almalinuxda nedense ntp/ntpd yi kaldirmislar

yerine chronyd yi koymuslar

bu minik yazilim artik kendi kendine network icin ntpd serverda oluyor

ama ben bu ozelligini kullanmiyorum su an

kurmak icin

dnf install chrony
systemctl start chronyd
systemctl status chronyd
systemctl enable chronyd

[root@host ~]# arcconf getstatus 1
Controllers found: 1
Logical device Task:
 Logical device : 0
 Task ID : 100
 Current operation : Rebuild
 Status : In Progress
 Priority : High
Percentage complete : 0

Command completed successfully.
[root@host ~]#
Title:	Adaptec ARCCONF Command Line Utility B25335
Filename:	arcconf_B25335.zip

https://download.adaptec.com/raid/storage_manager/arcconf_B25335.zip
https://docs.hetzner.com/robot/dedicated-server/raid/adaptec-raid-controller/#how-to-restore-a-faulty-array

An example for the first array on the first controller would be:

arcconf SETSTATE 1 LOGICALDRIVE 0 OPTIMAL ADVANCED nocheck noprompt

https://www.thomas-krenn.com/en/wiki/Adaptec_arcconf_CLI_Commands

arcconf GETCONFIG 1

2 tane ayar var eger nginx_apache run etmiyorsan

ayar1: mpm event hikayesi

nano /etc/httpd/conf/extra/httpd-mpm.conf

<IfModule mpm_event_module>
    StartServers             8
    MinSpareThreads         48
    MaxSpareThreads        148
    ThreadsPerChild         72
    ServerLimit             48
    MaxRequestWorkers     6072
    MaxConnectionsPerChild   12000
</IfModule>

ayar2: php-fpm ccocuklarinin dayanilmaz gurultusu:

nano /usr/local/php74/etc/php-fpm.conf

pm = ondemand
pm.max_children = 100
pm.process_idle_timeout = 10
pm.max_requests = 500

Basically install a dummy driver:

sudo apt-get install xserver-xorg-video-dummy

Then write it in the /usr/share/X11/xorg.conf.d/xorg.conf (or possibly /etc/X11/xorg.conf) file (create one, if it does not exist):

Section "Device"
    Identifier  "Configured Video Device"
    Driver      "dummy"
EndSection

Section "Monitor"
    Identifier  "Configured Monitor"
    HorizSync 31.5-48.5
    VertRefresh 50-70
EndSection

Section "Screen"
    Identifier  "Default Screen"
    Monitor     "Configured Monitor"
    Device      "Configured Video Device"
    DefaultDepth 24
    SubSection "Display"
    Depth 24
    Modes "1024x800"
    EndSubSection
EndSection

Then restart the computer.

almalinuxda inatla iptables kullanmak istiyorum

systemctl stop firewalld
systemctl disable firewalld
systemctl mask firewalld
dnf remove firewalld

dnf update
dnf makecache --refresh
dnf -y install iptables-services
systemctl start iptables
systemctl enable iptables
systemctl status iptables

iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables

save etmiyor reboot edince hikayesi servisleri kurunca olmuyor artik.

Bu Iran Ispsinin derdi nedir acaba?

https://bgp.he.net/AS15828#_asinfo

Loglarda yuzbinlerce satir:

2022-03-16 07:43:45 login authenticator failed for (localhost) [5.34.207.33]: 535 Incorrect authentication data (set_id=vilte@xxx.com)
2022-03-16 07:43:45 login authenticator failed for (localhost) [5.34.207.67]: 535 Incorrect authentication data (set_id=mehdi@xxx.com)
2022-03-16 07:43:45 login authenticator failed for (localhost) [5.34.207.174]: 535 Incorrect authentication data (set_id=I’ll@xxx.com)
2022-03-16 07:43:45 login authenticator failed for (localhost) [5.34.207.67]: 535 Incorrect authentication data (set_id=mehdi@xxx.com)
2022-03-16 07:43:46 login authenticator failed for (localhost) [5.34.207.33]: 535 Incorrect authentication data (set_id=mramsey@xxx.com)
2022-03-16 07:43:46 login authenticator failed for (localhost) [5.34.207.158]: 535 Incorrect authentication data (set_id=PUTRI)
2022-03-16 07:43:46 login authenticator failed for (localhost) [5.34.207.33]: 535 Incorrect authentication data (set_id=mramsey@xxx.com)
2022-03-16 07:43:47 login authenticator failed for (localhost) [5.34.207.174]: 535 Incorrect authentication data (set_id=secureftp@xxx.com)
2022-03-16 07:43:47 login authenticator failed for (localhost) [5.34.207.97]: 535 Incorrect authentication data (set_id=s59)

Bloklayip gecelim.

