serverfault.com

I'm experiencing an intermittent IPv6 connectivity issue on an Oracle Cloud Infrastructure (OCI) instance after migrating my firewall from ufw to nftables. Environment: OS: Ubuntu 24.04 Cloud Provider: Oracle Cloud (OCI) Local Network: Dual-stack (IPv4 and IPv6 available) The Problem: My SSH connection to the server via IPv6 is intermittent, while SSH via IPv4 remains perfectly stable. Upon investigation, I noticed that when the connection fails, the IPv6 address completely disappears from the network interface (checked via ip addr). When the connection is working, the IPv6 address is present. Troubleshooting Steps Taken: I have already allowed all ICMPv6 traffic in the Oracle Cloud Web Console (Security Lists). If I change my local nftables input chain default policy to accept, the IPv6 address reappears in ip addr after a few minutes, and SSH via IPv6 works perfectly again. However, if I change the nftables defa

I am sending Cisco ISE logs to an end receiver. Problem is that some of the logs are across multiple lines This causes it be considered as a new log event by the end system. For example below log get broken up into multiple log events :- <181> CISE_RADIUS_Accounting 0015021690 1 0 2020-03-01 09:36:46.766 +01:00 0376002501 3002 NOTICE Radius-Accounting: RADIUS Accounting watchdog update, ConfigVersionId=261, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, cisco-av-pair=lldp-tlv=lldpSystemDescription=Cisco AP Software, ap3g3-k9w8 Version: 8.10.130.0 <13> Support: http://www.cisco.com/techsupport\ <13> (c) 1986-2020 by Cisco Systems, Inc. <13> Wed Jul 29 00:28:31 PDT 2020 by aut, cisco-av-pair=lldp-tlv=lldpSystemName=sw-14, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Type=Device Type#All Device Types#Switch#DynamiskNett, #015 1st part <181&g

I've setup a kvm host using a vlan trunk (using 2 bonded nics) and then created several vms on the host. The host is configured with an IP in the native VLAN. Some of the vms are connected to vlan 1, the native vlan, others are connected to VLAN 20 and VLAN 50. I have communication between all the VMs, regadless of which VLAN they are connected to and other devices on the network can communicate with all the VMs and with the host server. The host server and vms connected to VLAN 20 or 50 can also communicate. However there is no communication between the host server and the vms connected to the native vlan. I've setup the kvm host using as follows, (using https://intelligentsysadmin.wordpress.com/2023/01/24/bridged-vlans-with-networkmanager/ as a general guide): Create the bond interface connection: nmcli con add type bond con-n

I'm running a Linux Mint Mate 22.3 host with a Linux Mint Mate 22.2 guest. The host is a brand new install. The guest is running on a virtual disk that I moved over from a VMWare configuration. The guest works well enough but I'm having issues with networking, I can reach out to the Internet from the guest without issue. I can even ssh into the guest from the host. But I'm unable to access the guest from any other machine on my local network. Any ideas what the problem might be? My initial thought was this might be because the guest networking is configured as NAT, and I've not been able to find current, non-contradictory instructions on configuring bridge mode. But thinking about it, I might be assuming too much. Ideas as to what the issue might be?

I am using Azure OpenAI and Azure AI Foundry with network restrictions enabled (IP allowlist). When requests originate from IP addresses that are not on the allowlist, they are blocked (hopefully all the time). However, I would like to audit or monitor those denied connection attempts, specifically: See the source IPs that attempted access but were not allowlisted. Count or analyze rejected requests over time. See the query content. Troubleshoot whether legitimate clients are being blocked. How can I view connection attempts from non-allowlisted IPs in Azure OpenAI / Azure AI Foundry?

So i am configuring nginx on a new server and the first part of the install was working great but now i am getting errors related to the js files. I tried everything i read online. I could really use your help. my nginx conf file: server { #listen 80; #listen [::]:80; listen 443 ssl; # managed by Certbot listen [::]:443 ssl ipv6only=on; # managed by Certbot ssl_certificate /etc/letsencrypt/live/subdomainhere/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/subdomainhere/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot server_name subdomainhere www.subdomainhere; root /var/www/html/moodle; index index.html index.htm index.php; add_header 'Content-Security-Policy' 'upgrade-insecure-requests'; location / { try_files $uri $uri/ =404; } # PHP-FPM

I had a php file I was unable to update. The server was constantly returning an old version of the file. After deleting the file I got 404, but restoring the file again returned an old version of the file. All other files I tested worked as expected. Copying the file to a new file name worked as expected. Just that one file wouldn't update. After calling opcache_reset it started working. So it seems the cache was not correctly invalidated for that one file on change. This is scary. Why would this happen? How can I prevent this from happening again, besides disabling opcache? I found this other example of it happening to someone (though it doesn't specify it happening to just one file): Why Does PHP-FPM sometimes get stuck serving old files? EDIT: opcache.validate_timestamps is enabled and opcache.revalidate_freq is 2 EDIT: This could

Configuring a Sieve script to run after IMAP flag changes like so: [..] dovecot_config_version = 2.4.0 protocol imap { mail_plugins { acl = yes imap_acl = yes imap_sieve = yes } } sieve_plugins { sieve_imapsieve = yes } sieve_script script_name { cause = flag driver = file name = script_name # content does not matter, empty file sufficient path = /etc/dovecot/file-name.sieve type = after } [..] In conjunction with an ACL of lookup/read/write/write-seen (no insert/post!) on a mailbox gives me errors like this.. on each and every flag IMAP change: imap(redacted@example)<123> Error: sieve: Execution of script 'script_name/file-name' failed with unsuccessful implicit keep Is there a more proper (not relying on dovecot hand

I have multiple servers with different services. I have Apache on a publicly accessible server, pointing different subdomains to different servers (*.example.com, *.serv1.example.com, *.serv2.example.com). One problem that is when I go to serv1.example.com:5320, it goes to example.com:5320. Here is the Apache server config: <VirtualHost *:80> ServerName serv1.example.com ServerAlias *.serv1.example.com ProxyPreserveHost On ProxyPass / http://100.10.20.30/ ProxyPassReverse / http://100.10.20.30/ </VirtualHost> I tried using <VirtualHost *:*> but that didn't route traffic through in general. The back end servers are also running nginx, so that I could give them their own subdomains, and the main server is running Ubuntu with the backend servers running Arch linux. Any help would be much appreciated.

My dovecot setup looks like this: # 2.4.2 (0962ed2104): /etc/dovecot/dovecot.conf # Pigeonhole version 2.4.2 (767418c3) # OS: Linux 6.12.0-160000.25-default x86_64 # Hostname: eagle # 9 default setting changes since version 2.4.0 dovecot_config_version = 2.4.0 dovecot_storage_version = 2.4.0 listen = * protocols = imap lmtp ssl = required protocol imap { imap_idle_notify_interval = 60 secs mail_max_userip_connections = 10 } ssl_server { cert_file = /etc/dovecot/certs/cert.pem key_file = /etc/dovecot/certs/privkey.pem } namespace inbox { mail_driver = mbox mail_inbox_path = /var/mail/%{user} mail_path = ~/Mail inbox = yes separator = / } mbox { read_locks = fcntl write_locks = fcntl } passdb pam { service_name = dovecot } userdb passwd { use_worker = yes } service imap-login { inet_listener imap { } inet_listener imaps { port = 993 ssl = yes } } namespace inbox { inbox = yes separator = / mailbox Drafts { special_use