|
Ur Getting Fatter posted:No, it's the only rule for that IP (plus it happens with any IP).
|
# ? Nov 22, 2016 03:20 |
|
|
# ? Apr 25, 2024 00:50 |
|
Ur Getting Fatter posted:Any ideas on how to trouble shoot that? Can you just give us the output of "iptables -L" or "iptables -S"? (Feel free to obscure any IPs you'd rather not disclose, of course.) Usually fail2ban adds a line like "-p tcp -m multiport --dports 22 -j fail2ban-ssh" to the start of the INPUT chain, but it sounds like that may have somehow not happened. e: Pasted the wrong line. Fixed. e2: Yeah, what anthonypants said. iptables isn't anywhere near as cryptic as most people think. Ten minutes with this page is enough to teach you how to read and write basic rules: https://wiki.centos.org/HowTos/Network/IPTables Powered Descent fucked around with this message at 03:35 on Nov 22, 2016 |
# ? Nov 22, 2016 03:24 |
|
Can you post iptables -L? Or try adding a jump to f2b on INPUT?
|
# ? Nov 22, 2016 04:31 |
|
HPL posted:Kind of a dumb question, but is there a Linux equivalent to Microsoft's RDWeb? Try out noVNC https://github.com/kanaka/noVNC
|
# ? Nov 22, 2016 06:14 |
|
So, after a 1 week delay due to an OS X multi boot problem, today sees the release of Fedora 25. Fedora 25 sees the implementation of Wayland as standard. Instead of Wayland being an option at the login screen it's now default. I tested the beta a couple of weeks ago and it ran perfectly on my laptop with integrated graphics. Wayland has now hit desktop Linux. I wonder how Mir is panning out over at Canonical? :o)
|
# ? Nov 22, 2016 08:07 |
|
Powered Descent posted:Can you just give us the output of "iptables -L" or "iptables -S"? (Feel free to obscure any IPs you'd rather not disclose, of course.) Here's iptables - S: code:
Fail2ban has added a "-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd" rule, which from what I understand looks for incoming connections going to port 22 and inspects them using the "f2b-sshd" rule. At some point I added a "-A INPUT -p tcp -m state --state NEW -m tcp --dport 24500 -j ACCEPT" rule which accepts any new tcp connections incoming on port 24500. 24500 is my ssh port, not 22. Finally, fail2ban adds a "-A f2b-sshd -s 186.143.200.184/32 -j REJECT --reject-with icmp-port-unreachable" rule rejecting connections originating from 186.143.200.184/32 (my ip). So, best guess, one or more of the following are happening: 1) Fail2Ban correctly looks at my logs and identifies a bruteforce attempt. 2) Fail2Ban adds a rule to the f2b-sshd chain. 3) Fail2ban however only applies the f2b-sshd to incoming connections on port 22, while my ssh connection are on port 24500. 4) Because the f2b-sshd REJECT rule gets added at the end of the iptables, the connection first gets accepted by the 24500 -j ACCEPT rule, so it never hits the REJECT rule. dpkg chopra fucked around with this message at 14:29 on Nov 22, 2016 |
# ? Nov 22, 2016 14:26 |
|
So, I managed to fix that by adding "port=24500" to my sshd jail, restarting fail2ban, and then immediately locking myself out of ssh because of course I had banned my ip (fixed it by vpning in and deleting the rule) Thank you everyone for your help! dpkg chopra fucked around with this message at 14:51 on Nov 22, 2016 |
# ? Nov 22, 2016 14:39 |
|
apropos man posted:Fedora 25 sees the implementation of Wayland as standard. Instead of Wayland being an option at the login screen it's now default. I tested the beta a couple of weeks ago and it ran perfectly on my laptop with integrated graphics.
|
# ? Nov 23, 2016 03:21 |
|
Combat Pretzel posted:Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers. Wow. That's quite a lovely and annoying bug. I assume that you're not using obscure hardware, either, if you're running a 1070. I haven't upgraded this laptop yet, as I sometimes to give it a week or so for any catastrophic problems to be ironed out. I'd class not being able to see the mouse position as being a first class problem. apropos man fucked around with this message at 08:21 on Nov 23, 2016 |
# ? Nov 23, 2016 08:18 |
|
In Vim I have the habit of accidentally hitting shift when I want to use a command like 'tabedit' (ie I'll accidentally type Tabedit about half the time). Is there a way I can just force vim to recognize Tabedit = tabedit and vice versa?