Tamam asagidaki sekilde:

iptables -A INPUT -s 5.34.192.0/20 -j DROP

iptables -A INPUT -s 87.246.7.0/24 -j DROP

iptables -A INPUT -s 2.57.122.0/24 -j DROP

The goal is to become symmetric routing:

Each interface on the server should have it’s own default gateway, which allows that interface to reply itself to incoming packets from other networks.

A normal routing table can only have one default gateway. This is quite logical since it’s the place where to send packets that do not match anything else in the rest of the table. To be able to have two default gateways, one for each interface, you need to setup policy based routing.

Policy based routing allows you to have multiple routing tables. Which table is used, depends on a set of rules.

To setup policy based routing for our example case, we will use two policy based tables. While it is possible to give a nice name to the tables (in /etc/iproute2/rt_tables), it’s not really when you only plan to have a few. Without a name, the tables are automatically created when you’re adding something to them.

Let’s start with adding a route for the network itself (link) and one for the default gateway for each interface. ens192 (192.168.0.10) will use table 1, ens224 (192.168.1.10) will use table 2.

[jensd@server ~]$ sudo ip route add 192.168.0.0/24 dev ens192 tab 1
[jensd@server ~]$ sudo ip route add 192.168.1.0/24 dev ens224 tab 2
[jensd@server ~]$ sudo ip route add default via 192.168.0.1 dev ens192 tab 1
[jensd@server ~]$ sudo ip route add default via 192.168.1.1 dev ens224 tab 2

To define when table 1 or 2 will be used, we’ll add a rule, based on the source of the packet to the policy and refresh the policy based routing:

[jensd@server ~]$ sudo ip rule add from 192.168.0.10/32 tab 1 priority 100
[jensd@server ~]$ sudo ip rule add from 192.168.1.10/32 tab 2 priority 200
[jensd@server ~]$ sudo ip route flush cache

To check if we did everything correctly, let’s list the tables and the rules:

[jensd@server ~]$ ip route show tab 1
default via 192.168.0.1 dev ens192
192.168.0.0/24 dev ens192  scope link
[jensd@server ~]$ ip route show tab 2
default via 192.168.1.1 dev ens224
192.168.1.0/24 dev ens224  scope link
[jensd@server ~]$ ip rule show
0:      from all lookup local
100:    from 192.168.0.10 lookup 1
200:    from 192.168.1.10 lookup 2
32766:  from all lookup main
32767:  from all lookup default
[jensd@server ~]$ ip route
default via 192.168.0.10 dev ens192
169.254.0.0/16 dev ens192  scope link  metric 1002
169.254.0.0/16 dev ens224  scope link  metric 1003
192.168.1.0/24 dev ens224  proto kernel  scope link  src 192.168.1.10
192.168.0.0/24 dev ens192  proto kernel  scope link  src 192.168.0.10

As you can see in the output from ip rule show, our policy based tables have a higher priority than the main table, which can be viewed with ip route. Nevertheless it’s import to still have a default route in the main table since packets leaving the machine itself can have a source IP of 0.0.0.0 and would not match any of the rules in our policy.

Make the changes permanent
Up to now, the changes would get lost after a reboot or restart of the networking. To make the changes permanent, create a route and rule file for every interface. For the above example, the contents would look like this:

[jensd@server ~]$ cat /etc/sysconfig/network-scripts/route-ens192
192.168.0.0/24 dev ens192 tab 1
default via 192.168.0.1 dev ens192 tab 1
[jensd@server ~]$ cat /etc/sysconfig/network-scripts/route-ens224
192.168.1.0/24 dev ens224 tab 2
default via 192.168.1.1 dev ens224 tab 2
[jensd@server ~]$ cat /etc/sysconfig/network-scripts/rule-ens192
from 192.168.0.10/32 tab 1 priority 100
[jensd@server ~]$ cat /etc/sysconfig/network-scripts/rule-ens224
from 192.168.1.10/32 tab 2 priority 200

Now your configuration should be persistent.

Some people pointed out in the comments that, in order for the routers to be persistent, you need to first perform the following actions:

yum install NetworkManager-config-routing-rules
systemctl enable NetworkManager-dispatcher.service
systemctl start NetworkManager-dispatcher.service

While this solution is slightly more work than changing the value for rp_filter, it isn’t that hard and has a lot of advantages over the other solution.

TAKEN FROM: https://jensd.be/468/linux/two-network-cards-rp_filter