0/24 -j DNAT --to-destination 10.10.10.1
iptables v1.4.7: can't initialize iptables table `NAT': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Solution
# it is case sensitive "nat" and DO NOT use "NAT" or you will get this error!
iptables -t nat -A PREROUTING -s 24.30.44.0/24 -j DNAT --to-destination 10.10.10.1........
This happens if you are running a kdenlive script from the shell of a remote machine without using SSH "-X" forwarding and it will also cause any areas where you write text to be a white screen for that duration.
melt FusionFestival.kdenlive
No LADSPA plugins were found!
Check your LADSPA_PATH environment variable.
[producer_xml] failed to load transition "qtblend"
[producer_xml] failed to load transition &q........
Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case.
Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
Centos 5 is not supported running yum will produce an error like this:
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/
removing mirrorlist with no valid mirrors: /var/cache/yum/base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: base
Solution - Update this file CentOS-Base.repo
# CentOS-Base.repo........
A great way when moving your equipment to a new location, new router/switch etc to help confirm what MAC has what IP:
for ip in `arp -na|awk '{print $2}'|sed s/(//g|sed s/)//g`; do
echo ping $ip
ping -c 1 -w 1 $ip > /dev/null
if [ "$?" == 0 ]; then
echo "$ip UP"
fi
done........
It is not obvious but the rsync --help
rsync --help|grep port
--port=PORT specify double-colon alternate port number
--port does not do anything at all actually for some strange reason it still uses 22
You have to specify a manual ssh command to make it work:
-e 'ssh -........
When using the .sh script the rendering doesn't work after an upgrade of related packages to kdenlive.
kdenlive (kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1)) with affine or composite transitions was fine but is now broken during the time of transition it is just a white screen.
The previous version was fine:
kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1
But now I can't find it or install it:........
[1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900
W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo
I've been getting those errors on a J3455 NUC box with the latest kernel on Linux Mint 18.2. When updating the initramfs I also got the error about the firmware........
When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right.
Solution for me:
My example uses 3 videos in total so "n=3" and a=1 to include audio.
ffmpeg -threads 12 -i file1.mp4 -........
#if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used
wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2
tar -jxvf ffmpeg-3.3.2.tar.bz2
cd ffmpeg-3.3.2/
./configure --disable-yasm
install prefix /usr/local
source path ........
This container won't start after exhausting its memory. There are no relevant or helpful messages in dmesg or vzctl.log as well. Standard troubleshooting such as disabling PPP etc has not helped.
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Locked by: pid 166029, cmdline vzctl start 888171
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container already locked
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container was stopped
2017-07........
Very simple browse to your /boot directory
It does make more sense to extract the image in its own directory eg "initramfs-blabla-dir" as it will literally extract directly to the pwd.
cp initramfs.img someotherdir
cd someotherdir
zcat initramfs-3.10.0-514.el7.x86_64.img | cpio -idmv........
Done on Centos 7.3 very important as clearly based on older guides it was a lot easier and more simpler! Hint do not use grub2-install!
If you have trouble booting after this check this CentOS mdadm RAID booting/fixing guide.
One huge caveat if you are an oldschool user or sysadmin who has avoided UEFIbooting
The nor........
user@box:~$ sudo tune2fs -l /dev/md99
[sudo] password for user:
tune2fs 1.42.9 (4-Feb-2014)
Filesystem volume name:
Last mounted on: /mnt/md50
Filesystem UUID: 976a8655-2619-4587-878c-dab07f7b7652
Filesystem magic number: 0xEF53
Filesystem revision #: 1 (dynamic)
Fi........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
This is a VIA made VL805 USB 3.0 Chipset with 4-ports and MOLEX powered. First of all this unit was cheap at about only 9 USD with fast shipping. My biggest concern was if this was a quality unit and would it really give you full USB 3.0 speeds (some people reported with similar cards that for some weird r........
When running cudaminer once it tries to initialize the card the entire screen freezes. The computer itself is still running but the Xorg is done for, you cannot even switch to another console window and must reboot (even an mdm or Xorg restart does not help).
At first cudaminer will give you these errors:
stratrum_recv_line failed
...retry after 15 seconds
GPU #0: Geforce 210 with compute ca........
Here is a simple MP3 player and now there's a reason to understand why the supplied cable has some kind of capacitor and is very short. These devices can be VERY finicky and any voltage fluctuation or difference is enough to cause issues.
Take for example the error messages from Linux Mint:
[804829.895414] usb 1-1: USB disconnect, device number 11
[806961.109030] usb 1-1: new high-speed USB device number 12 using xhci_hcd........
This is mainly the case on Centos but applies to other distros and situations. If you are running programs in the background with the &, at least in Centos it is usually not honored and if you quit or are disconnected the backgrounded programs will be sent sighup and be shut down.
The simplest way around this instead of using & is to start any programs or commands with "nohup"
Eg.
nohup yourscript.sh........
Finally after ages I found the solution which is on many pages on the net but not obvious and should have been standard or more common info!
Instant Solution:
Type this into the terminal (unfortunately the driver config menu doesn't have the option as itis hidden):
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceCompositionPipeline = On }"
Make permanent
Cli........
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user:
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4
Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP. I tried everything but nothing helped. One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).
When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze. This bu........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
It's very simple you just use the "-c" switch and wget will resume the file (make sure you are in the same directory) or specify -O /path/to/partialdownload.zip
wget -c http://someurl/file.zip........
To grant the IP 192.168.2.4 to user mysqlguy
GRANT ALL ON *.* TO 'mysqlguy'@'192.168.2.4';
To allow any IPfor mysqlguy just use the wildcard % character
GRANT ALL ON *.* TO 'mysqlguy'@'%';
Also note it is normal and fine to have multiple entries in the mysql table.........
Error while connecting to MYSQL: (XID 4ea7s9) Access denied for user 'root'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Mysql.pm line 181
Solution
This error occurs because the /root/.my.cnf has the wrong/outdated password for MySQL root user. Simply edit /root/.my.cnf with the correct user. This normally happens if you update outside of cPanel.........
You can actually just pass multiple "-L" statements to achieve this.
An example is as below:
ssl -L 80:192.168.10.5:80 -L443:192.168.10.5:443 -L2068:192.168.10.5:2068 -L 8192:192.168.10.5:8192 user@remotehost.com
The above essentially is saying forward ports 80,443,2068,8192 to the remote IPof 192.168.10.5 (even though it is behind NAT). Essentially SSH will do the NAT part even if the........
This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it.
1. Java Security/TLS Settings issue:
This article has the solution to change them all in Linux automatically
2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
Ihave a tar and when extracting it changes /root to a uid and gid of the source server which is bad especially for /root!
You can get around this by extracting as follows:
Add the -o switch which means "--no-same-owner"
tar -o -zxvf sometar.tar.gz........
Centos 7 is no cakewalk, there are many fundamental features and basic utilities that are missing or even completely renamed or different!
Another shocking thing is to check your NIC it is set by default to not turn on when booting!
And by the way there is no more standard eth0 the NIC convention is now "enp0s3"
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3........
There are usually two reasons for this.
#1 The most common is that you need to enable the -r (recursive) flag with zip to make it recurse into directories.
So the solution is to use -r
zip -r somefile.zip yourfiles
#2 If you are using bash scripting based on ls without the full path or for some other reason the full path is missing, zip looks for the files in the current directory so this will always fail.........
Normally an ls will just produce the actual contents of the current or target directory eg.
ls mydir
myfile1
myfile2
myfile3
But what if you need to find the full or relative path to another program that cares whether that be zip or etc.?
You need the "-d" switch and the asterisk inside the actual directory.
ls -d mydir/*
mydir/myfil........
This is especially helpful if you run your own servers. If you are presented with an error message or warning that the signature has changed or does not match the IP/domain you are connecting to you always want to verify manually.
So your e-mail/web client will show you an SHA-1 fingerprint like this:
"Could not verify this certificate because the issuer is unkown" or other reasons such as a mismatch in IP/domain.
It will also show you........
ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [ee16d84] "into the user session keyring
mount: No such file or directory"
[ 156.118113] ecryptfs_mount: kern_path() failed
[ 156.118431] Reading sb failed; rc = [-2]
[ 164.233055] traps: mate-notificati[3472] trap int3 ip:7f43d7002c13 sp:7fff162c6600 error:0
[ 166.017061] ecryptfs_mount: kern_path() failed........
In short the two drives in the array were /dev/sdd and /dev/sde. The kernel sees they were unplugged and have gone down as you can see below.
mdadm caught the first one being unplugged /dev/sde and disabled the missing drive. However when the final drive that was part of the array is unplugged it didn't notice at all. Instead it complains about an IO error later for drives that the kernel knows do not exist anymore.
[45817.162728] ata4: exception........
Solution:
yum -y install --skip-broken package-you-want-to-install
Packages skipped because of dependency problems:
php56w-mysql-5.6.30-1.w6.x86_64 from webtatic
Error: Multilib version problems found. This often means that the root
cause is something else and multilib version checking is just
pointing out that there is........
Get the python "warc extractor" from here. WARC just seems to be such an unnecessary and complicated format. Why not use tar, rar, zip etc...?
./warc-extractor.py -dump content !http:content-type:pdf yourfile.warc........
Ifigured out what caused this but don't have the solution just yet. Iwould deploy a certain script from a .tar.gz to some servers and found that /root was always owned by user and group "1000.1000". This corresonded to the user who made the .tar.gz.
For some reason when extract normally with "tar -zxvf file.tar.gz" it impacts the parent directories ownership. There must be some recursion going on or possibly the .tar.gz but I haven't f........
In short the solution is just to use vgremove for the actual /dev/mapper device:
vgremove /dev/mapper/backups-backuplv
box mnt # mdadm --manage /dev/md8 --stop
mdadm: Cannot get exclusive access to /dev/md8:Perhaps a running process, mounted filesystem or active volume group?
box mnt # lv
lvchange lvconvert lvcreate l........
This can be a case of bad permissions or modes as the error says. Normally one would assume permissions but often a script may change ownership of /root to something else.
This was the case half the time I've encountered this.
So in short make sure ownership is correct
chown -R root.root /root........
Cannot even "Browse Network" when clicking on "Windows Network"
Unable to mount location
Failed to retrieve share list from server: No such file or directory
logs:
[2017/02/14 00:16:44.271314, 0] ../source3/nmbd/nmbd.c:58(terminate)
Got SIGTERM: going down...
[2017/02/13 17:35:41.797944, 0] ../lib/util/become_daemon.c:124(daemon_ready)
&........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Uh oh
[17925926.174277] block drbd0: Handshake successful: Agreed network protocol version 96
[17925926.174325] block drbd0: conn( WFConnection -> WFReportParams )
[17925926.174342] block drbd0: Starting asender thread (from drbd0_receiver [1682])
[17925926.174432] block drbd0: data-integrity-alg:
[17925926.174581] block drbd0: drbd_sync_handshake:
[17925926.174586] block drbd0: self 2AAE66AF9252D6DB:2815BF........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
This actually only happened after an e-mail server ran out of space due to run away log files. Normal Desktop clients were not affected. It appeared to be a bug in K9 mail but even reinstalling/wiping all settings did not fix it (read e-mails would still not reappear).
This is moreso a bug in Dovecot where it probably messes up the index files.
How do you fix this in Dovecot/your e-mail server?
You need to delete the do........
2017-01-12 14:25:36 529 (ERROR): The installer was unable to verify that your kernel supports IPv6.
2017-01-12 14:25:36 530 (ERROR): The message received when trying to create an IPv6 socket was Address already in use
2017-01-12 14:25:36 531 (ERROR): Please ensure that the ipv6 module is enabled and loaded in your kernel.
2017-01-12 14:25:36 532 (FATAL): Exiting...
Solution
This happened........
An easy way to pay companies and friends/family since PayPal does not have an option when sending money to make it a subscription:
"business" = The e-mail or PayPal ID of the person/organization to pay to.
a3 The recurring amount "eg. 115" will be 115 USD
p3 The time period (eg. 2)
t3 Unit of time period m=monthly,w=weekly,y=yearly
item_name = "the note/product service reason you are paying ha........
Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure).
UPDATE user SET Host="192.168.5.99" where Host="localhost"
or for any/wildcard
UPDATE user SET Host="%" where Host="localhost&qu........
iptables -F
iptables -t nat -F
iptables -t mangle -F
This is as simple as it gets.........
iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
sysctl -w net.ipv4.conf.all.route_localnet=1
Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.
Finally run the sysctl command and........
The file ipupdate.txt should look like this:
ip.ip.ip.ip ctid
while read -r; do
ip=$REPLY
setip=`echo $ip|awk '{print $1}'`
ctid=`echo $ip|awk '{print $2}'`
echo "vzctl set $ctid --ipadd $setip --save"
vzctl set $ctid --ipadd $setip --save
done < ipupdate.txt........
If you want to make sure only a certain IP can access your server for any service or protocol here is a way to do it (just be sure you have access to the IP(s) mentioned or you will be locked out).
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -s IP.IP.IP.IP -j ACCEPT
iptables -A INPUT -j DROP
serv........
The only solution after trying many suggestions was to simply restart the "vz" service (definitely not preferable).
Even doing an ifdown and ifup for venet0 did not help.
ifup venet0
Bringing up interface venet0:
Configuring interface venet0:
net.ipv4.conf.venet0.send_redirects = 0
RTNETLINK answers: Network is down
Some errors from log:
CPT ERR: d2dc60........
Tired of checking iotop and seeing that your drbd partition is using 99.99% of io all the time and finding your drbd device performs slow in general?
This is especially an issue in versions of DRBD in the 8.3 tree in particular one documented case is on "8.3.13" but it likely applies to other devices.
The symptoms are that resyncing is fine and normal but any reasonable amount of activity is very slow and lagged and creates a high server load and con........
Your cPanel may not work if you enter your non-main IP when setting it up. The way to fix it is to go back to the setup screen by removing the following file:
rm /etc/.whostgrft........
