• iptables how to log ALL dropped incoming packets


    A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging: Take an example iptables rules file -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth1 -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -i eth1 -j ACCEPT -N LOGGING -A INPUT -j LOGGING -A LOGGING -j LOG --log-pre........
  • Linux named / bind how to dump, view and clear the cache!


    Do you hate it when your ISPhas old cached records because of a high TTLon the DNS record of the relevant domain? In plain English this means you often can't connect to a site or service because your ISP's DNS servers haven't gotten word of the new IP address (probably because they haven't checked). There are also some that are notorious for ignoring TTL and not updating records for days! But if you are lucky and smart enough to have your own Linux based DNS se........
  • postfix errors fatal: no SASL authentication mechanisms /usr/libexec/postfix/smtpd: bad command startup -- throttling solution


    Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1 Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem........
  • named [FAILED] - zone 1.168.192.in-addr.arpa/IN: not loaded due to errors. - bind error solution


    Centos when copying old files and restarting it seems load everything fine and then says [FAILED] with no log or other message. service restart named named [FAILED] Check more thoroughly you may have missed the error if you have lots of zones! service named restart|grep error zone 1.168.192.in-addr.arpa/IN: not loaded due to errors. zone 2.168.192.in-addr.arpa/IN: no........
  • astrachat connection problems in Android 5.01 Lollipop


    I wanted to use Astrachat because it seems to be the only app that has video, pic and file sharing for Jabber butI cannot even connect despite any other client working fine including Xabber and others. astrachat "Oops.. We can't connect to the account that you provide above. Please recheck your account detail". Unfortunately to make it worse there doesn't seem to be any error log or more details about the issue. The jab........
  • kernel:[14277.697049] EDAC MC0: UE row 4, channel-a= 0 channel-b= 1 labels "-": (Branch=0 DRAM-Bank=0 RDWR=Read RAS=7048 CAS=0 FATAL Err=0x4 (>Tmid Thermal event with intelligent throttling disabled))


    I am getting this error: kernel:[14277.697049] EDAC MC0: UE row 4, channel-a= 0 channel-b= 1 labels "-": (Branch=0 DRAM-Bank=0 RDWR=Read RAS=7048 CAS=0 FATAL Err=0x4 (>Tmid Thermal event with intelligent throttling disabled)) But many people believe this is a bug/false message and the server is running stably.........
  • Creating tunnel gives the error ioctl: no such device


    ip tunnel add tun3 mode gre remote 192.58.1.5 ttl 64 ioctl: no such device I solved this on Centos by loading the ip_gre module: modprobe ip_gre On Debian I believe it is the "sit" module.........
  • iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) - OpenVZ Container Problem iptables module problem solution


    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below. The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted. How To Enable IPTables Modules in OpenVZ........
  • Kernel/make compilation time and how to improve compile times/compile the Linux kernel faster without hardware upgrades


    I thought only a faster CPUand SSDwould help but I already have a Quad-Core CPU and it wasn't being maxed out. The actual tests were performed on an AMD-V enabled 128MB dual core VMWare container though. There is a flag that can be passed to make in order to start multiple threads, by specifying 4 threads I was able to reduce the whole kernel compilation time from scratch by about 50%! (65minutes vs 31minutes!). *Yes I did do a make clean before each co........
  • Enable SPAMASSASSIN on Postfix in 5 minutes


    Centos 5 Postfix and SPAMASSASSIN Tutorial yum install spamassassin chkconfig spamassassin on vi /etc/mail/spamassassin/local.cf ############## #required_hits 5 #report_safe 0 #rewrite_header Subject [SPAM] #5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives require........
  • Linux Realtek Gigabit NIC huge/high latency problem after sleep?


    That is pinging to the gateway IP on the same switch, the same IP is pingable externally without any problems which makes me think the switch is fine. 64 bytes from 55.55.55.55: icmp_seq=4 ttl=255 time=1.07 ms 64 bytes from 55.55.55.55: icmp_seq=1 ttl=255 time=3536 ms 64 bytes from 55.55.55.55: icmp_seq=2 ttl=255 time=2536 ms 64 bytes from 55.55.55.55: icmp_seq=3 ttl=255 time=1536 ms 64 bytes from 55.55.55.55: icmp_seq=8 ttl=255 time=1.20 ms 64 by........
  • Openvz Enable Most Common iptables modules


    The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ. 1.) Add the modules to iptables and restart iptables: vi /etc/sysconfig/iptables-config Edit the line as so: IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp" 2.........
  • Latest Articles

  • Linux How To Create A RamDisk
  • mdadm force resync when resync=PENDING solution
  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG
  • Proxmox trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
  • Debian 9 SSH root password authentication failure password not working problem / solution
  • QEMU / KVM How To Manually Create Basic Virtual Machine VM
  • Linux wlan0 check all wireless clients
  • PHP Issues With Decoding Strange Smart Quotes And Non-Standard ASCII Characters
  • /etc/iproute2/rt_tables default settings file in Linux Centos 6,7 and most other NIX's
  • bind named error solutions named[2169]: error (no valid DS) resolving / error (broken trust chain) resolving / : error (no valid RRSIG) resolving 'com/DS/IN':
  • iptables how to log ALL dropped incoming packets
  • How To Edit Linux Based NM Network Manager Connection Settings Without GUI
  • Linux Disable IPV6 Centos / Debian / Mint Howto
  • Linux use growisofs to burn a larger file on a BD-R / Bluray Disc
  • Linux partprobe/partx cannot access last and 4th partition
  • DRBD Errors Caused By Physical Corruption
  • mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument solution
  • Linux named / bind how to dump, view and clear the cache!
  • Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient
  • Adobe Acrobat Reader for Linux to use and view XFA Fillable Forms