|
# ? Nov 23, 2016 09:18 |
|
Combat Pretzel posted:Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers. do you have a high DPI screen? I've had several issues with hidpi on gnome-wayland, it's still pretty rough (too rought to be default imo but I can see the point of wanting greater exposure).
|
# ? Nov 23, 2016 10:26 |
|
Maybe that's one of the reasons it worked out of the box on my old Haswell laptop: 1366 X 768 FTW! :-p
|
# ? Nov 23, 2016 12:17 |
|
apropos man posted:Wow. That's quite a lovely and annoying bug. I assume that you're not using obscure hardware, either, if you're running a 1070. The F24 live image doesn't even work due to the old version of nouveau putting the adapter in an unknown state. And I don't want to mess around with Arch again, because some packages I needed last time required manual patching of functionality that other distros do themselves. kujeger posted:do you have a high DPI screen? I've had several issues with hidpi on gnome-wayland, it's still pretty rough (too rought to be default imo but I can see the point of wanting greater exposure).
|
# ? Nov 23, 2016 17:28 |
|
This might sound silly but have you tried using a different mouse? I vaguely remember having the same issue with Fedora. I was using a wired by fancy ~gaming~ mouse and it did what you're describing. Then I plugged in a lovely $1 wired mouse with 2 buttons and a wheel and viola everything was peachy. I don't remember if I was able to install some drivers or something to fix the issue afterwards.
|
# ? Nov 23, 2016 18:09 |
|
Combat Pretzel posted:Nope, 1440p at 27". But two of them. Why not pull out one of the display during setup if the lovely fedora installer can't handle them both?
|
# ? Nov 23, 2016 18:13 |
|
The displays are handled fine, they automatically switch to spanning mode, too. The mouse fucks up. I guess I'll try one display and/or a cheap mouse, crossing my fingers that if it'll work, the issues will be gone with the NVIDIA blob driver after I get a chance to install it. However, it's the whole Wayland session, not just the installer. That said, I had dual display on my old GTX 780 working just fine with nouveau and Gnome Wayland, beginning of this year. Including functional mouse.
|
# ? Nov 23, 2016 19:07 |
|
Is Wayland the way to go now?
|
# ? Nov 23, 2016 19:08 |
|
Combat Pretzel posted:Annoying in that I have this old spare SSD waiting for a Linux installation and I can't proceed. The Wayland support out of the box works have been nice, but I can't continue with installation, if I can't see what I am clicking. Keyboard navigation isn't impossible, but turned out to be more of a pain in the rear end than expected and worthwhile. I remember having issues with a Linux installer before, where I couldn't see the mouse during install but after installation normal service was resumed. I can't remember which distro, but seem to remember it being a KDE plasma based OS. I'm thinking Kubuntu. If you persevere with the keyboard it could possibly pay off.. Combat Pretzel posted:
If I run Ubuntu Live or try to install it on my desktop PC it makes my 750 Ti periodically spin the fans full-blast about every 30 seconds for 10 seconds. The solution for me is: 1. to get the OS installed hastily while the fans are going crackers 2. download the proprietary driver from Nvidia 3. remove nouveau and boot into command line environment (sudo systemctrl set-default multi-user.target) 4. Install the Nvidia driver after running 'chmod +x' on it 5. Reboot into graphical environment (sudo systemctrl set-default graphical.target) I agree that you should try disconnecting one monitor and install onto only one screen. It'll be easier for the installer to work out what's going on. EDIT: Combat Pretzel posted:However, it's the whole Wayland session, not just the installer. Ah, disregard the top half of my post then.
|
# ? Nov 23, 2016 19:16 |
|
apropos man posted:Maybe that's one of the reasons it worked out of the box on my old Haswell laptop: 1366 X 768 FTW! :-p I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now?
|
# ? Nov 23, 2016 19:35 |
|
Odette posted:I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now? God no, and a growing segment of the laptop market is 11"-13" Chromebooks for $200 or less. When push comes to shove, I'd put having 4GB of RAM over having a 1080p display, or even having an x86 CPU. The $150 chromebooks with an ARM chip, 1366x768 display, and 4GB of RAM are pretty usable machines!
|
# ? Nov 23, 2016 19:39 |
|
Plus there's the issue of driving those pixels. The UHD yoga I use at work has integrated graphics and it chugs hard on video. Even 1080p is hard on it because it has to upscale so much.