Usage: geoiplookup [-h] [-?] [-d custom_dir] [-f custom_file] [-v] [-i] [-l]
Usage: geoiplookup [-h] [-?] [-d custom_dir] [-f custom_file] [-v] [-i] [-l]
grep: Address: No such file or directory
grep: not: No such file or directory
grep: found: No such file or directory
sh: -c: line 1: syntax error near unexpected token `|'
sh: -c: line 1: `|cut -d ',' -f 2'
........
migrating from an old OpenVZ (Centos 5) to new OpenVZ (Centos 6)
Also if migrating from 32-bit HN to 64-bit your RAM will probably be much bigger than it should be!
16x bigger
eg. 32bit HN:
total used free shared buffers cached
Mem:&nb........
In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system. Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working.
The connection was reset
The connection to the server was reset while the page was loading.........
kernel: [10186978.064405] TCP: time wait bucket table overflow (CT3)
Varying opinions are out there but in general it seems like the most common culprit is a lack of privvmpages, with a modern OpenVZ system the best way is to set privvmpages as equal to what your RAM is and this has resolved the messages on another system.
If it's truly a TCP issue you can adjust the following parameters:........
I wanted to use Astrachat because it seems to be the only app that has video, pic and file sharing for Jabber butI cannot even connect despite any other client working fine including Xabber and others.
astrachat "Oops.. We can't connect to the account that you provide above. Please recheck your account detail".
Unfortunately to make it worse there doesn't seem to be any error log or more details about the issue.
The jab........
This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.
Usually the string will be empty and null when you call it from outside of the database connection portion of your code.
eg. an example of the wrong way and creating a null/empty string
$var = mysql_real_escape_string($myself)
mysql_connect();
// returns n........
This can happen because port 80 is not open, or your license has expired and/or your IP is out of date and also if the license server itself from cPanel is having issues.
In most cases as long as you have a valid license the following command will solve it:
/usr/local/cpanel/cpkeyclt
Updating cPanel license...Done. Update succeeded.
Building global cache for cpanel...Done
Cannot........
pip install obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
You are using pip version 7.1.0, however version 8.1.1 i........
openvpn 2.3.10-1.el6 issues
in the .conf
auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env
auth-env does not work correctly in OpenVPN 2.3:
Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure
But OpenVPN 2.2 does work as expected.
It could be that the specified script automatically receive........
Auction 262382440107: Cannot connect to URL : SSL connect error: gnutls_handshake() failed: Illegal parameter
Retrying...
esniper encountered a bug. It looks like your esniper version is not
current. You have version 2.28.0, the newest version is 2.31.0.
Please go to http://esniper.sf.net/ and update your copy of esniper.........
At first my BIOS said the card may not work right because there is no more option ROM space.
I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly.
But it still cannot initialize the card properly(does not work):
[ 33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:........
There are a few ways of doing this and all basically involve using the reverse proxy or "ProxyPass" feature of Apache to accomplish it.
1.) Create a normal vhost and simply symlink the root directory of the site you want to mirror.
Eg. originalsite.com and newsite.com
/vhosts/originalsite.com/httpdocs
You would symlink like this:
ln -s /vhosts/originalsite.com/httpdocs vhosts/originalsite.com/........
I modified the default to the following for faster local dialing for North American area codes:
(*xx|[3469]11|0|00 [2-9]xxxxxxS0|[2-9]xxxxxxxxxS0|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.)
This is what I added to the above: "[2-9]xxxxxxxxxS0" so any 9 digit number is dialed instantly xxx-xxx-xxxx (the S0 at the end makes it dial right away). This makes dialing much quicker and is recommended.
*No........
service iptables start
iptables: Applying firewall rules: iptables-restore: line 40 failed
[FAILED]........
1.) Flash directly to this file:
http://tomato.groov.pl/download/K26RT-N/build5x-132-EN/Linksys%20E-series/tomato-E2500-NVRAM60K-1.28.RT-N5x-MIPSR2-132-Max.zip
*I was never able to get the larger "Mega" file to work, at least not initially so I recommend the file above.
To enable 5ghz I had to do the "Clear NVRAM" Option before it was shown.
2.) Or if you don't need 5ghz (most devices do not support it and cannot........
The problem is that the default of most of these units is set for non-North American phones so the ring sounds like it cuts off and is not sequential.
How To Fix the Issue
Click on "Regional" and make sure you are in Advanced mode.
........
apt-get install pptp-linux
echo "yourvpnusername * yourpasspass *" >> /etc/ppp/chap-secrets
vi /etc/ppp/peers/provpnaccounts.com
enter (ignore the lines):
============
pty "pptp server.provpnaccounts.com --nolaunchpppd"
name testuser
#remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
==========........
The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway.
The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using):
route del default eth0
50.80.20.2 is the VPN server you connect to
192.168.1.1 is your........
This is actually very simple and this example assumes your network device is "eth0"
In Centos your network config would be the following: /etc/sysconfig/network-scripts/ifcfg-eth0
Take the same path and just add a "-range0"
So to add a range create the following file: /etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_START=192.168.1.50
IPADD........
A handy trick in bash that can be adapted to many useful tasks:
for i in {1..99}; do
echo $i
done
1
2..
97
98
99
100
Another tricky is if you need a 0 in front of the first letters:
for i in {1..12}; do
if [ $i -lt 10 ]; then
i=0"$i"
fi
echo $i........
I was asked to troubleshoot why a site wasn't loaded or responding properly, it turned out they were using some old javascript tracker from Bing/Microsoft that is no longer valid or working. You have to wait forever for it to time out but it really did disrupt the functionality of a very important site:
flex.atdmt.com
If you have the above code in javascript on your site remove or comment it out.........
HTTP error 401
You do not have permission to access this page.
It was actually a bad hosts entry or where your IP was somehow added to /etc/hosts.deny this is what you will see from CPanel........
It sounds like this is corrected in later versions of the OpenVZ kernel but Iam not sure, it may also be that a much newer kernel is needed and Centos may not have a recent enough kernel.
*Debain 7.0 however does work fine as a temporary fix or work around.
Debian 8 OpenVZ no IP and networking not working:
lo Link encap:Local Loopback
 ........
Say you have a path like this "/some/path/here with spaces/". If you try to transfer it you will get a message along the lines of:
scp -rp 192.168.0.12:"/some/path/here space/" .
scp: /some/path/here: No such file or directory
scp: space: No such file or directory
You can escape each space but what a pain that is especially if you have multiple spaces in the path.
The simplest way is to use the follow........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
In my case I could login with the initial install but I rsync'd everything over while preserving ownership and permissions to another RAID partition and booted from that.was fine before. The problem is that you are kicked out the second you login and the problem was SELINUX for some reason (perhaps it noticed something strange when it was moved to the new partition)
login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
login: ROOT LOG........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
First of all this seems to apply to many ONVIF devices
Hard coded IP: 192.168.1.10 (yes not kidding no DHCP!)
00:12:12:9C:C2:00
To view RTSP stream use VLC, or openRTSP or other RTSP capable software:
rtsp://192.168.1.10/user=admin_password=tlJwpbo6_channel=1_stream=0.sdp
user: admin
password: blank
http://ip/Login.htm
Uses Quicktime and is a poor quality picture and slow
Cannot change pass........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
python-mediaprof........
[ 2868.041375] ata1: EH in SWNCQ mode,QC:qc_active 0x40 sactive 0x40
[ 2868.041554] ata1: SWNCQ:qc_active 0x40 defer_bits 0x0 last_issue_tag 0x6
[ 2868.041556] dhfis 0x40 dmafis 0x40 sdbfis 0x20
[ 2868.041874] ata1: ATA_REG 0x41 ERR_REG 0x84
[ 2868.042013] ata1: tag : dhfis dmafis sdbfis sactive
[ 2868.042163] ata1: tag 0x6: 1 1 0 1
[ 2868.042301] ata1.00: exception Emask 0x1 SAct 0x40 SErr 0x400000 action 0x6 frozen
[........
So the situaton is this, you depend on things being relevant to where your bash script is and to be safe you want it to be dynamic (eg. do not hard code that we switch to /abc/dir but rather detect where script.sh is located).
scriptlocation="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
The path is then contained the the variable "scriptlocation" so you can cd to it in your script etc............
If you are getting this error from Pluto/IPSEC it is almost always due to a routing or NAT issue.........
I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar:
yum -y install python-pip python-devel
No package python-pip available.
#install the EPEL repo
python-pip install obfsproxy
python-pip install obfsproxy
-bash: python-pip: command not found
pip install obfsproxy
&........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
#enable ip_forward
sed -i s/'net.ipv4.ip_forward = 0'/'net.ipv4.ip_forward = 1'/g /etc/sysctl.conf
#all interfaces should not send redirects
echo "net.ipv4.conf.default.send_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv4.co........
iptables -t nat -A PREROUTING -p tcp -m multiport --dports 80,443,2068,8192 -j DNAT --to-destination 192.168.1.175
Just adjust the "--dports" to the ports you need and the --to-destination to the destination IP (note it must be on the same network as the server running iptables........
tar -ztvf flashrom.tar.gz
the "z"is for gzip, if it is not gzip remove the z. If it is bzip then use "j" instead of "z" etc..........
stat -c %s testfile.zip
10000000
The output is shown above in bytes.
........
This command rips the audio tracks to .wav files
*I recommend making a new directory with the name of the audio disc first and executing everything from within that directory below.
cdparanoia -B
Use the lame mp3 encoder to encode each one with this script:
*Note that this will encode any other files ending in "cdda.wav"
for track in `ls *cdda.wav`; do lame -b 192 $track; done........
It is very simple and like this to test for the existence of file using bash scripting:
if [ -f /etc/somefile ]; then
echo "yes it exists"
fi........
If a service is not working and resetting it to defaults is not working and you get bizarre error messages it is probably a broken update and possibly duplicate package.
Take in this case "exim" not working even after resetting to defaults.
Check for duplicates:
rpm -aq|grep exim
........
Dell CS24SC Info
0000:00:00.0 Host bridge: Intel Corporation 5100 Chipset Memory Controller Hub (rev 90)
0000:00:02.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x8 Port 2-3 (rev 90)
0000:00:03.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x4 Port 3 (rev 90)
0000:00:04.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x16 Port 4-7 (rev 90)
0000:00:05.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x4 Port 5 (rev 90)........
0000:00:00.0 Host bridge: Intel Corporation 5000P Chipset Memory Controller Hub (rev b1)
0000:00:02.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x8 Port 2-3 (rev b1)
0000:00:03.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x4 Port 3 (rev b1)
0000:00:04.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x8 Port 4-5 (rev b1)
0000:00:05.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x4........
[ 17.208336] tg3 0000:08:00.0: eth0: Link is up at 1000 Mbps, full duplex
[ 17.210194] tg3 0000:08:00.0: eth0: Flow control is on for TX and on for RX
[ 76.000065] phy0 -> rt2x00lib_request_firmware: Error - Failed to request Firmware.
[ 76.002332] ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[ 86.736004] eth0: no IPv6 routers present
[ 148.960038] phy0 -> rt2x00lib_request_fi........
What matters most about VPNproviders in 2024?
We are highly suspicious of VERYLARGE VPN providers that have LOW PRICES and HUGE DISCOUNTS. The suspicion is that for those who know what costs are involved to purchase thousands of IPs and servers are not small. At the prices that many of the big mainstream providers offer, it is likely unprofitable or barely profitable. Then, how are those companies making money or is that even the goal?
There use........
The command below will show only files created for the month of 2014-12 but you can of course change the year, month or even specific day or time to suit your needs. The awk command simply just makes it output the list of files created on the date you are looking for.
stat -c "%z %n" *|grep ^"2014-12"|awk '{print $4}'........
Account Functions -> Change Site's IP Address
Choose the domain and then click "Change"
Choose the new IP
1.) Setup SSL Certificate in cPanel
Click on "SSL/TLS Manager" under the "Security" section.
2.) Under " Private Keys (KEY)"
Click "Generate, view, upload, or delete your private keys."
Choose "Key Size: 4096........
Are you getting the same old error message even though your iptables settings for OpenVZ are correct?
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The reason is because in newer vzctl the old way of setting IPTABLES="" in vz.conf is completely deprecated (I spent some time fiddling wondering why my settings were correct but........
This is the most secure way since we don't know if using the built-in ftp method of Wordpress is secure (that is do they store, record or transmit the ftp login information to a third party like the NSA?).
Upload or wget the plugin and then unzip it from the Wordpress website tot he following path of your wordpress:
/yourwordpressinstall/wp-content/plugins
Then navigate to the "Plugins" section on the left side o........
I kept thinking it was esniper but somehow my bash settings have a preset proxy that was creating the issue.
https://signin.ebay.com/ws/eBayISAPI.dll?SignIn: Couldn't connect to server: couldn't connect to host
curl manually to any URL is the same:
curl: (7) couldn't connect to host
Run curl with -vvvvvv mode to see the issue:
curl -vvvvvvvvvv http://realtechtalk.com
* About to c........
It's a basic script that reads the file "ips.txt" in the current directory and then creates a corresponding ifcfg file
#!/bin/bash
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
device=eth0
counter=0
for ips in `cat ips.txt`; do........
It is a permissions issue that is hard to fix.
All but one USB device is greyed out.
I am already a member of "vboxusers"
I have already enabled and disabled USB support for the guest.
I have already reinstalled the latest VBOx guest editions
If running as root it all works fine
Changing........
First of all to find your IP you can hold the "X" button for a few seconds and it will print out the DHCP IP.
Another way to find the IP that I prefer is to login to your router or switch and find a hostname that says something like "SEC001599CD2948" which will be your Samsung printer (at least for the C3xx or C4xx series of Samsung printers).
The login and password for Samsung Syncthru Webservice:........
