@openit said in Ubuntu firewall sucks, status showing allowed http, but won't:

I have ran following commands to redirect port 80 and 443, and it is working fine until next reboot:

#!/bin/bash
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8069
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8070
iptables-save

So I found one more article is saying to add first two commands to /etc/rc.local file to have rules permanently, but doesn't seems to be, not sure why?
@Pete-S @black3dynamite

Here's how to do it using UFW.
https://serverfault.com/a/238565
66ee7cc6-ba0d-489b-9b1c-a73e23ca9fb3-image.png

@brandon220 said in Logging out of Nextcloud in Chrome is very slow:

Another browser-based issue I've seen is in Edge. If you click the Files button in the top left, it just spins. Tried on multiple machines and multiple NC 16 installs. Works fine in FF and Chrome. Swapping browsers for different applications is a pain.

Interesting. Same happens for me.

@JaredBusch fair enough, I haven't used the product itself as of yet and wasn't aware it had whitelisting inside the product, if this was specific to just fail2ban then that method would be suitable, but in this case I agree with you, my mistake.

@IRJ You are passionate about computers, you love to write code. Well, what's more exciting than being able to create your own plugins.

When you know that WordPress is today one of the most used CMS on the web, it would be really interesting to see how a plugin is made and to be able to create it yourself. [Check it here] (http://bit.ly/2KxPChJ)

@notverypunny said in XenServer Supplemental Packs:

@DustinB3403 said in XenServer Supplemental Packs:

@notverypunny said in XenServer Supplemental Packs:

@DustinB3403 Going through the 7.1 version of the same thing right now. Not much is making it through this sinus headache / migraine though.... Maybe another coffee will help. From what I see on the XCP-ng forum they're trying to move away from the notion of supplemental packs in favor of standard rpms.

Yup, because SPs are essentially private, where as the entire XCP-ng project is FOSS. It makes it way easier to just run yum install <something> and keep it all updated with the yum upgrade

Makes perfect sense for the XCP-ng project, but playing with yum and adding repos would put our hosts in an unsupported state with Citrix. Other way I might be able to do this is some sort of query over SSH from a linux machine to the bare-metal (Dell idrac) and / or the XenServer install. FusionInventory does wonders with SNMP for network devices and printers but I haven't seen anything that applies to my setup.

You'll have to build an SP, and use that to ensure you can maintain your support from Citrix. Nothing else would fly with them.

@IRJ #TrueStory

@wrx7m that vendor sounds like GE or UTC. These companies employ the most ridiculous procedures and requirements in the name of security. I think it all comes down from gov oversight, so dumbasses on top audit you, then you need to implement some retarded procedure that does nothing, but makes lives miserable for everyone you deal with.

@openit said in CompTIA Linux+ LX0-103/104 or XK0-004? free training?:

On other hand, I'm looking for free or cheaper training, in which whole course content matches the updated/latest Linux+ exam, so I can take the certification. I had a look on Cybrary.it but it doesn't seems to be covering all topics from certification syllabus.

I find Cybrary to be a complete waste of time. Their courses are outdated and quite frankly suck! Don't even bother. I recommend Udemy where courses are around $10-20. They are rated by many people and you can get a good idea about the course through reviews before buying.

We are IT professionals here, and dont have time to try to save $10 and waste hours of time looking at useless material like cybrary or incomplete and incorrect data that can be on youtube and other untested sources.

Subscription based training is also bad IMO since there is no incentive to make each course be the best in it's category. No competition on a platform like Udemy.

@IRJ said in Windows Server 2012 R2 - Share Auditing for Changes:

I know you use wazuh..

Check this out

https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html

Thanks! Checking out setting this up. Hopefully, it will reveal the culprit.

@davide-bonavita said in Moving from O365 E3 to Business Premium:

It looks like you don't need to uninstall and reinstall Office

Correct

@marcinozga said in FreePBX hardening ...:

@IRJ The scenario described above doesn't look like automated attack, and it's rather unlikely bots would be exploiting PBX to make international calls.

I think this is the first episode of the Darknet Diaries

Found the answer here:
https://unix.stackexchange.com/questions/32908/how-to-insert-the-content-of-a-file-into-another-file-before-a-pattern-marker

sed 's/CHANGEME/$x/g' origfile | x="$(<file2insert)" envsubst '$x' > newfile

This will replace every CHANGEME occurence in origfile with the content of file2insert. Remove last g from sed to replace only the first occurrence of CHANGEME.

@gjacobse said in Yet another Windows 10 File Sharing issue.:

@WrCombs said in Yet another Windows 10 File Sharing issue.:

@WrCombs said in Yet another Windows 10 File Sharing issue.:

@gjacobse said in Yet another Windows 10 File Sharing issue.:

Damn - I was hoping this would fix my issues with access the NAS from the Desktop. Other Windows 10 works fine. Just this one. Previous threads on the matter...

https://mangolassi.it/topic/19632/folder-sharing-issue/76

All I know is one of these fixed it - .

HKLM\system\current control set\services\CSC\ start = 0

HKLM\System\Current Control Set\Services\NetBT\Parameters\UseNewSMB set to 0

Uninstalling reinstalling NIC

Un/installing the NIC allows access via IP,.. more than I had previous. I'll try that the first time the next time it happens.

Thanks.

I do what I can.

Maybe this has it?

http://rtellason.com/manuals/Designjet500.pdf

@black3dynamite said in Vagrant and KVM:

@stacksofplates said in Vagrant and KVM:

Vagrant is much better than kickstarting

Why is it better?

It's much faster and you can use tools like Ansible to provision the Vagrant boxes. It's just really flexible and fast.

@Obsolesce said in Lenovo Owns Motorola Discussion:

@scottalanmiller said in Lenovo Owns Motorola Discussion:

How is anything you are saying not victim shaming if you aren't calling me a liar?

First of all, no, I do not believe you are ever lieing because, lies are false statements made with deliberate intent to deceive. If I feel you say something that is untrue when you believe it to be true, and I disagree with what you say, does NOT ever fucking make it okay for you to tell me I'm calling you a liar. Stop doing that. I'm not talking specifically about this case so don't quote my previous statement because it will then be out of context. I'm saying in general, that if someone disagrees with you, does not in any way give you the right to say they are calling you a liar. Lies are specific to deliberate intent to deceive, what you are inserting is wrong.

So if it's raining outside and you ask me what the weather is, and I tell you it's sunny and clear.

I'm not lying?

@JaredBusch said in Building VitalPBX on Vultr Automatically:

@scottalanmiller said in Building VitalPBX on Vultr Automatically:

and be fully updated.

I noticed that the defualt CentOS 7 image was pretty much fully up to date before I ran the install script. Only thing that came down when I ran yum update -y was wget.

Yeah, it is more of a "just in case" something is out of date. I almost never see it not fully up to date when I fire it up.

For Fedora you can just do

sudo dnf install vagrant-libvirt