The type of abuse recently seen on FreshPorts isn’t a big deal. I would ignore it if it was on my own server. However, I’m using a “paid” service and the credits go faster when pillocks do pillocky stuff. While I hope I’ve covered what I’ve done, I’ve been sick with a cold for a week, and helping to look after two < 4 year-olds for two weekends in a row. Perhaps I've […]
fail2ban – adding to my website to deter abuse Read More »
For 3 days now, I’ve been seeing these messages. If you search online, it’s usually the result of port scanning. Aug 7 14:05:15 zuul kernel: Limiting closed port RST response from 212 to 195 packets/sec Aug 7 14:05:16 zuul kernel: Limiting closed port RST response from 219 to 215 packets/sec Aug 7 14:05:17 zuul kernel: Limiting closed port RST response from 220 to 193 packets/sec Aug 7 14:05:18 zuul kernel: Limiting closed port
kernel: Limiting closed port RST response from x to y packets/sec Read More »
It’s a muggy Friday morning, sitting outside the cafe – it’s tolerable in the shade with a slight breeze and cold iced-latte in a glass. Dogs walking past, lots of pats. It’s time to change most of my hosts from Postfix (my favorite MTA) to dma (in FreeBSD, no install required). I have previously moved most of my jail hosts from Postfix to dma. A few days ago, I changed one of my
Replacing postfix with dma + auth Read More »
It’s another Saturday morning outside the coffee shop. My abundance of free time, without conferences to run, has resulted in mind shattering pondering. Case in point: In this post: FreeBSD 14.1-RELEASE Let’s use these two hosts: r730-01 – email is from root nagios03 – email is from Charlie Root What are the differences? First idea My first idea: /etc/password differences. Let’s check that idea: [11:19 r730-01 dvl ~] % grep root /etc/passwd root:*:0:0:Charlie
Why are some emails from Charlie Root and others are from root? Read More »
This is the Microsoft Azure instance known as nagios03. gpart zpool list zpool status File systems dmesg
I was checking email this (Friday Jul 19, 2024) morning, over coffee, while many IT folks dealt with Cloudstrike fallout, when I noticed this message from the logs: Jul 19 09:12:18 zuul kernel: [zone: pf states] PF states limit reached I’ve seen that message before. It’s not of high concern. That server contains many services including PGCon, the former BSDCan website, and my blogs. I didn’t give it much concern, although I should
What’s this gap in the graphs? Read More »
Nagios was telling me: FILE_AGE WARNING: /usr/home/rsyncer/backups/aws-1/postgresql/freshports.org.dump is 117636 seconds old and 3608113799 bytes That means the FreshPorts backup is more than a day old, and it should have been refreshed by now. OK, let’s go look. I log into the host known as aws-1 and check the files. They look fresh to me: [rsyncer@aws-1 ~/backups/database-backup/postgresql]$ ls -lt total 3525154 -rw-r–r– 1 rsyncer rsyncer 3963 Jul 16 02:14 globals.sql drwxr-xr-x 2 rsyncer rsyncer
Where’s my backup? Read More »
Yesterday, I mentioned (in more than one place) that I planned to move a 2017 Digital Ocean droplet over to Azure. As I sit here, with coffee, on the balcony, overlooking lot of green trees, at 7:45 AM, I’m trying to put into words the plan I came up with about 30 minutes ago. In this post: Digital Ocean Microsoft Azure FreeBSD 14.1 Why move? There is no technical issue or dissatisfaction involved
Transferring a VM from one provider to another Read More »
I’ve updated all my hosts to FreeBSD 14.1 – but not all the jails. I’m going to do some of that today. In this post: FreeBSD 14.0 FreeBSD 14.1 mkjail-0.0.4 What’s on r730-03 to update? Full disclosure: mkjail was originally written by Mark Felder, and I joined him in maintaining it. I use it for: Creating jails Updating jails (patching, like freebsd-update fetch install) Upgrading jails (as in going from FreeBSD 14.0 to
Updating some jails from FreeBSD 14.0 to FreeBSD 14.1 via mkjail Read More »
When feasible, I prefer to run things as non-root. A recent commit to net-snmp has made this possible. By its nature, being a new change, it took me some time and help to figure out what needed to be changed. Before doing this yourself, I recommend waiting until the two code reviews mentioned below are committed. In this post: FreeBSD 14.0-RELEASE-p6 net-snmp-5.9.4_2,1 librenms-24.5.0,1 I include commands from different host; please do not be
Notes on running net-snmp as non-root Read More »