First of all if you're getting this error it is a result of extreme database activity. If you aren't expecting it or it doesn't make sense to you 99% of the time this is a database driven script being exploited (some common examples I see often are things like phpBB being hit by dozens, hundreds or thousands of bots making constant DB write requests).
The easiest way to identify this is to restart MySQL and then run the third party tool "mtop" and you'll see all........
iptables -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1/32 --dport 3389 -j DNAT --to-destination 192.168.5.2:3389
iptables v1.4.7: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The above is often because you don't have the correct modules loaded on the hostnode or enabled for the container but in some cases it's actually a weird openvz setting.
Che........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
It really seems that 4.4.4 is not ready or stable for the i717 yet and this makes sense since it takes a lot of work/development and testing to get the factory stock ROMs working well. In the end I used the 4.1.2 based Blackstra BlackJelly because it was fast, stable and just works and feels great. The aftermarket support is great but many devs are focussed on adding features and customization that most of us don't want or need rather than getting things smooth and stable.........
Unable to mount iPad 4
Unhandled Lockdown error (-4)
This is because you need the libimobiledevice-utils package installed and a newer version of it.
My older Ubuntu 10.10 uses a version that does not have "idevicepair" which seems to work perfectly and automatically with newer versions of the library.
Basically if you install the above library it should be plug and play and if your imobiledevice-utils doesn't have 'idevice........
There is a weird quirk with how this works, but there is a variable called "src" that defaults to 0 or disabled if not specified as 1.
The default 0 means not to recur billing on a subscription. It's too bad it's not more obvious anywhere nor is there an explanation or warning during payment or after to both the seller and buyer.
Here's a proper subscription code example that does recur and does not cancel........
https://www.2checkout.com/documentation/notifications/order-created
It shows all the parameters that get passed so you can make a simple script to process it.
To enable 2CONotifications you need to do the following:
Login
Browse to the top right to an icon that looks like a "circle with horizontal lines inside" - Notifications.
Enter the appropriate URL for your IPN/Notification processing script (........
It was hard to find this as I find most online payment processors don't just put the basic information in plain view.
Remember to set your sid (your seller id). The below can easily be turned into a scripted PHP template to integrate into your own custom or existing payment solution.
http://help.2checkout.com/articles/How_to/How-to-Sell-Recurring-Products-with-2Checkout/........
CPanel says you can access 98% of the functions through CLI which experienced Unix/Linux admins prefer for simplicity and for scripting. I've never found CPanel easy to use from the admin panel, it seems everything is hard to find and a simple task becomes a series of hunts.
So for people like me here's the list: http://cpanel.net/system-administrators/command-line-scrip........
Dial ****
Then 110#
It will then say what your current IP address is.........
-A PREROUTING -d 98.98.98.5/32 -p tcp -m tcp --dport 1050 -j DNAT --to-destination 192.168.1.50:3389
The above forwards port 1050 on IP98.98.98.5 to 192.168.1.50 port 3389 (you can obviously edit things to meet your needs).........
This is what fixed it:
[root@box13 ~]# dd if=/dev/zero of=/dev/md160 bs=512 count=500
Basically you need to wipe out more than just the 512 byte partition table so 512 bytes * 500 is more than enough to make DRBD happy and think the partition is now empty.
The reason this happens is because it gets confused when there is a previous partition with data on the device you are using.
root@box13 ~]# d........
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: WARN: ha_msg_add_nv_depth: line doesn't contain '='
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: info: >>>
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: ERROR: NV failure (msgfromsteam): [>>>
]
I have never been able to reproduce the above but it happened on heartbeat-3.04-2 when Itook a node down for testing.
One thing Ibelieve caused it was by configuring ha.cf........
I used the matching 8.3.13 utilities and it didn't work but strangely the newer 8.3.16 which makes DRBD complain works just fine.
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:SyncSource ro:Secondary/Primary ds:UpToDate/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:5236960
&am........
ERROR: make_io_childpair: cannot open ucast br0
You cannot specify ucast br0 without an IP address associated with it.........
OpenVZ has made vzctl version 4.7 default to using ploop which is a big annoyance. No one wants it otherwise we'd use Xen or KVM.
Make sure to manually specify vzctl 4.6.1 or you will have issues with old scripts breaking since it defaults to using ploop (a single image like Xen/KVM).
Here's a list to old versions of vzctl.........
It's always bothered me how Wordpress basically forces the user to provide their hosting credentials to install themes and plugins. How do know for sure the data is not being saved, intercepted and being provided backdoor access to the NSA or other agencies or even just being misused by others with access?
Here's how to close the security hole above and if you're already given Wordpress your credentials make sure you change everything associated it with it. Eg. change your........
This problem seemed to happen recently but was likely causing issues before where the phone(s) do not ring.
Now there are a few reasons why this can happen especially if your adapter has DND mode enabled (disable it).
However that wasn't my issue and Ionly figured it out the other day when by fluke if you're on the phone (making a call) then calls will come in.
That's when Ifigured out the solution:
This likely app........
./configure
./configure: line 91: cd: /lib/modules/2.6.32-042stab084.25/build: No such file or directory
Error: kernel version not found.
Please make sure your kernel is configured.
dr-xr-xr-x. 4 root root 4096 Feb 21 06:13 ..
lrwxrwxrwx 1 root root 45 Feb 21 06:13 build -> ../../../usr/src/kernels/2.6.32-042stab084.25
drwxr-xr-x 2 root root 4096 Feb 12 20........
http://deepxw.blogspot.ca/search/label/Universal%20Termsrv.dll%20Patch
The above site has the patch that does this essentialy turning a Desktop Windows into a full fledged RDP server.........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
After that just reboot and you may also have to enable ip_forward in /etc/sysctl.conf........
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
........
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
I was worried the server was hacked, I was logged in already as root but couldn't login to CPanel or a new SSHsession. I even reset the password from the shell and it did not work still.
The reason is CPanel Hulk, it detected a brute-force attack so it locked down the root account entirely even from the correct password. According to cPanel the best way around this is to whitelist your IP.........
ssh -L 5905:localhost:5900 root@yourserver.com
The "-L" means to create a port forward to a port on your server.
The 5905 means the port on your computer that will be used to access the port 5900 on the remote server.
localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
On some CPanel installs we see complaints of "/usr/local/cpanel/bin/apache_conf_distiller" causing 100% cpu usage without any solution.
Killing the process causes it to spawn again, actually it seems it tends to spawn multiple processes itself.
Restarting CPanel itself is a temporary but not permanent solution.........
[Wed Jan 08 18:50:07 2014] [emerg] (28)No space left on device: Couldn't create accept lock (/etc/httpd/logs/accept.lock.15449) (5)
This may happen when trying to restart Apache and you find it dies right after starting and check /var/log/httpd/error_logs.
What is the cause of this?
You could be out of disk space (if you're not then see #2 and below)
You're out of Semaphores, you need to kill all the old ones.........
[3805108.257042] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257052] sd 0:0:0:0: [sda] Write Protect is off
[3805108.257054] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[3805108.257066] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[3805108.257083] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257090] sd 0:0:0:0: [sda] Write Protect is off........
-A PREROUTING -p tcp -m multiport --dports 10000,18080,13306 -j DNAT --to-destination 192.168.5.83........
Services -> Services
"Static Leases"
Fill out an empty line:
MAC Address
Host Name
IP Address
Those first 3 fields are mandatory, if you miss it then the changes will be lost even if you try to save.
Make sure you've d........
Go to:
"Server Configuration" -> Basic cPanel & WHM Setup
Scroll to: "Nameservers" (at the bottom)
From there you can set the names of the nameserver and their IPs.
It's very weird and confusing that nothing under IP Functions/DNS has or links to this.........
Fatal error: Out of memory (allocated 6291456) (tried to allocate 7680 bytes)
This is usually caused by Wordpress, Drupal or other ridiculously inefficient CMS' out there, as a temporary fix you can increase PHP's memory limit but it's best to find the actual culprit, by disabling add-ons and other scripts etc...........
Download the latest from Adobe's site and unzip it, enter the directory it creates and type the following:
sudo cp libflashlayer.so /usr/lib/adobe-flashplugin/
sudo cp -r usr/* /usr........
yum -y install fail2ban
vi /etc/fail2ban/jail.conf
[asterisk-tcp]
enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp]
sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
logpath = /var/log/asterisk/messages
maxret........
Requirements:
1.) Enter your root wordpress directory.
2.)Download the latest wordpress.zip to it.
#backup your current files just in case
cp -a . wp-current-bk`date +%Y%m%d`
unzip wordpress-3.7.1.zip
rm -rf wp-includes
rm -rf wp-admin
echo y|cp -a wordpress/wp-includes .
echo y|cp -a wordpress/wp-admin .
echo y|cp -a wordpress/wp-content/* wp-content
echo y|cp wordpress/* .........
order deny,allow
deny from all
allow from your.ip.here
........
Dell CS24-NV7
Unusually the Virtualization was enabled when I got this server but all the NICs were diabled in the BIOS including PXE boot!
Advanced -> Advanced Chipset Control
PCI Slot 1 Option ROM: Enabled
Onboard LAN1 Control: Enabled
LAN1 Option ROM Scan: Enabled (you need it for PXE boot)
Onboard LAN2 Control: Enabled
LAN2 Option ROM Scan: Enabled
*you will need to reboot and........
VBox/Virtualbox solution to NS_ERROR_CALL_FAILED error
This is likely because you have 2D/3D acceleration enabled and your card doesn't support it.
Eg. you switched video card drivers or video cards that did support it.
The funny thing is that you CANNOT disable those options as they are "greyed" out in the VBox client GUI.
The config file has to be manually changed and fixed with these options "accelerate3D="false" accelera........
This happened after a customer migrated their hosting and the issue was being unable to access PHP sessions.
Warning: session_start(): open(/var/lib/php/session/sess_3e0oms763m6mrqekdnnmodlhs3, O_RDWR) failed: Permission denied (13) in /register.php(202) : eval()'d code on line 1
Solution:(use the correct ownership/permissions)
chown apache.apache -R /var/lib/php........
Example:
basename /var/log/messages
messages
As shown above the "basename" utility gives you the end filename separately.
dirname /var/log/messages
/var/log
As shown above the "dirname" utlity gives you just the utility even if you pass it a specific file.
The above two utilities are very helpful in Bash scripting when working with files and directories co........
This happens because of a permissions or ownership issue.
Generally /var/lib/mysql should be all owned by mysql.mysql (check that).
To fix it use chown -R mysql.mysql /var/lib/mysql
Also make sure the files are at least readable and writable by mysql (eg. 700).........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
total&n........
Sipura / Linksys PAP/VOIP/SIP Adapter Issue
Can't receiving incoming phone calls and you're behind a NAT router (99% of people)?
1. Login to the adapter.
2. Click on "Advanced" (location varies but usually somewhere on top)
2. Click on "SIP"
3. Scroll down to "NAT" (usually at the bottom).
You'll find 2 columns with 4 rows of drop-down boxes (they'........
Starting container...
vzquota : (error) Quota on syscall for id 42131: No such file or directory
vzquota on failed [3]
Solution
cd /var/vzquota
mv quota.42131 quota.42131-disable
vzctl start 42131
Starting container...
Initializing quota ...
Container is mounted
Adding IP address(es):
Setting CPU units: 1000
Container start in progress...
........
02:00.0 SCSI storage controller: LSI Logic / Symbios Logic SAS1068E PCI-Express Fusion-MPT SAS (rev 08)
03:00.0 SCSI storage controller: LSI Logic / Symbios Logic SAS1068E PCI-Express Fusion-MPT SAS (rev 08)
Basically these cards are a stripped-down version of Dell Perc 6/i only they (SAS 6/ir) support JBOD.
The DellPerc 6/i are basically useless because it doesn't have JBOD support and requires software or BIOS commands to add or remove........
Iread this article and still don't understand the issue.
If I understand correctly the client negotiates after the first SSLconnection and then gets the correct hostname and thus correct certificate.
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
To their credit I know I'm not using SNIbecuase Iget this message in the Apache log :)
[warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
B........
PHP5 Centos 6 displays part of code from PHP file for some scripts
Solution
edit /etc/php.ini change short_open_tag = Off to:
short_open_tag = On
Then restart Apache and it should be resolved (assuming the scripts failing used )
........
/scripts/phpextensionmgr install PHPSuHosin
Updating md5sum list
Fetching http://httpupdate.cpanel.net/cpanelsync/easy/targz.yaml (connected:0).......(request attempt 1/12)...Resolving httpupdate.cpanel.net...(resolve attempt 1/65)...
Fetching http://httpupdate.cpanel.net/mirror_addr_list (connected:0).......(request attempt 1/3)......connecting to 74.50.120.123...@74.50.120.123......connected......receiving...100%......request success......Done........
Istruggled with this for awhile because the normal setup won't work if modrewrite is being used:
ORDER ALLOW, DENY
So the solution is something like this:
order allow,deny
deny from 12.43.12.0/24
allow from all
........
The first is a dual CPU AMD Opteron 2373EE (4 cores x 2) and I think it did bad because it has some old 250GB SATAs which can only do about 65MB/s max sequential reads. I think it should have blown away the second (AMD X4 640 Quad Core).
[root@fs12home unixbench-4.1.0-wht-2]# ./Run
make all
make[1]: Entering directory `/root/unixbench-4.1.0-wht-2'
Checking distribution of files
./pgms exists
./src exists........
relay=alt4.gmail-smtp-in.l.google.com. [74.125.136.26], dsn=4.0.0, stat=Deferred: 421-4.7.0 [ 10] Our system has detected an unusual rate of
This is strange because the mail server IP is not blacklisted anywhere and the IP itself has not been used for years and this server is clean and has only sent a few e-mails to gmail.com in its entire time.
I wonder if this is a legacy block on a whole range of IPs as punishment for others in the block........
I've got one of these for testing projects from work at home and got more than I bargained for with the time I've spent on it due to the storage handing/Perc 6/i cards.