|
# ? Nov 23, 2016 19:49 |
|
Odette posted:I don't understand why laptop manufacturers *still* sell laptops with that screen resolution. Surely 1080p panels are cheaper than 1366x768 panels by now? In my case, I found a Haswell i5 on eBay that someone was selling with a missing F8 key-cap. It's a Toshiba Satellite: quite a heavy old thing that blows pretty hard under full load. Build quality is a bit plasticky but it's had some heavy use over the last year and still going strong and a bit of a beast with an extra 4 GB RAM and a Samsung 850 EVO thrown in. Not bad for £180 (laptop only). The F8 key-cap is still missing.
|
# ? Nov 23, 2016 19:49 |
|
Boris Galerkin posted:Is Wayland the way to go now? As a PSA for anyone upgrading from F24 -> F25, if you get an error with rpm-python3 apparently a fix is in the works and you should be able to upgrade within' the next few days. Got the error on my machine, no biggie though as the only noticeable improvements for workstations are Gnome 3.22 and some other smallish things.
|
# ? Nov 23, 2016 22:40 |
|
I wonder how we'll be with the next range of AMD processors, presuming that they are going to stick to the well-established APU model of having CPU and GPU on the same socket. Is it feasible that AMD will stick with traditional architectural structure for the new line of CPU's so that I could buy a new AMD APU laptop and it will be easy for the Linux community to port drivers for it? Is it a case of 'wait and see' because we just don't know how the new chips will be implemented yet?
|
# ? Nov 24, 2016 00:43 |
|
Marinmo posted:Heavens no. I do read your question as way to go equaling being the default without fallbacks, and then the answer is that it won't be for a long time as long as the nvidia-issues remain (someone's gotta budge or X.org will stick around forever, can't see it being nvidia either). Wayland is fine for AMD-based machines and people with nvidia cards who really hate 3D-acceleration though.
|
# ? Nov 24, 2016 01:21 |
|
As I mentioned earlier, Mutter is getting EGLStream and EGLDevice support next release. 3.23.2 already has it. This means that GNOME at least will support NVIDIA on Wayland. In fact, Fedora already supports it via backported patches.
|
# ? Nov 24, 2016 13:02 |
|
(K)ubuntu DNS question: I changed the DNS for a website I host, and whatsmydns.net is showing the new, correct IP across the board. When I run nslookup with Google DNS it shows the new IP, but my local ISP DNS still has the old IP: code:
code:
code:
code:
(I can't put https://www.website.com in [code] tags without it adding the [url]s, annoying) edit: Ok I just tried again right after posting and it worked. ISP DNS still has the old IP so I must be using google DNS properly now. A cache somewhere must have finally been updated? fuf fucked around with this message at 13:18 on Nov 25, 2016 |
# ? Nov 25, 2016 13:15 |
|
fuf posted:(K)ubuntu DNS question: Your zone file defines a ttl for the record, and it can take up to that long for the record to update(if your local resolver picked up the record right before you changed it, it would take that long) . I've never found a way to speed it up, personally. I've noticed some browsers have their own separate dns cache to make it even more fun.
|
# ? Nov 25, 2016 15:09 |
|
That's why if you're planning DNS work always have a second box somewhere that would not be accessing the sites you're updating so you can verify function after you do the change. Or just reboot, should clear everything out. Also always set the TTL to be super short a couple days before.
|
# ? Nov 25, 2016 16:07 |
|
Also, use dig instead of nslookup.
|
# ? Nov 25, 2016 17:13 |
|
See how your nslookup command says Server: 127.0.0.1? That indicates you're running some local DNS caching daemon as well. Likely dnsmasq, but I dunno what Kubuntu ships with off hand. So the old value was probably cached there too on top of your ISP's servers, your home router, etc. Restarting dnsmasq (or whatever is listening locally on port 53) would have cleared the entry immediately. Rebooting "works" to flush DNS caches but it's the "swatting a fly with a Buick" overkill method vs learning what's really going on. In terms of speeding up DNS changes, the only thing you can really do is proactively lower the TTL hours or days in advance. Set it to like 5 minutes. Then when it's time to really make the change, it's picked up quickly and you can set it back to a more sane value when you're satisfied. There's no way to actively tell every other DNS resolver in the world "I know I said my TTL is 1 day, but gently caress you, come check me again anyway right now cause I changed!" Docjowles fucked around with this message at 21:00 on Nov 25, 2016 |
# ? Nov 25, 2016 20:55 |
|
I want to set up a second debian install on a computer as a wordpress development platform from my home Internet connection. I would use my existing raspberry pi, but it's at its limit. I have DDNS setup and letsencrypt for security. I've read that I can just copy the letsencrypt certs from one computer to another: does anyone have a guide for this? I have other Apache problems: If I initially configure my ports.conf before logging into my wordpress install to use say port 7000, I can configure using HTTP, but HTTPS doesn't work... is this a mysql database problem?
