serverfault.com

I am new to Networking. I am working on a project where I need to implement a Captive Portal inside an Alpine Linux container, but there are some tricky parts to it. The system I am working on uses two bridged LXC containers both running Alpine Linux. The network configuration is as follows: Container A: WLAN0/WLAN1 -> br0 Container B: br0 -> eth0 -> internet Right now I am just trying to manually adjust the routing rules to achieve the redirection and then I can implement something like Nodogsplash, but I can't even get the redirection to work. The challenge seems to be that because the containers are bridged, the traffic only happens on layer 2, so I can't apply any layer 3 rerouting rules with iptables or nftables. I can't use broute from ebtables for some reason because Alpine doesn't support that functionality. From my perspective, I need to find a way to get the traffic to be accessible by layer 3 somehow, but maybe the

I have a server running multiple websites using apache2 and letsencrypt certificates. This evening all websites went down and after some struggling I found out that websites are working on IPv6 port 80 and port 443 and on IPv4 on port 80. On IPv4 I get an SSL Error on all websites when trying to connect to port 443. I didn't change anything so I don't know where to go from here. SSLLabs test gives a "no secure protocols supported" error. The apache logs give no errors. Ip address of the server is 85.222.226.122 Anyone an idea to find this? Thanks, Roger

We have an website on our corporate intranet. It has two https bindings on the same site/server/port: https://mysite1.mycorp.ads -Internal certificate issued by our internal certificate authority https://mysite2.subdomain.mycorp.com -External certificate issued by a public CA When a user (with or without an elevated account) tries to open #1, everything works as expected - they are automatically authenticated with their windows account. When a user without an elevated account tries to open #2, everything works as expected. However, when a user with an elevated account tries to open #2, they are automatically logged in with their elevated account. They can successfully open an incognito tab and log in with the correct (non-elevated) account, but automatic login always defaults to the elevated account.

I have Squid set up to proxy over HTTP. This is done in the context of a local machine (squid is running on the same machine as is making the requests), so HTTPS is not needed (or wanted). Squid itself is making requests over HTTPS to a remote server. The proxy works - I can see content in my browser that is going through the proxy, and I have confirmed (via tcpdump) that it is actually going through the proxy. However, I cannot seem to get it to cache anything. My config file looks like this: http_port 0.0.0.0:3128 acl SSL_ports port 80 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 443 acl CONNECT method CONNECT http_access allow localhost cache_dir ufs /tmp/Cache 900 1 1 cache_mem 256 MB maximum_object_size 900000 KB I have read this question and

cleaned some shit off my pc a while ago and am trying to delete any remnants of it, the powershell file thats contained in the folder cant actually do anything because i removed everything else and stopped the auto powershell task that would run but i cannot delete the folder no matter what i try and do i have given my self ownership of the folder and subcontents booted into safe mode changed all the permissions but nothing worked given ownership to my own user and comes up with the error listed my user

We have a local k3s cluster for our staging environment to reproduce something like our production environment. Today, our single node reached its limit, so we decided to add a new node. I bought a new physical server and just installed Ubuntu Server 24.04.1 LTS. The next step was to install k3s agent to make it join the existing cluster. I followed the online documentation: curl -sfL https://get.k3s.io | K3S_URL=https://192.168.1.1:6443 K3S_TOKEN=<my master token> sh - Then, I checked that everything was ready with kubectl get nodes: NAME STATUS ROLES AGE VERSION serv1 Ready control-plane,master 382d v1.28.5+k3s1 serv2 Ready <none> 117s v1.31.4+k3s1 But when the first pod was assigned to this new node, it gets the status

Our organization hopes to build Windows containers on Windows (WcoW) in Kubernetes. I found this blog post which shows a reasonably simple (if insecure) approach. When attempting to repeat the author's example, I get the following error on an AKS cluster: 'dockerd.exe' is not recognized as an internal or external command As a debugging step, I tried the example HostProcess container from a preceding blog post. Running this container gave the expected logs. Directory contents are listed. I summarized the error as an issue on the author's personal Github page. Re-posting the question here for better community visibility. Has anyone else h

I have a bridged network that I am trying to implement a firewall on. Right now, my problem is that all of the packets are traveling on layer 2 (Data-link layer), and I need to forward them all to layer 3 (Networking layer) so that the firewall can process them. My machines are both running Alpine Linux.

I´m not sure why my ftp server is not starting. It says "probably invalid config" but I think its all correct. On logs didnt appear info, so I´m not sure what should I do to solve it. Im trying to solve it to be able to keep practicing and do well on an exam, thank you very much for your time, I’m sure it’s something silly, but I can’t see it. Info: tail -f /var/log/vsftpd.log No logs tail -f /var/log/syslog 2025-01-21T15:42:47.347974+00:00 servidor rsyslogd: [origin software="rsyslogd" swVersion="8.2302.0" x-pid="9" x-info="https://www.rsyslog.com"] start When I tried to start the service: root@servidor:/# /etc/init.d/vsftpd restart Stopping FTP server: vsftpdNo /usr/sbin/vsftpd found running; none killed. . Starting FTP server: vsftpdvsftpd failed - probably invalid config. ... (warning). My vsftpd.conf: banner

We are deploying devices (Linux with NetworkManager) in IPv4 networks that we have no control over. Some of them feature unreliable DHCP services (e.g. dodgy broadband routers) that might disappear for longer than the lease times they hand out. Can I configure NetworkManager for the interface in question such that, should the DHCP service fail to respond to our lease renewal requests and DHCP discovers, it would ... [A] either ignore the expiry of its lease, and keep using its current IPv4 settings (advantage: address collision less likely) or [B] fall back onto a static configuration (advantage: survives reboots while DHCP unavailable) but only while the DHCP service is unavailable! NM should keep trying to acquire a DHCP lease, and once it succeeds recind the above fallback. I am aware of NM's autoconne