My particular model came with the following:
2U Rack Mount Server with Rails
2xOpteron 2373 EE (Quad Core, there is a 6-core version that can be found at times)
16GB RAM
2 x 250GB Seagate SATA
2 x Dell Perc 6/i (horrible and a nightmare to work........
I bricked one of my cards by following a guide from UNRAID.
Step #1 from them wipes out the BIOS, but guess what? The step where you restore the BIOS should have been done first, which is sas2flash but no version supports or is able to find my Perc 6/i. So now I'm a bit stuck.
I tried using megarec but it's funny that it can wipe the BIOS but can't forcefully reload it:
megarec -writesbr 0 mpt2sas.rom
Supports 1078 control........
One thing to remember is that you need MegaCli to do the flashing.
You also need the correct file,I tried at least 2 different Perc 6 firmwares from Dell that kept getting rejected as corrupt by MegaCli(they were really the wrong version). I have an external PCI-E Dell 6 Perc/I butI chose images from the 'Integrated" on motherboard version as it was allI could find. They are different, and below is my first time finding success.........
I flashed an LSI Logic firmware to it and it broke the BIOS (cannot do Ctrl+R) for booting purposes but allows other functionality to work normally.
I tried downgrading to a Dell firmware for Perc 6i but it won't work, not even with MegaCli
wget http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
--2013-08-26 12:53:39-- http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
Resolvi........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
pxe-32 tftp open timeout
The solution was to enable tftp in xinetd with "chkconfig tftp on".
See the troubleshooting below:
chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off&n........
http://support.godaddy.com/help/article/668/registering-your-own-nameservershosts?pc_split_value=1
Log in to your GoDaddy Account.
Click on "My Account" at the top left.
Click on "Domains".
Click on the "Launch" button for the domain you want to create the nameservers for.
Find........
Add a DNS Zone
Results of adding zone
Sorry, you must enter a domain. Please try again.
Fill this out at the top (Imissed it)
Domain Selection
Ip Domain
The issue was I didn't realize the form above had to be used,I thought it should work where you click on the user, domain and then click on the submit button and you'd go to the next step. But it doesn't, you need to........
The Cause
Basically it's usually because your Cpanel has new IPs and the old IPs it knows are no longer available/working/valid.
The solution is to change the site's IP but you may run into issues for various reasons. Here is what I encountered below.
It redirects there even though public_html is empty and doesn't have any index or htaccess redirect.
---
This issue happened after a CPanel migration, the site is bein........
Say if you need to make a firewall script to block certain ports this works great.
for ports in 21 25 443; do
iptables rules here
done........
iptables -t nat -A PREROUTING -p udp -m multiport --dports 20,123,443 -j REDIRECT --to-port 53
getsockopt failed strangely: Invalid argument........
yum update error
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 145, in main
(result, resultmsgs) = base.buildTransaction()
&nbs........
for ip in `cat fixlist.txt`; do
sudo -u apache ssh root@$ip "`cat iptablesrules.sh`"
done
In the above example we are going to execute the commands within the local file "iptablesrules.sh" on all the machines in "fixlist.txt". This is a great way of performing server maintenance in a clustered or cloud environment.........
This happens all the time, you are reading from a textfile which has spaces eg:
datainfo 00
datainfo 11
If you do loop on it like this:
for info in `cat $file`; do
echo "info=$info"
done
It will treat datainfo and 00 as two separate lines:
info=datainfo
info=00
Obviously that's not what we want and there are many weird solutions in bash bu........
The key here is to use the "uuencode" command but note that we specify the file name twice (this must be done at least on Centos or it won\'t work).
The first file.zip is the actual file we want to send.
The second file.zip i........
These drives seem to die very easily during shipping:
sd 0:0:0:0: [sda] Unhandled error code
sd 0:0:0:0: [sda] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK
sd 0:0:0:0: [sda] CDB: Read(10): 28 00 18 8b 65 e0 00 00 08 00
end_request: I/O error, dev sda, sector 411788768
sd 0:0:0:0: [sda] Unhandled error code
sd 0:0:0:0: [sda] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK
sd 0:0:0:0: [sda] CDB: Read(10): 28 00 18 8b........
This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers:
Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs).
iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22
Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
This happened to a customer Asterisk server and it somehow found the ID of the registration account to the upstream SIP server and was railing connection attempts (it filled up the console and there were literally thousands per second). Basically this caused all incoming and outgoing calls to fail.
It was a temporary fix but the solution was to block that specific IP, it's hard to stop it 100% because the customer needs the default SIP port.........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
mysql -u username --password='yourpassword' ........
This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others:
Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
-bash-3.1# shutdown -rn now
Connection to localhost closed by remote host.
Connection to localhost closed.
Sometimes I work with embedded systems/custom kernels without any of the fancy init scripts and other common Linux basics that most would expect. This means that often the "reboot" command (which uses an init script) will never work, not only that but it will hang the server and a manual power cycle or reboo........
Solution To The Following:
yum -y install zlib-devel
yum -y install e2fsprogs*
*** Cannot find /usr/include/et/com_err.h. (yum install libcom_err-devel) ***
Installation didn't pass, halting install.
Once requirements are met, run the following to continue the install:
cd /usr/local/directadmin/scripts
./install.sh
Common pre-install commands:
http://help.directadmin.com/it........
mdadm --manage /dev/md3 --add /dev/sda1
cat /proc/mdstat
Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10]
md0 : inactive sdd2[1] sdd1[2](S)
31270272 blocks
md3 : active raid1 sda1[2] sdb1[1] sdc1[3](F)
943730240 blocks [2/1] [_U]
[>....................]........
I chose this because I heard a lot of stories about scams and that many providers I contacted said they can't unlock the Canadian I717s (one said "my Bell server" is down).
This method worked perfectly on my Bell I717M and should work for all I717 in Canada, I was able to insert a foreign SIMcard. This will work abroad too but remember entering CWM mode is different for I717's in other countries (at least theUS).
Step 1 - Root + CWM........
Here's a proven example of what a bad hard drive can do, it was technically functioning OKin a RAID array but the system became extremely low and the load become high and IOWAIT was even higher and I always thought it was a bad application. The truth is that this failing 1TBHitachi has slowly gotten worse and caused huge slowdowns, (eg. 100% load on Thunderbird waiting for e-mails to load etc..). After swapping it out, tabs change instantly, emails are not lagged, and........
Here's what SMART tells me the serial number is:
=== START OF INFORMATION SECTION ===
Device Model: Hitachi HDS721010CLA332
Serial Number: JP2940HQ3ZY7KH
Firmware Version: JP4OA3EA
User Capacity: 1,000,204,886,016 bytes
Device is: Not in smartctl database [for details use: -P showall]
ATA Version is: 8
ATA Standard is:&nb........
I have iptable_filter loaded on the hostnode so I don't understand this issue.........
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 03)
For whatever reason it seems the r8169 driver that ships and has shipped with most Linux distros for years is still flawed and does not work properly on these cards, causing 100mbit connectivity when it should be 1gbit and even worse, causing random network dropouts. The r8169 driver in Linux kernels is simply not meant to be used on th........
There are 3 pieces that are required to restore and make it work (of course consider if any kernel modules need to re-enabled and if you need to change the IPs):
Copy the vz/private/VEID directory to /vz/private
Copy the /etc/vz/conf/VEID.conf to /etc/vz/conf/
mkdir /vz/root/VEID
After that you should be able to see the VE in vzlist -a
You should then be able to start it normally.........
This pops up when connecting the phone and it doesn't seem to charge. The phone keeps showing a status message every few seconds "Connected as a media device".
It's ridiculous why this phone doesn't just default as a simple USB Mass storage device.
Here's what I see in /var/log/messages:
Jan 30 18:51:27 QuadCoreAM2 kernel: [18038228.144046] usb 1-3: new high speed USB device using ehci_hcd and address 24
Jan 30 18:51:28 QuadCoreAM2 ke........
Let's keep this simple, it's horrible, not only is the picture quality horrible (it's not a big deal) but the keyboard input is an issue. You have to type slowly, lightly and carefully otherwise 1-keystroke could end up being dozens of keystrokes.
It's also a confusing unit for many datacenter techs, I've seen these units hooked up wrong and the instructions themselves aren't clear. I had to resort to shipping one to my office and take my phone pictures of the setup for th........
I've run into two issues with Lantronix based KVMs on various servers and here's how I solved them (with that said I like these units as they are Java based and OS independent and work very well, unike some other models like Startech).
1.) If you are connected by USB only and you're sure USB support from the BIOS is enabled, you just need to click the following in Lantronix
Interfaces -> Keyboard/Mouse
Check "Force USB Full Speed Mode", this fixed the issu........
This is very handy if you're too busy and don't have time to download whatever files you need.
The -D specifies the domains allowed, this is because I specified -H which means foreign hosts are allowed, if you don't restrict them you'll end up going to the whole internet via ads and other links just like a search Engine would follow.
-l 0 specifies to go deep, to as many levels as possible/as exist.
-e robots=off is important because robots.txt often says you can't vie........
This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more:
This little script below will install everything you need to get booting by PXE Linux.
It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
The best way is to use rsync, I've set it up so it doesn't copy unnecessary files, or at least ones I'm sure aren't needed.
Here is the rsync command Iused (adapt to your specific Thunderbird profile location):
rsync -hazv user@remotehost.com:/home/user/.thunderbird/sbrer.default/* /home/user/.thunderbird/4nyb0.default/ --exclude=global* --exclude=Cache --exclude=ImapMail --exclude=Mail
This is a great way to get your e-mail accounts going on a new c........
This error in my experience is user error although CPanel doesn't help, this message doesn't give you much to go on.
Let's talk more about the process of setting up SSL with CPanel.
Your site must have a dedicated/non-shared IP to even have the option of creating an SSL Certificate.
You must create a Private Key (do not delete this private key!)
You must create a CSR (Certificate Signing Request)
Use CSR to create cert........
The size of the message you are trying to send exceeds a temporary size limit of the server. The message was not sent; try to reduce the message size or wait some time and try again. The server responded: 4.5.3 Error: too many recipients.
We set this in main.cf:
smtpd_client_recipient_rate_limit=0
We didn't specify it before and the default is said to be 0/unlimited and it still didn't change anything.........
ip tunnel add tun3 mode gre remote 192.58.1.5 ttl 64
ioctl: no such device
I solved this on Centos by loading the ip_gre module:
modprobe ip_gre
On Debian I believe it is the "sit" module.........
When trying to delete a tunnel
ip tunnel del tunl0
I get this message:
ioctl: Operation not permitted........
ip_conntrack: table full, dropping packet.
A lot of clients I've seen have this issue, it really seems the default level is way too small. Once this connection tracking table becomes full then packets get dropped which is obviously a bad thing.
One thing to be mindful of though is that 350 bytes of memory are used per entry so there is some justification for not keeping it too high. However, if you have multiple servers running or high traffic daemons........
A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH.
Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you?
This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
ntpd[7047]: can't open /var/lib/ntp/drift.TEMP: Permission denied
chown ntp.ntp /var/lib/ntp/
The solution is shown above and changes the ownership to ntp.ntp which is what the ntpd daemon/server is running as. This is based on Centos but the same idea will apply on any other OS. You can do a "ps aux|grep ntpd" to see what it is running as in the case it's running as a different user.
After that this annoying message wil........
JFolder::create: Could not create directory
Plugin Install: Failed to create directory:
This can occur when trying to upload content or when installing themes/templates.
It's usually not a permissions issue per say but doing a 777 (which is very insecure) will fix it. But the real problem solution is that the owner of the files is different than the owner of the Apache process/server.
Eg. if your Apache is running as user "apache........
This array is a RAID 1 and in this case 1 of the 2 drives failed (a WD drive and I've found them to be the weakest and most unreliable of any brand and are easily damaged/DOA when shipping them).
mdadm --manage /dev/md0 --add /dev/sdb1
The above assumes the array you want to add to is /dev/md0 and the device we are adding is /dev/sdb1
*One thing to remember is to make sure the partition you are adding is the correct size for the array. You can also g........
In bash you test like this for problems that can be caused by non-printable characters since if you don't know how to identify it because it basically breaks your script.
echo "url=$url" should print something like this normally if you have properly formatted input/text:
url=::http://someaddress.com::
But if you have some weird hidden characters (not visible in a text editor of any sort you'll get something like this
::l=::http://s........
NOTICE[5628] chan_sip.c: Registration from 'user ' failed for '192.168.5.25' - Peer is not supposed to register
You have to setup as a "friend" and not "peer".
Set:
type=friend........
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below.
The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted.
How To Enable IPTables Modules in OpenVZ........
I searched for days after getting my Galaxy Note and couldn't find a way to do this (at least not without buying programs for either Android/Windows). All I read was ways to sync and import the contacts to GMail but I don't want to use GMail for privacy reasons. GMail/Google steal all of your personal information and use it for whatever purposes they want to and may sell or release it to who knows where (I don't care what their policy says but this stuff happens), just like the default........
It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.
Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:
*setup SSL
openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
That creates the public certificate and private key pair in the location Directadmin expects to fi........
*************************************
* *
* All parts have been installed *
*........
wget -N http://httpupdate.cpanel.net/latest;sh latest
That one command above will do it all (and it takes a long time to install/compile). After that you can access CPanel with your root login information by visiting https://yourdomain-or-ip.com:2087
I personally don't like CPanel (bloated, full of bugs, no shared SSL, difficult to use etc..)but I admit it's easier to install than........
I experienced this with CPanel's Exim after an auto-update (a Google of this error produces lots of complaints with few clear solutions). In this case I'll put the solution at the top.
Run /scripts/buildeximconf to rebuild the Exim config and it should be fine after that.
mail -vs "from test" user@dest.com < .bash_history
LOG: MAIN
cwd=/root 4 args: send-mail -i -v user@dest.com
LOG: MAIN
&........