|
# ? Nov 26, 2016 13:42 |
|
politicorific posted:I've read that I can just copy the letsencrypt certs from one computer to another: does anyone have a guide for this? Copy the /etc/letsencrypt folder over. quote:I have other Apache problems: Probably not a MySQL problem, but without some kind of error message it's impossible to help beyond that.
|
# ? Nov 26, 2016 15:10 |
|
Combat Pretzel posted:Wanted to give Fedora 25 a spin. Live image boots up fine and everything, and the nouveau driver seems to work with my Geforce 1070, but for some reason the visual mouse cursor gets stuck in the top left corner of the focused screen. Controls do actually highlight and react when I blindly move and click around. Weird. Filed a bug about this a while ago, went apparently ignored. This is kind of a showstopper for newcomers. This is probably a kernel bug related to cursor modesetting. Link the bug that you filed?
|
# ? Nov 26, 2016 18:08 |
|
Howdy. I've got Xubuntu running on my desktop and dual booting with Win7. I decided to go against my instincts and upgrade from 14.04 to 16.04. Big mistake of course. During the upgrade, I got booted to my lock screen and the lock screen was unable to display many of its own icons (instead showing little red circles with a slash) and I couldn't log in, I would just get stuck in a loop where I enter my password, hit enter, the screen flickers and takes me right back to the login. After restarting my system just shows black monitors. If I use Grub to boot into recovery mode, I can get a text console and if I type "sudo service lightdm start" then I can get the lock screen to display. But, I still cannot log in due to this looping behavior. How can I fix the lock screen? What may have broken after upgrading? It shows my username and accepts input in the password field, it just can't...unlock! P.S. Forgot to add this resource: https://ubuntuforums.org/showthread.php?t=1743535 I couldn't find this specific problem there and I don't know what the lock screen software is called to search for it. It's not the lock screen that shows the flame in front of the monitor in black and red, it's the regular Xubuntu/Ubuntu one.
|
# ? Nov 27, 2016 00:37 |
|
reading posted:Howdy. I've got Xubuntu running on my desktop and dual booting with Win7. I decided to go against my instincts and upgrade from 14.04 to 16.04. Big mistake of course. During the upgrade, I got booted to my lock screen and the lock screen was unable to display many of its own icons (instead showing little red circles with a slash) and I couldn't log in, I would just get stuck in a loop where I enter my password, hit enter, the screen flickers and takes me right back to the login.
|
# ? Nov 27, 2016 00:42 |
|
SopslnQmIBVeJIekJ3xC 4cj1V5JPsaDZQChgG8yg 0YBucQzo0Uvr9Jr3mLfY DyCrJvoPgYC4nSxnJJRv yQHFfuX23OO7eG9D9KCp xrSeVaWSuBusf9imTXvt U1Zrm2hZg21rfJm7Vrp9 it5P28AIYQquwIeQyhCh wVCIFl722FuszKUiLiq6 ieNdTEatTAbgCUP6Bj0u Plasmafountain fucked around with this message at 23:52 on Feb 27, 2023 |
# ? Nov 27, 2016 00:47 |
|
Zero Gravitas posted:I thought I'd try the latest version of Fedora on a machine for engineering simulation running OpenFoam and some other software. I've used it in the past on my laptop and it was a very nice experience, but gently caress me, I need some encouragement that its going to get better. I have a little help for Chrome, at least. Did you try installing the RPM from Google? It adds a Google repo for Chrome so you don't have to worry about anything and DNF takes care of it all.
|
# ? Nov 27, 2016 04:49 |
|
reading posted:... I had a similar issue - turned out to be caused by the proprietary NVIDIA drivers not liking the upgraded kernel. Uninstalling the drivers from the text terminal seemed to clear it up.
|
# ? Nov 27, 2016 05:14 |
|
|
# ? Apr 25, 2024 00:50 |
|
xzzy posted:Copy the /etc/letsencrypt folder over. Thanks I give up, I tried creating a different DDNS name, but trying to run two servers using HTTPS behind the same dynamic IP is a headache. I unplugged my original server for a bit to see if I could even get SSL/Let's Encrypt working with Apache and Wordpress on the default ports, but had no luck. Luckily this is just a test setup. Once I'm sure I'm doing something worthwhile with wordpress, I'll pay for a hosting provider with decent security.
|
# ? Nov 27, 2016 07:01 |