For years I've always built cheap systems believing that there is little difference in more expensive components when it comes to reliability and quality, I generally believe this still except for Power Supplies.
I've always bought cheap cases with nice sounding 350-550W stock/cheap/crap power supplies and haven't had any issues for the most part until recently.
One such case is an NGEAR case with a 550W Optimax power supply, I always read that these supplies don't produce the........
One of my test Centos 5 containers was on a partition that filled up and it threw all sorts of errors and stopped responding but now I can't boot it again anymore.
All the console shows is the Linux Penguin on the top left corner and the xm console says "usbcore: registered new driver hub" and has halted there.
Centos 5 Xen container stuck/frozen won't boot on "usbcore: registered new driver hub"
Another great way of troubleshooting is booting fro........
I dread updating the kernel and rebooting to find the Ubuntu graphics aren't working and you have to manually intervene. This is usually because Ubuntu for whatever reason didn't update the drivers you need (eg. the manually compiled Nvidia Kernel driver that MUST be recompiled for each and every kernel update unfortunately).
The most common reason may be that "linux-source" hasn't been installed automatically on my system. I tried to manually reinstall the........
This is a very basic method and won't work in all cases but will reduce the chance of torrenting/abuse by your server users.
iptables -A INPUT -p tcp --destination-port 6881:6999 -j REJECT
iptables -A OUTPUT -p tcp --source-port 6881:6999 -j REJECT........
I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH.
I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0:
iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE
Replace "192.168.200.0/24" with your subnet of cour........
This is the mail system at host mail.postmail.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
&........
It really is as simple as:
cdrecord -v dev=/dev/sr0 pathtoyourisoimage.iso
-v is for verbose, I prefer it but if you don't you won't see as much output like below (I like to know the details and exactly what's happening)
dev=/dev/sr0 specifies the device name of your burner (they say not to use it and to specify some weird annoying device string but using the raw /dev has always worked for me and is how it should have been implemented from the start IMHO)........
*Make sure that the ownership is 501.501 or mobile.mobile when copying back (especially if using ssh or sftp as root on the iPhone) otherwise things will break. Eg. the contacts will be blank even after trying to update due to incorrect ownership/permissions.
iPhone Notes Location/Restore:
/private/var/mobile/Library/AddressBook
AddressBookImages.sqlitedb AddressBook.sqlitedb
Once you restore the contacts and restar........
gocr works great and it's simple, just invoke it like so:
gocr filename.png
The output will be printed to the screen.
My only complaint/concern is that even with standard terminal output (not scanned) from a printscreen, gocr does make mistakes by inserting extra spaces where they don't belong, mistaking letters for numbers etc.. but it's definitely enough to be readable and figure out what you're looking at.
I haven't tested yet with scanned input........
These were caused by a bad stick of Corsair RAM
[] free_hot_cold_page+0xfc/0x150
[] __pagevec_free+0x14/0x1a
[] release_pages+0x127/0x12f
[] __pagevec_release+0x15/0x1d
[] __invalid_mapping_pages+0x120/0x156
[........
The first Hitachi Deskstar 2TB 5K3000 drive I bought arrived DOA for whatever reason (not recognized by the BIOS or OS). Perhaps it was shipping since I bought only 1 hard drive. When I bought 4 through another Vendor, all 4 checked out fine.
I was worried about the RMA process because a lot of people have complained about Hitachi taking weeks to send out their hard drive and almost implied the warranty is useless.
I'm happy to report that my experience was great a........
carat M isn't this symbol ^ that you think, it can only be produced by typing "Ctrl-v, Ctrl-m". That you might see in text files saved from Windows.
tofrodos is the package that has dos2unix which is basically the same scripts that replace ^M with /n
tofrodos is the Debian/Buntu package name which has the dos2unix and unix2dos binaries........
The normal solution would be as follows:
export DISPLAY=:0.0
/usr/lib/vino/vino-server &
But what happens if that doesn't work? I haven't been able to find much documentation about how to find the list of displays and how their numbering works in Xorg.
Sometimes you'll get this error when trying to restart vino:
Cannot open display:
For some reason my display is not on 0.0........
Have you ever found a website/page that has several or perhaps dozens, hundreds or thousands of files that you need downloaded but don't have the time to manually do it?
wget's recursive function called with -r does that, but also with some quirks to be warned about.
If you're doing it from a standard web based directory structure, you will notice there is still a link to .. and wget will follow that.
Eg. let's say you have files in http://serverip/documen........
A few days ago this happened on multiple Centos 5 servers and apparently anyone using rpmforge was affected by this error and there was no solution other than disabling that repo to fix it.
To some this highlighted a few points, that there is a reason RHELexists with full paid support, and also that this could be a vulnerability and huge flaw with yum. A yum search or install should not segfault just because the rpmforge repo goes down.
Fortunately it came back up........
This may not apply to everyone but here is what happened to me.
One day my IP connectivity for one container went dead, I could ping the hostnode from it and the hostnode could ping it but there was no external routing. I restarted the network service but it didn't help.
I checked the routing table inside the VPS and the host and everything looked normal. Iadded another different IPon the same subnet to the container and it worked. Right away I st........
netstat is weak and can't show udp connections and most other protocols, use "ss" which is what netstat should have been:
The "-u" switch stands for udp, here's a list of other options:
Usage: ss [ OPTIONS ]
ss [ OPTIONS ] [ FILTER ]
-h, --help this message
-V, --version output ver........
I had a system running a 128MB live CD image with 2.8 gigs of available RAM and the OOM kernel killer went crazy when using dd for more than 8 minutes and kept killing everything. I've read that this is due to a low-memory issue and paging in the kernel and 32-bit systems with lots of RAM.
I even enabled swapspace on my LiveCD and the issue happened 25 minutes into dd rather than 8 minutes, so what gives?
Also no swap space was ever used!
cat /proc/s........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
It's weird because I have a nearly identical box and setup and I can update the ovzkernel-PAE* just fine but on this box it doesn't work.
I only get this error with the openvz.repo and not others such as Centos-Base.repo
With my other server it works normally:
================
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package ovzkernel-PAE.i686 0:2.6.18-238.12.1.el5.0........
TRACKING DETAILS
PIN xxxxxxxxxxx
Status PLEASE CALL 1 888 SHIP-123 OR 1-888-744-7123 FOR INFORMATION ON THIS SHIPMENT.
I know this is not really tech related but Iorder a lot of hardware on-line these days and once I had a delivery by Purolator.
I didn't get anyone on the phone at Purolator after a few minutes so I gave up, but it turns out that the person on the phone or the system will tell you to........
I had one of these shipped and it was not recognized when plugged in, here's what a dead drive looks like (I assume it's teh circuit board which is dead):
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset failed (device not ready)
ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
ata1: link online but device misclassified, retrying
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset f........
I thought only a faster CPUand SSDwould help but I already have a Quad-Core CPU and it wasn't being maxed out. The actual tests were performed on an AMD-V enabled 128MB dual core VMWare container though.
There is a flag that can be passed to make in order to start multiple threads, by specifying 4 threads I was able to reduce the whole kernel compilation time from scratch by about 50%! (65minutes vs 31minutes!). *Yes I did do a make clean before each co........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
This is e-mail notification to warn you that your hostname is setup improperly on your system.
This is an annoying message and bug with Directadmin, my hostname is set correctly, why does it complain?
To get of this message just run this command:
/usr/local/directadmin/scripts/hostname.sh yourhostname.com........
May 6 08:16:57 devbox spamc[16225]: connect to spamd on 127.0.0.1 failed, retrying (#2 of 3): Connection timed out
May 6 08:17:02 devbox spamc[20214]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection timed out
spamc[16225]: connect to spamd on 127.0.0.1 failed, retrying (#3 of 3): Connection timed out
First make sure that the spamd service is actually running, this is your spamd (spamassassin server) cannot be reached. In my c........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Enable mod_status
vi /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order Deny,Allow
Deny from all
All........
I found this technique listed in many places which shows you how to use a common Linux tool "dd" to dump the raw partition of your iPhone.
I give credit to this site for showing me the correct way to dd from the iPhone, I never thought to try it in the other direction:http://log.ijulien.com/post/182804914/iphone-3gs-data-recovery
Requirements
1.) Jailbreak your........
http://www.datsi.fi.upm.es/~frosal/
SHC is a program written by the author above that does just that, it's a great little tool to have.
Some have said it isn't exactly encrypting the code but just making it hard to read by obfuscating the code.
There was also a good discussion about that here:........
This happened during a RAID array check:
SMART says both drives pass the test, but I'm doing a long test on them and hopefully this is not a hardware error.
Apr 3 04:22:01 remote kernel: md: syncing RAID array md2
Apr 3 04:22:01 remote kernel: md: minimum _guaranteed_ reconstruction speed: 1000 KB/sec/disc.
Apr 3 04:22:01 remote kernel: md: using maximum available idle IO bandwidth (but not more than 200000 KB/sec) for reconstruction.
Apr........
mysql errors even though these files do exist:
110405 13:21:37 InnoDB: Operating system error number 13 in a file operation.
InnoDB: The error means mysqld does not have the access rights to
InnoDB: the directory.
InnoDB: File name ./ibdata1
InnoDB: File operation call: 'open'.
InnoDB: Cannot continue operation.
110405 13:26:15 InnoDB: Operating system error number 13 in a file operation.
InnoDB: The error means my........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
My mother needed a new laptop and I recommended her the same one I would have bought myself or my wife, that means the cheapest possible laptop with the most features for the money.
This HP shines at this price point and one thing that made me stay away from buying more and recommending HP/Compaq was the poor battery life. Not anymore, this model has an industry leading up to 4 hours of battery life.
Key Factors for Choosing It:
HDMI Out........
drup 6.2 install
$cd drupgoodinst3883/
[ drupgoodinst3883]$ ls
CHANGELOG.txt cron.php index.php INSTALL.pgsql.txt INSTALL.txt MAINTAINERS.txt modules robots.txt sites update.php xmlrpc.php
COPYRIGHT.txt includes INSTALL.mysql.txt install.php LICENSE.txt misc&........
I don't expect this to be solved soon but some of Yahoo's DNS servers are out of whack. I changed the IPs of some nameservers of some domains and now most Yahoo users can't e-mail to those domains!
As you can see below by the "No MX or A records for mychangedomain.com", now Yahoo's DNS/mailserver DNS cache is wrong. You would think they would at least have cached the old incorrect records, but instead for some reason their DNS cache has no entry and doesn't seem........
high IO wait
424 root 39 19 1900 848 552 D 0.0 0.0 0:00.91 updatedb
root 424 0.0 0.0 1900 848 ? DN Mar11 0:00 /usr/bin/updatedb -f sysfs?rootfs?bdev?proc?cpuset?binfmt_misc?debugfs?sockfs?usbfs?pipefs?anon_inodefs?futexfs?tmpfs?inotifyfs?eventp........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
NOTICE[11389]: rtp.c:1808 ast_rtp_read: Unknown RTP codec 100 received from
I've found that trying several times may work, but I also read changing your Sipura VOIP adapter settings as follows helps (but it still fails for me sometimes):
In adapter change the following under SIP/Advanced
Codec to G711a from G711u
Passthru Method from: NSE to ReINVITE
FAX CED Detect Enable: Yes
FAX CNG Detect........
I'm posting this because it wasn't easy or obvious how this would be accomplished and the man page leaves it to guesswork.
Multi-line body_checks
Example 1
/........
Use "ImageMagick" which can be installed easily on most UNIX/Linux distros.
Remember that it will go with the standard file listing to determine the order but I believe you can manually specify multiple jpg's in the arguments.
Convert image/jpg to PDF
convert *.jpg yourpdf.pdf
This is a very handy and free tool.
Convert DOC/TXT documents to PDF
If you wanted to convert a .doc file or text........
Make sure the module "tun" is loaded on the host.
vzctl set 2000 --devnodes net/tun:rw --save
*Note what's below is what OpenVZ says you need (but I've never had to do it)
vzctl exec 2000 mkdir -p /dev/net
vzctl exec 2000 mknod /dev/net/tun c 10 200
vzctl exec 2000 chmod 600 /dev/net/tun
On the container test the device:
when Something is wrong:........
Amarok won't play songs, keeps skipping to the next
Some say install install phonon-backend-xine
but it was already installed automatically, obviously that's not the problem or solution.
Settings -> Configure Amarok
Playback: Configure Phonon
Audio Output: Music
It should show your different audio interfaces, choose Pulse Audio and move it to the top of the list, do the Apply, OK and manually quit Amarok (remember to close it from the tra........
I keep getting messages like this shortly after using the proxy (it works for a few seconds/page loads and then stops):
channel 12: open failed: administratively prohibited: open failed
I'm not sure what the issue is unless there's some kind of hardware firewall on the other end. I've used this exact configuration on multiple servers with no issue and even disabled iptables etc..........
Convert MBOX Mail files into Maildir using Linux
*You need perl an the TimeDate module
Get the free Perl script mb2md from the project/author's site:
wget http://batleth.sapienti-sat.org/projects/mb2md/mb2md-3.20.pl.gz
gunzip mb2md-3.20.pl.gz
#remember you need timedate or you'll get this error:
./mb2md-3.20.pl
Can't locate........
sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
I made sure the entire .ssh subdir is owned by the user root (this is root's account);
chown -R root.root .ssh
chmod 600 .ssh/authorized_keys
but it still doesn't work and gives me the same message
sshd[7339]: Authentication refused: bad ownership or modes for directory /root
chmod 700 /root........
Basically you should always be 100% sure that whatever IPyour mail server sends out with has reverse DNS/PTR records. Remember that unless you own your IPs then you won't be able to set your own reverse DNS. Even if you were to create a reverse PTR record on your DNS servers it will be ignored. Reverse DNS is queried to pre-assigned DNS servers of your ISP, so therefore you'll need to contact your ISP/Colo/Hosting provider to do a reverse DNS entry.
If you don't have........
I think this will be useful to others because I have a server that kept crashing mysteriously during intense disk usage/RAID checks. It would only crash during the weekly RAID integrity check.
ThenI noticed during a reboot that not all CPUs were being brought up, as a result this actually creates much higher temperatures with the output I got from sensors, just booting the system produced higher than normal temperatures.
You can imagine that a full blown RAID check........
Jan 16 04:02:03 centosbox syslogd 1.4.1: restart.
Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds.
Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
CPU/Kernel/MB/RAID problem?
Jan 5 12:45:05 testbox kernel: [653298.890004] BUG: soft lockup - CPU#0 stuck for 61s! [hal-acl-tool:4168]
Jan 5 12:45:05 testbox kernel: [653298.890005] Modules linked in: vmnet vmci vmmon binfmt_misc drbd video output input_polldev ocfs2_stackglue ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager configfs k8temp hwmon_vid lp snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi........
Apache/httpd
Failed to save enabled features : The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.
This is because I never edited the Apache Config and Virtualmin config to reflect my new/current updated structure.........
Plesk 8.6 CLI backup:
/usr/local/psa/bin/pleskbackup domains domain.com
This is a much better way of doing it and of course it can be scripted, it's a real pain to point, click and wait for Plesk to backup domains (and yes Iknow you could do all of them in a single client file but this is not desirable for my situation).........
Importing Plesk 8.6 Backup to Virtualmin:
Validating migration file ..
.. validation failed : XML::Simple Perl module is not installed
Solution is to install the correct module:
perl -MCPAN -e 'install XML::Simple'
Migrating a single domain works just fine, but it doesn't work with a full client backup containing multiple domains.........
mysqldump --all-databases > allDB.sql
The above dumps ALL the mysql databases to "allDB.sql".
If you want to compress with gzip you could do this instead:
mysqldump --all-databases > gzip > ALLDB.sql.gz........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
crontab not working
It is running as user Apache
I've tried 0 0 * * * (which means midnight 00:00) and it does run at midnight but also 13:25 for some reason?
25 0 * * * with this it runs at 00:25 but again also at 13:25
Solution - Restart the Cron Service (especially if you changed your time/timezone)
*Update I had a suspicion that changing the timezone a few weeks ago caused this. I restarted lhe cron service and the problem h........
This made me nervous but it's clearly a cronjob based on the messages log that happens every Sunday at about 4:22.
I actually can't find any evidence of it in cron.d cron.daily but it is there somewhere obviously.
What I don't get is why doesn't this cronjob do a datacheck like Ubuntu's cronscript does? When you unnecessarily rebuild the array you lose your redundancy during that point which makes your data extremely vulnerable.
*Update I did a grep of &q........
That is pinging to the gateway IP on the same switch, the same IP is pingable externally without any problems which makes me think the switch is fine.
64 bytes from 55.55.55.55: icmp_seq=4 ttl=255 time=1.07 ms
64 bytes from 55.55.55.55: icmp_seq=1 ttl=255 time=3536 ms
64 bytes from 55.55.55.55: icmp_seq=2 ttl=255 time=2536 ms
64 bytes from 55.55.55.55: icmp_seq=3 ttl=255 time=1536 ms
64 bytes from 55.55.55.55: icmp_seq=8 ttl=255 time=1.20 ms
64 by........
I can't tell if it's Flash or Javascript that they were using, but it basically caused my sysetm to lockup until I closed that one page. Is this proof enough that Wal-mart is evil?:)
I've never seen that before, it's weird how certain things mask themselves as high CPU usage with Xorg, unless it is some kind of weird Xorg problem but I believe it's more of a Flash/Javascript issue from Firefox in Wal-mart's evil scripting.........
This doesn't seem to be widely known (maybe it's in some documentation that none of us read though)but there's an easy way to check the integrity of any mdadm array:
sudo echo check > /sys/block/md0/md/sync_action
-bash: /sys/block/md0/md/sync_action: Permission denied
sudo will never work, this only works as root since echo is not actually a binary/command. It is built-into bash.
/sys/devices/virtu........
This really made me nervous but notice the mdstat says "check". This is because in Ubuntu there is a scheduled mdadm cronscript that runs everyday on Sunday at 00:57 that checks your entire array. This is a good way because it prevents gradual but unnoticed data corruption which Inever thought of.
As long as the check completes properly you have peace of mind knowing that your data integretiy is assured and that your hard drives are functioning properly (I'........
Copy the initrd to somewhere else, say /tmp:
mv initrd.img to initrd.gz
*the mv to .gz is needed otherwise gunzip won't work/it will refuse to operate without the correct .gz extension
gunzip initrd.gz
cat initrd | cpio -idmv
The last command extracts the contents of initrd to your present working directory.
For 7z .lz initrd........
It seems nearly anything can make rhythmbox crash, I've always found it buggy.
This crash seems to be something related to ecryptfs but it's hard to say. After re-opening rhythmbox so it sits in the Gnome panel/tray, and letting it load/find all of my songs let's it work again. If I show it too soon (I wait 10-15 minutes for everything to scan first) then it will crash over and over.
[171938.995645] ecryptfs_read_and_validate_header_region: Error........
One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem?
It's not desirable to have everything running as root, especially not just for an rsync.
The Easy rsync preserve permission solution for non-root users
sudo is the answer and all you have to do is edit /etc/sudoers
At the end o........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
yum exits in the middle
The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either.
echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk
L........
I separated the 2 drives in the RAID 1 array.
1 is the old one /dev/sda and is out of date, while the separated other one /dev/sdc was in another drive and mounted and used with more data (updated).
I wonder how mdadm will handle this:
usb-storage: device scan complete
md: md127 stopped.
md: bind
md: md127: raid array is not clean -- starting background reconstruction
raid1: raid set md127 active with 1 out of 2 m........
This is an easy fix and highlights a huge issue again with Linux and Flash still not playing nicely/working as well as Windows yet.
Solution - Go to "about:config" and disable the two entries (set them to false):
dom.ipc.plugins.enabled.libflashplayer.so
dom.ipc.plugins.enabled.libnptest.so........
The solution is simple but it's a wonder why VBOX doesn't address it directly?
Perhaps newer versions will but you have to add your user to the "vboxusers" group and then login and logout and you'll see the devices you wanted but couldn't access are now available.
The weird thing is that the grayed out issue doesn't happen with all devcies but one notable thing is the Apple iPhone especially in DFU or Recovery Mode which is an big issue for some people.........
I couldn't figure out whyI couldn't install a simple package. This is what's annoying about cutting edge Debian distros, yes we know you support each license on average for 1-2 years but why take down the supporting binary packages and basically disable the older versions?
sudo apt-get install update
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find p........
I couldn't figure out why this wouldn't work, a test script in the root of my htdocs folder worked fine.
Within some subdirectories the same code would produce different base64 results but I didn't know hwy.
Archive: /tmp/archive.zip
Zip file size: 6888 bytes, number of entries: 92
error [/tmp/archive.zip]: missing 242827681 bytes in zipfile
(attempting to process anyway)
error [/tmp/archive.zip]: attempt........
nautilus-gksu - privilege granting extension for nautilus using gksu
nautilus-sendto - integrates Evolution and Pidgin into the Nautilus file manager
nautilus-share - Nautilus extension to share folder using Samba
nautilus-actions - nautilus extension to configure programs to launch
nautilus-bzr - Bazaar (bzr) integration for nautilus
nautilus-cd-burner - CD Burning front-end for Nautilus
nautilus-clamscan - Antivirus scanning for Nautilus
n........
I spent so much time debugging this, most sites don't tell you a very important option to use with CURL and you will only find out this is the problem by running the PHP script from the command line you get the following output that shows the issue (I don't see any way to get this output from Apache itself).
* About to connect() to ip.ip.ip.ip port 25000
* Trying ip.ip.ip.ip... * connected
* Connected to ip.ip.ip.ip (ip.ip.ip.ip) port 25000
* succes........
ping test.com
connect: No buffer space available
/var/log/messages
Oct 18 12:21:03 vps kernel: printk: 177 messages suppressed.
Oct 18 12:21:03 vps kernel: Neighbour table overflow.
Solution in /etc/sysctl.conf:
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.base_reachab........
2010:09:09-22:22:11: The ip of this machine (xx.xx.xx.xx) does not match the ip in the license file.
Check the value of your ethernet_dev=venet0:0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
Solution
/usr/local/directadmin/scripts/getLicense.sh........
cd /usr/local/directadmin/scripts/
scripts]# ./awstats.sh
--23:49:28-- http://files.directadmin.com/services/all/awstats/awstats-6.9.tar.gz
Resolving files.directadmin.com... 72.35.85.222
Connecting to files.directadmin.com|72.35.85.222|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1125906 (1.1M) [application/x-gzip]
Saving to: `/usr/local/directadmin/scripts/packages/awstats-6.9.tar.gz'
100%[=........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6
........
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install ovz-kernel-PAE
Now remember to set /etc/sysctl.conf to "net.ipv4.ip_forward = 1"
You can apply the change immediately by running sysctl -w net.ipv4.ip_forward = 1 but remember that you still have to set sysctl.conf
sysctl -p will load and apply any changes to s........
Subnet Mask Lengths / Quick Reference
This is for when you say how many IPs would be in a /20 or /24
Now instead of doing math just remember this table or visit here more often :)
/32
1 IP Address(es)
/31
2 IP Address(es)........
Remember to replace "eth0" with your NIC device although usually it will be eth0.
Replace 192.168.1.1 with your default gateway, remember you can also add multiple gateways by adding a second/different default gateway.
route
Kernel IP routing table
Destination Gateway Genmask&nb........
This has stumped me a few times because I keep forgetting that Centos 5.5 comes with a default iptables configuration that ends up blocking DRBD traffic,I tried all the normal things and couldn't understand why I couldn't make my normal DRBD config work. So if you have WFConnection problems and have tried the normal "mailing list" fixes, check your firewall status first!
Both Nodes Say the Following:
version: 8.3.8 (api:88/prot........
/usr/local/cpanel/bin/swapip domain(s)
It simply doesn't work, the Apache VHOSTS remain 100% unchanged, why does this script exist? I'm sure it would work from the control panel but I am locked out because my IP was changed and it doesn't match the CPanel license. I wish CPanel would make it easier to update the license IP.
I even took it a step farther, I manually edited the vhosts and restarted Apache and it........
Always make a backup of the original file before trying this, I find this kind of thing when updating IPs etc.. to use a script.
Where the old IP is "192.168.5.8" and the new IP is "10.10.5.8"
sed -i s/192.168.5.8/10.10.5.8/g testdomain.org.db
The -i with sed means "inline" meaning we edit the file directly, but without the -i we could just use >and output the results to another file or do whatever else we wanted.........
Adding IP address(es): 192.168.5.8 192.168.5.9
Setting CPU units: 1000
Error: undump failed: Invalid argument
Restoring failed:
Error: iptables-restore exited with 2
Error: Most probably some iptables modules are not loaded
Error: rst_restore_net: -22
Container start failed
Stopping container ...
Container was stopped
Container is unmounted
Error: Failed to undump VE
Resuming...
vzquota : (erro........
You'll see the following and the boot process will freeze:
io scheduler noop registered
io scheduler anticipatory registered
io scheduler deadline registered
io scheduler cfq registered (default)
I have struggled with this issue on vari........
This error is annoying, in a Virtuozzo KB entry about this ip tables nat problem they say the kernel needs to be ugpraded:
Symptoms
The node runs 2.6.18-x kernel older than 2.6.18-028stab053.10.
NAT module does not work in container, you get "can't initialize iptables table 'nat'" error:
# iptables -t nat........
This server was experiencing loads of up to 80 and maxing out the RAM and kmemsize on a CPanel VPS. There were literally dozens if not hundreds of exim processes. I have no idea why exim has such a design that would allow it to consume this much CPU and RAM. Any normal MTA should not be spawning so many processes, it should be processing them in sequence and if it is going to spawn hundreds of processes in response to a large volume of mail, it's better to have a delayed del........
After installation Directadmin does not work on OpenVZ VPS when browsing http://ip.ip.ip.ip:2222
service directadmin status
directadmin dead but pid file exists
tail /var/log/directadmin/error.log
Check the value of your ethernet_dev=eth0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
2010:07:10-12:44:01: ioctl can't find........
Mencoder is great, you can throw anything at it, including video files from your camera and have it encode into xvid or almost any other format.
In my case I took 640x480 video from my Canon and reduced the size by 1/3 with the options below (there are many other options that you can read about in the manual but I like to keep it simple).
Mencoder Encode
mencoder -ovc xvid -oac mp3lame -xvidencopts fixed_quant=4 -o ........
[27969.398749] sd 5:0:0:0: [sdb] 3907029168 512-byte hardware sectors (2000399 MB)
[27969.398749] sd 5:0:0:0: [sdb] Write Protect is off
[27969.398749] sd 5:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[27969.398749] sd 5:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[27972.117543] ata6.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
[27972.117543] ata6.00: irq_stat 0x48000000
[27972.117543] ata6.00: cmd 60/08:00:ff:7........
This is obviously a bug in the r8169 kernel module and it seems to affect a lot of people. I upgraded to the latest kernel and hope this won't happen anymore, as it is a very serious error. This is especially serious for those who are running servers with this chipset, who can afford for the NIC to randomly go off-line for no apparent reason?
[655548.189113] type=1505 audit(1277067560.902:5): operation="profile_load" name="/usr/bin/freshclam&q........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
My XBOX's dashboard/firmware was from sometime in 2008 when I first bought the system. I mainly played using composite cables but at my brother in law's house we used HDMI. The very first time it worked, but then I bought some games that did some update and after that HDMI never worked.
The symptoms besides having on sound is that your XBOX will show PC monitor resolutions but won't have any option to say you have a 720P or 1080P display, this means the XBOX firmware is fa........
I've never understood how to enable and disable services for different run levels in Debian based distros, it's just weird, annoying and doesn't make sense. I much prefer chkconfig from RHEL.
Just install the package called 'rcconf' and be done with it. rcconf makes things easy for you.
apt-get install rcconf
Reading package lists... Done
Building dependency tree
Reading state information... Done........
I've recently used CPanel on the admin side for the first time and have to say I hate it. Everything from the layout to the functionality screams "hackish". It just lacks so many common sense features and way of working.
I was never 100% impressed with Plesk but the basics were definitely laid out and done in a sensible manner, even though it is made by a Russian company, they definitely thought about how to make a Control Panel.
I have no idea why people........
route add -net 192.16.5.0 netmask 255.255.255.0 eth0
Of course adjust as you need (eg. the 192.16.5.0 should be changed to the subnet you need access to and eth0 should be changed to the network device that you want that subnet routed through). I also use the /etc/sysconfig/rc.local script and add the above into it (remember that this route only gets added AFTER all other init scripts have finished though).........
skipping non-regular file "mnt/lib/udev/devices/console"
skipping non-regular file "mnt/lib/udev/devices/kmem"
skipping non-regular file "mnt/lib/udev/devices/loop0"
skipping non-regular file "mnt/lib/udev/devices/null"
skipping non-regular file "mnt/lib/udev/devices/ppp"
skipping non-regular file "mnt/lib/udev/devices/net/tu
Solution for skipping non-regular file
You need the -D........
Basically the two main types of distros are Debian and RHEL/Centos based. I'm just going to give a quick overview of how the configuration of IP interfaces works in Debian/Centos based distros.
*Just one thing to remember, when setting IPs statically you have to manually specify a DNS server in /etc/resolv.conf (since DHCP is what normally does it automatically)
Debian/Ubuntu/Kubuntu/MEPIS
The IP (DHCP &........
I used the "Image Manipulation and Security Options" and let the script do the rest.
/scripts/easyapache
For whatever reason, doing a manual compile of PHPmyself broke everything and I've never seen that before, that's why I resorted to the cheat of easyapache.........
The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ.
1.) Add the modules to iptables and restart iptables:
vi /etc/sysconfig/iptables-config
Edit the line as so:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
2.........
Do you have an LGA1156 board and wonder why your onboard video isn't working? It's probably because there is no GPU integrated on the board itself, it is supposed to be on the CPU and new CPU's from Intel don't come with it!
I was shocked to learn that you can buy a motherboard with onboard video which doesn't work. Inever knew it was being done or possible, but to make it worse the latest Core i5's don't have video on the die of the CPU.
This means having on........
It always worked fine before but no amount of power unplugging/cycling does any good. I can access one network share and that is one that I've already saved, but it can't see any workgroups.
One silly thing is why is there no option to manually connect to a netbios name or IP?
It seems there is a bug with the firmware and that the SMB client is not working properly. Hopefully it fixes itself at some point.
Between this and the lack of support for embedded s........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel.
OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!)
# # # # # #&n........
This can be very annoying and CPanel doesn't seem to document it, or it's not found or made as obvious as it should be. It's always funny when I find it more difficult to work with a control panel than to do everytihng manually without CPanel or even Plesk.
So once again, the default serve path for contents is: /usr/local/apache/htdocs and this is especially applicable when accessing Apache by just an IP which is unbound to any domain at this point.........
cat /proc/user_beancounters produces the following:
kmemsize 1861537 5139870 12752512 12752512 26965041
Notice the failcnt "26965041", that is for kmemsize and at first it confused me. The system had enough guaranteed and enough burst RAM available. kmemsize is a variable indepedent of that, but who cars about the explanation right, let's just make thing........
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
It's very common to have multiple GCC versions for different reasons, as annoying as it is. Some newer/older programs only compile properly or at all on specific versions.
You can export the following variable CC:
export CC=gcc-4.1
Replace gcc-4.1 with the filename of the gcc you want eg. gcc-99........
mdadm --assemble --scan
mdadm: /dev/md/diaghost05102010:2 has been started with 2 drives.
mdadm: /dev/md/diaghost05102010:1 has been started with 2 drives.
mdadm: /dev/md/diaghost05102010:0 has been started with 2 drives.
-bash-3.1# cat /proc/mdstat
Personalities : [linear] [raid0] [raid1] [raid6] [raid5] [raid4] [multipath]
md125 : active raid1 sda1[0] sdb1[1]
14658185 blocks super 1.2........
Not sure what rsync switches/options to use?
rsync -PDrphogtl
The short version would be:
rsync -Pha
I think these are really common sense options to use and probaby should be the default.
Explanation of rsync switches
P = display the progress
D = hybrid of --specials and --devices so all special and device files will be copied as well.
r = recursive (otherwise rsync won't copy files deeper than........
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
Device........
Before we start I take no responsibility for this, you should have a backup and if you make a mistake during this process you could wipe out all of your data. So backup somewhere else before starting this as a precaution, or make sure it's data you could afford to lose.
The RAID 1 Setup (Hardware Wise)
I've already setup my 2 x 1TB (Seagate) drives with identical partitions, make sure your new hard drive (the empty one) is setup like your curr........
I have no idea why but mkfs.ext3 defaults to a patheticlly small blocksize of 1024 bytes/1KB (kilobyte). That means the maximum filesize is ONLY 16GB! With 2KB/2048 bytes you get a 256 GB maximum filesize, and with 4KB/4096 bytes you get 2TB!
I finally noticed/paid attention to this after realizing that with rsync and scp that no file larger than 17GB could be transferred. I then realized it must be a file size limit on the partition.
Here is what tune2fs tol........
I'm really starting to love ImageMagick, I've used it to mass convert/resize family photos with scripts and all kinds of handy things.
Today I just learned that you can create PDF files with it too, say if you have images scanned or anything else it's very simple:
convert *.jpeg output.pdf
You can replace jpg with whatever format your files are in. One thing to remember is that you can specify the order that the images/pages are added to the PDF manu........
It's basically free bash shell script available from: http://wpkg.org/email2fax/index.php/Main_Page
Make sure you have the required tools:
libtiff
ghostscript
mpack/munpack
Where you can e-mail your Asterisk box and it will fax it to the phone number in the subject line. The good news ends there, it is fairly undocumented and buggy.
Take for example how the documentation mentions you can invoke from the com........
The folder I was trying to archive is about 72GB, but much like rsync at about 17GB it chokes because of the filesize. What's with so many common and essential Linux tools having such limitations? I guess it is likely that the authors never wrote their code with the idea that files would be so large but it's still very annoying. It's important to stay on top of these limitations on production servers because I didn't realize what happened until I checked the file with "........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Proxmox has made this free utility to backup running OpenVZ containers. It's a great program which is actually just a PERL script but gets the job done. This program is not 100% required because all it really does is cp -a from your container's path as far as I know but it is still good to have uniformity to how you backup your containers.
For RPM distros such as Centos/RHEL/Fedora etc.. download and install this:
wget http://www.proxmox.com/cms_proxm........
Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics.
# # # # # # # ##### ###### # # #### # #
# # ## # # # #&nb........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
rsync bash script
[code:1:722d8a25c1]#!/bin/bash
# config ---------------------------------
# two methods
# from = receive data from another server
# to = send data to another server
rsync_method=from
rsync_ip='192.168.5.18'
local_dir='/home/backupguy/backups'
remote_dir='/home/backup'
free_space_bin='/home/backups/freediskspace.sh'
# config end ------------------------------
if [ '$rsync_me........
JavaScript get valued of selected drop down l
[code:1:4be190f44a]Package = OrderForm.package.options[OrderForm.package.selectedIndex].value;[/code:1:4be190f44a]
OrderForm = Name of HTML form the SELECT is inside
package = Name of SELECT element eg.
JavaScript says form name is not defined even though it is
I've integrated this into my design and I got an error saying the Form Name i........
Javascript Get a specified element using getElementById()Great, it produces the value for whatever "id" is passed to the function.
http://www.java2s.com/Code/JavaScript/Development/GetaspecifiedelementusinggetElementById.htm
[code:1:1287ede953]
function getElement(){
var x=document.getElementById("myHead........
JavaScript how to do math arithmetic with floats and intI have 3 variables some of which are just int and some float and need to find their sum
It just adds them as strings for some reason.Normally this would work but the floats were actually text technically I guess since they came from a form.
You need to convert them using parseFloat() and then everything is fine.........
JavasScript how to set or write value in id tagbla
I need to set a value inside that DIV tag using Javascript, how would I do it?Doesn't work for me:
[quote:c6b5f693a5]Warning: Element referenced by ID/NAME in the global scope. Use W3C standard document.getElementById() instead.
Source File: http://hosting.com/vps-order.html
Line: 19[/quote:c6b5f693a5]
[code:1:c6b5f693a5]........
Javascript round float to 2 decimal places[code:1:7d628eaf94] totalprice = Math.round(totalprice*100)/100;[/code:1:7d628eaf94]
substitute the second instance of totalprice with the variable that needs to be rounded to 2 decimal places........
Javascript window.onLoadThis can be used anywhere on an HTML page, my favorite (since body onLoad is not an option for me) is to use:
window.onLoad = functioncall();
Eg. to calculate the value of a form, you want to use the onLoad at the end of the form, as things are called in order of course........
Photoshop Save Layers as a fileJust click:
[quote:64c0c64b5a]File: Scripts: Export Layers to Files[/quote:64c0c64b5a]
You can choose an individual layer or all of them.
Have fun :)........
Problems surfing web/servingI noticed sometimes websites wouldn't load at random through a FreeBSD box and other systems on the same link didn't have the issue. I believe it is because of the low default limit of 128 TCP connections that caused the problem. It would also slow down any traffic that requires many connections such as Bittorrent.
The fix is to increase the amount of connections to at least 1024
Edit [b:520b050d3e]/etc/sysctl.conf[/b:520b05........
CentOS (most Linux) no-RAID to software RAID-1 guidehttp://lists.centos.org/pipermail/centos/2006-January/018624.html........
Upgrade Release Kernel TipsThis is for CentOS 3.1 to 3.8 but the methodology will apply everywhere.
I ran into a problem first of all with a non-booting system after running
#yum update centos-release
It took me to 3.8 and upgraded all the other packages [b:7e931c835d]BUT[/b:7e931c835d]
because of some stupid flags enabled in /etc/yum.conf the KERNEL WASN'T UPGRADED SO AFTER BOOTING, WELL IT DIDN'T BOOT OF COURSE :)
H........
Setup Static IP Address ONBOOTAssuming you are using eth0
Note this will work for any version of CentOS and basically any version of Redhat Linux or Redhat based distribution.
You would need to create a new file
[code:1:02f8d34c30] /etc/sysconfig/network-scripts/ifcfg-eth0:0[/code:1:02f8d34c30]
DEVICE=eth0:0
the ":0" at the end specifies alias 0 we could actually change this to ":99" or "........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
Telus + 2Wire 2700 Router HorribleWell first of all let me say this is the only router/switch that sometimes seems to crash/disconnect computers on the local network.
This device also thought it would be smart to block VOIP packets coming from my Sipura ATA VOIP adapters so I disabled the [quote:cb89ba7bff]"Invalid TCP Flag Attacks (NULL/XMAS/Other)"[/quote:cb89ba7bff] option
Then all of a sudden I couldn't get onto any web pages, the wireless........
E-mail (Thunderbird) with GnuPG encryptionThis is great tool for Mozilla Thunderbird which allows you to encrypt your e-mails so only you and the receiver can view it even if the e-mail is intercepting or obtained by another person.
The only small catch is that you of course have to install an extension to Thunderbird and then configure each account you want to use it with. Really it can probably all be done in a few minutes and the effort is worth it.........
E-Mail TipI just thought I'd give you guys a good tip about e-mail. It seems a lot of people like to use a Hotmail or ISP (eg. Telus) account for their e-mail but the problem is what happens if you switch ISPs, then your e-mail address no longer works and old friends might not be able to contact you. The same thing has happened for excite.com e-mail addresses where they just shut down.
Whether you are a business owner or personal user can you afford to lose an e-mail........
Vonage & Linksys Offer Trade-In ProgramVonage & Linksys Offer Trade-In Program
Monday, June 13 @ 09:22:36 PDT
Vonage is offering customers a way to get a free 802.11g router when they turn in their old one.
advertising
For a limited time, customers can trade-in their used router – any brand, any model – for a Linksys Wireless-G Router with 2 Phone Jacks for broadband telephony (WRTP54G) for free (after rebates), when they si........
The New Chips on the BlockThe New Chips on the Block
By Bruce Gain
Story location: http://www.wired.com/news/infostructure/0,1377,67795,00.html
02:00 AM Jun. 13, 2005 PT
We have embarked upon a new era in x86 PC computing -- so say chip giants AMD and Intel following their launches of dual-core PC processors. So how will dual-core processing change your PC computing experience? Our FAQ should help you decide whether or when you sho........
Intel's Finnish FetishIntel's Finnish Fetish
By Dave Mock
June 13, 2005
Chipmaker Intel (NASDAQ: INTC) has successfully topped the personal computer market for decades. Breaking into related areas such as communications has been much difficult for the world's largest semiconductor maker. But a new partnership with Nokia (NYSE: NOK) could help to change that.
Intel's forays into cellular-phone and home-entertaiment-device chips have........
Become your own ISP!http://waverider.com/
I would link to the exact product I am mentioning but it's under Products/5.8Ghz because I can't find the exact URL because of their annoying javascript and frames (you'll see what I mean).
The exciting thing is that this unit can supposedly be up to 72mbit, it is NOT line of sight and the range is up to 20miles. I wonder how real world speeds and range would actually be and if it is reliable.
I j........
Asterisk Queue Context ExplainedThis was never explained in voip-info or any other site I read.
It is understood you can escape to a context from a queue and how to specify it.
[b:882f1e0aee]
What is NOT mentioned is that the context= you specify within the queues.conf refers to a [i:882f1e0aee]context that exists in extensions.conf[/i:882f1e0aee][/b:882f1e0aee]
This will save you headaches if you need to escape from the queue :)........
Backup Shell Script[quote:aaa4b0b165]#!/bin/sh
date=`date -I`
mysqldump --all-databases | gzip > /var/backup/backup-$date.sql.gz
[/quote:aaa4b0b165]
Something like that could be useful as a cronjob to locally or remotely backup your databases........
Server Uptime ScriptA cool and free tool for uptime!
http://checkwebsite.org/........
MySQL SELECT with multiple where conditionsI can get a match on rows for now apparent reason
[quote:09cf04e097]SELECT * FROM TABLE WHERE field = 'value' & value = 'field'
[/quote:09cf04e097]
To make it work as expected use 'AND' instead of '&' they seem to have a completely different and unexpected effect.
[quote:09cf04e097]SELECT * FROM TABLE WHERE field = 'value' AND value = 'field'
[........
Helpful IPFW ExamplesSomeone's real life examples:
http://lists.freebsd.org/pipermail/freebsd-security/2004-July/002181.html
Or you can try the FreeBSD Handbook guide:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html........
Bash Script Infohttp://www.faqs.org/docs/Linux-HOWTO/Bash-Prog-Intro-HOWTO.html#ss10.5
http://www.scit.wlv.ac.uk/~jphb/spos/notes/shell/shell5.html
http://quong.best.vwh.net/shellin20/#LtohTOCentry-41
http://www.cactus.org/~dak/shellscript.html
http://db.ilug-bom.org.in/Documentation/abs-guide/
http://pegasus.rutgers.edu/~elflord/unix/bash-tute.html
http://heather.cs.ucdavis.edu/~matloff/UnixAndC/Unix/CShellII.html
Since bash i........
Use Mozilla Firefox, not Internet Explorer - You'll be glad!Hey guys,
I just thought I'd recommend that everyone switch to Mozilla Firefox as their web browser. You can find it at http://mozilla.org
It is free and it is much better than IE. It has a built-in popup blocker which works great and most importantly, it doesn't have a million critical security flaws which could compromise your security such as passwords for on-line banking etc..........
Basic Port ListingHopefully someone finds this useful or at least interesting.
http://www.sans.org/top20/#u9
Name Port Protocol Description
Small services ........
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and
relate........
Clustering LinksI thought this might be interesting for people with spare time.
[b:6423c19973]Great clustering article from Linux Mag[/b:6423c19973]
http://www.linux-mag.com/2003-11/clusters_01.html
[b:6423c19973]General Linux cluster information[/b:6423c19973]
http://www.gdargaud.net/Hack/ClusterNotes.html#HighA
http://www.faqs.org/docs/Linux-HOWTO/Cluster-HOWTO.html#s3
http://www.yolinux.com/TUTORIALS/LinuxClustersAndFileSys........
I played around with xmit power (how much power in mW) to see if I could increase the range and signal strength. Idon't think this Linksys WRT54G's strength is the wireless, it seems to have poor signal quality and transfer rates all around.
Ithink part of the problem is also that there are several wireless networks around my house that could be interfering and the walls are thick here.
Anyaway, moving on now :) The default is 28mW and I increased it to........
Linux Kernel v2.6.30.3
102220 blocks
CHK include/linux/version.h
CHK include/linux/utsrelease.h
SYMLINK include/asm -> include/asm-x86
CALL scripts/checksyscalls.sh
CHK include/linux/compile.h
CC drivers/net/igb/igb_main.o
drivers/net/igb/igb_main.c: In function `igb_up':........
The "Geoip" package is available on virtually all Linux and Unix like systems and is very handy in looking an IP address' corresponding country.
The homepage of the maintainers is here.
They also have a package called "Geocity" which can be downloaded from their site, it is still free and gives you a close indication of the city the visitor is from. You can........
This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far:
You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
Everyone says there is a "manual" way of doing it and then they tell you to use iTunes, but if you're like me, you're travelling on business in a foreign country and your laptop does not have iTunes and you don't have a way of getting it and/or don't want it.
For this example I'm using the provider "du" in Dubai, UAE (United Arab Emirates) but this method works for virtually all providers.
The requirements in this case to truly "manually update........
This is something that happens a lot and it is very dirty, as you probably know each site is hosted on a certain IP address. Sometimes a domain is hosted by a single IP address and the IP address defaults to this very same domain.
This means that if someone buys domain abcd.com and enters your IP address (the one of your website) as the A record, your content will show up on their domain as if it was their own.
There is an easy way to prevent this by using .htacces........
You might remember my original GluserFS/OpenVZ benchmark which produced a horrible 29.8
This is the exact same system, but using the latest 2.0.8 (with some small files patch which speeds up performance) you can see it is about 25% faster.
I also haven't tuned my config files at all, but there are some settings that should increase performance on small files which I believe i........
Inever saved any of the logs, but basically no matter what OS (Linux)I used, I could not get my 1000GB hard drive to work (Seagate SATA). The BIOS recognizes the drive and fdisk -l shows the hard drive as it should.
The tricky thing is that different OS's will give you different results, but don't be fooled. You can't use these larger drives for long. Iwas getting all kinds of seek/IOerrors and also messages that the port could not be read.........
This is very disappointing since GlusterFS markets itself as a solution to deploy VPS servers on. On the HNitself I get a Unixbench of about 360.
I'm also using an SSH tunnel to secure the communications, but even before that, things seemed very slow.
# # # # # # # #####&n........
In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window.
*Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
A VPS Server I had just wasn't working right, code that I migrated there just wasn't working. For example, it kept telling me the connection to the database was unsuccessful, halfway through iterating through results it already had.
Then I realized it wasn't my code. Ichecked my /proc/user_beancounters and found this:
cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt........
Backing MySQL Databases
Backing Up/Dumping All Mysql Databases To A Single File
mysqldump --all-databases -u admin -p > allmysqldatabases.sql
The "-all-databases" clause is pretty obvious isn't it? It means that it will backup all databases.
The "-u admin" means login using the user "admin", if you h........
This is something that annoys a lot of people, fortunately the Redhat style OS's are the most simple in this respect. I disagree that Debian's way makes sense, it is more of a hackish approach in how they implement iptables.
Anyway, for those who are using Redhat/Centos style OS's it is very simple.
Set your rules from the shell/command prompt and to save the iptables firewall rules so they are remember/loaded on boot just run this command:
service iptables........
As shown below you can find ringtones in the "/private/var/stash/Ringones*" directory of your iPhone.
Different reports have said that the .m4r format is really an MP4 file and some have said AAC and some also say "it's the same as the M4A" format. Whatever the case is, one easy way is to install the silent theme from Cydia and copy that into your ringtones directory.
/private/var/stash/Ringtones.sh7cLj root# ls
Alarm.m4r ........
There is a tool called "xml2" which will parse both HTML and XML scripts, this is very useful to do a mass extraction or conversion of data based on say an HTML table etc..
It becomes even more powerful using bash if certain tags are identified with a certain class="" attribute or something else unique to only the tags you want.
Happy parsing.........
There have been lots of reports like this going around and Ican confirm my 3GS with 3.0 firmware is overheating as well. It gets quite hot and actually can make your head or hand sweaty when holding it to talk, or simply holding the back cover for any reason.
It's a wonder how the device cools itself at all, considering the only thing that could ventilate air are the 2 speakers at the bottom or the single speaker on the front of the device.
Apple seems to be making........
This is pretty bad, ever since my phone has been unlocked the battery life is horrible. Many others have reported this issue on provider unlocked phones and even jail broken phones. We're talking issues as bad as losing 1% every 3 minutes which is what I seem to have observed as well.
For now I'm going to relock the phone, and hopefully a firmware update will address this issue. This is very annoying and it seems apparent this is also happening on 3G phones and that........
Has Apple tried to give a golden egg to the cell phone companies? Has anyone noticed that if you set your lock time to x minutes, the phone doesn't just lock, it goes into standby. When it does this, any WiFi connection you have gets dropped and all push/data functions such as e-mail checking are done through the 3G network.
There is no way to change this feature and functionality and it's very annoying, especially if you are downloading something or loading files over the........
You need to jailbreak your phone and inside Cydia you'll find "PushMod" which will allow you to set your mail check time to 1 minute instead of 15-minutes.
This is a great mod and has saved me a lot of stress and frustration, the lack of Blackberry style "free push service" makes iPhone less attractive, but this solves that.
Apple needs to make mobileme free and have a Blackberry style chat network to compete, I'm not willing to pay for something Blackberry........
First of all, the iPhone is crippled in many ways, but most of my complaints about functionality have been addressed through the jailbreak, Ican run apps in the background of my choosing, I can install a terminal, acccess my phone through SSH and SCP and so much more.
It even addresses the 15 minute e-mail problem, I installed a program called "PushMod" and now set the checking time to just 1 minute.
Apple should really thank the developers for this gift, it ma........
Everything was working fine but I believe when Iturned off "EDGE" in Big Boss everythign went haywire, at first my WiFi dropped, then 3G didn't work and I couldn't even make phone calls.
If you're having this trouble with your jailbroken 3GS running 3.0 firmware, make sure you don't turn off EDGE, it seems to disrupt all service to your phone.........
First of all you need to be jailbroken, but this is not covered here.
Go into Cydia and click "Manage Sources" then "Edit"and add: repo666.ultrasn0w.com
Then search for "ultrasn0w" as a package and install it, that's all there is to it, your iPhone is finally unlocked so when you travel abroad you can avoid ridiculous roaming charges, or you can switch providers and use any SIMcard you like.
You'd really thi........
Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that.
Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes.
It seems like it installed fine even with the crash t........
This happened during a sync of my iPhone while installing some apps. This usually happens to non-jailbroken iPhones who are trying to install non-Apple approved software OR jailbroken phones who haven't done the "Sync update".
How to fix this error and get the Sync Update
Open Cydia - Manage - Sources - Edit
Add this source: http://cydia.hackulo.us
Then under the section "Hackulo.us" install "Ap........
Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore.
A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly.
In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone.
I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc.
With that said........
I kind of expected this feature to be there in some form, to stay ahead of the pack Apple needs to stay on top of this. User's of HTC's Android smart phone which uses a Linux based OS with Google's power behind it, note that you can save passwords in the browser on that phone.
Apple needs to continuously evaluate the needs in its core apps and make sure the features are cutting edge and top notch, if other phones come out with some of these seemingly small but essential features........
This is unfortunate and frustrating as many sites use it, a lot of people are frustrated that TinyMCE does not work on the iPhone Safari browser.
Apparently the developer of TinyMCE's answer is "talk to Apple about it"
It's really frustrating although, I wonder if any other mobile phones are able to use TinyMCE or not, whatever the case is it would be nice to find a solution to use TinyMCE on the........
As much of a computer nerd as Iam, I'm usually a late adopter to technology for a few reasons. Ifeel most new hyped technologies and electronics are mainly fads, and I'm also cheap.
Adopting later means you avoid the bugs, kinks and most importantly pay the lowest price, that's me being cheap again :)
I never read much about the iPhone but Isaw all the hype around it and until recently I wasn't a big fan of anything Apple until a few years ago I realize........
I've had an old Blackberry for a few years and I was ready to spend some serious cash on a nice Nokia. I love the idea of the Linux based Symbian S60 OS, so I was looking at phones like the E63, E71 (both are basically the same, at least CPU/screensize although E71 is thinner, has a 3MP camera, has GPS, and has dedicated buttons to adjust the volume).
Then Iheard about the N97 and what a revolution it was supposed to be and it was even compared to iPhone.
To........
This is the Intel Atom 330 motherboard with integrated Realtek Gigabit NIC (Intel Desktop Board D945GCLF2 Motherboard W/ Atom 330 1.6 GHz Dual Core Processor - Mini-ITX)
I cannot achieve more than 15 MB/s, even doing a local transfer through eth0 to it's own IP.
100% 95MB 15.9MB/s 00:06
So this is not a cabling, switch or hardware issue, it seems like a driver or chipset limitation problem.
Here is my........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........
There's a lot of information and guides on OCFS2 for RHELand Centos Linux but the package setup and configuration is slightly different and this has thrown some people off.
Installing OC2FS
You should install the following packages to get started:
apt-get install ocfs2-tools ocfs2console
Configure OC2FS
In RHEL/Centos the main configuration file is located in /etc/sysconfig/o2cb
However in Debian based Linux it is located........
This will give you the basic info needed to browse and connect to Samba shares from the command line. From the GUI of Gnome or KDE etc, it is pretty standard and straight forward. However, I've found very little guides on how to do it from the command line and if you're like me, a nerd who prefers command line for its simplicity and for remote use, this is the way to go.
First get a list of all the Samba/SMB shares on the target.
smbclient -L hostname........
Ithink there has been a lot of negative press towards Rackable Systems. We will give their new solution credit that it is marketed very well, and comes prepackaged and ready to go.
But let's cut through the hype of both sides, the people who love this concept and the people who hate it.
What Rackable Systems have done is a first, to minimize space, power and costs into small servers. This is great, and many companies have already built their own servers based........
I've been struggling with this for awhile, wondering why all of my variables are null. Ijust realized the variables disappear after leaving this while loop.
Note that I'm piping to the while loop which makes a subshell Ibelieve which is the cause of the issue:
echo "$accounts"|while read thisline; do
somevariable="some value"
(( ++counter ))
done
At all costs you ne........
There's a lot of outdated information and confusion for system administrator's out there.
One annoying task for many an Administrator has been backing up data in Linux. You don't need any GUI tools such as K3B or GnomeBaker. Both are excellent tools but for veteran command line users working remotely, using the keyboard is a great and possibly automated way to save yourself pain and hassle.
At a later date we'll cover how scripting can automatically backup certain........