F32 nftables hiccups
by ja
I have been attempting to use nft/nftables
to blacklist ssh connections and have come across
two problems.
nftables-0.9.3-3.fc32.x86_64
kernel-5.7.8-200.fc32.x86_64
1. The "limit rate" syntax does not work correctly unless
the "burst" value is set.
counter add @saddr_rate { ip saddr timeout 2m limit rate over 4/minute burst 1 packets} counter \
update @saddr_blacklist { ip saddr timeout 10m } counter drop
2. The following syntax is not accepted by nft
update @connection_count { ip saddr ct count over 3 } \
add @saddr_blacklist { ip saddr timeout 1m } drop
nft_harting.nft:80:3-52: Error: Could not process rule: Operation not supported
update @connection_count { ip saddr ct count over 3 } \
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I have been following a Debian mail list (amongst many)
https://unix.stackexchange.com/questions/581964/create-dynamic-blacklist-...
which implies that both of the above should work with the kernel/nft F32 versions installed.
I attach the output of nft list ruleset
(with the offending rule "{ ip saddr ct count over 3 }" commented out)
(It includes the "set" definitions used above)
Can anyone see any deliberate mistakes?
John
3 years, 10 months
Re: virtual box win7
by Ed Greshko
On 2020-07-21 16:27, Stephen Morris wrote:
Replying to an errant reply to a mailing list post which replied to me directly and not the list.
> On 21/7/20 8:42 am, Ed Greshko wrote:
>> On 2020-07-21 05:47, Patrick Dupre wrote:
>>> Hello,
>>>
>>> I am trying to have my virtual box recognizing the USB devices,
>>> but I get <no device recognized>
>>>
>>> I installed
>>> Oracle_VM_VirtualBox_Extension_Pack-5.0.40.vbox-extpack
>>>
>>> which is supposed to provide the UBS 2.0 and 3.0 drivers
>>>
>>> My devices are recognize by linux.
>>>
>>> Any idea?
>> Where did you obtain VirtualBox?
>>
>> Does the version you installed match the Extension Pack?
>>
>> rpmFusion supplies 6.10 so you'd need Oracle_VM_VirtualBox_Extension_Pack-6.1.10.vbox-extpack
> Hi Patrick, I'm using Virtualbox 6.1.12 R139181 under Windows 10, which I got from the Oracle web site. I have also just updated the extension pack to also 6.1.12, but I don't think the extension pack is what provides usb support (I thought the main usage of the extension pack is to get shared folders available) I thought the usb support was natively built in to virtualbox. In the machine settings in the usb section, I have 'Enable USB Controller' ticked, and then within that I have the radio button 'USB 3.0 (xHCI) Controller' selected, but that does not enable usb in virtualbox, any device inserted into a usb port is "mounted" under windows, and then I have to click on the usb icon in the virtualbox taskbar and then select the inserted device from the popup list to get the device into the linux virtual machine. Then once finised with the device do the same thing again to give the device back to windows.
Please see https://www.virtualbox.org/manual/ch01.html#intro-installing
as to information of what the extension pack provides....
Partially, from the page...
Extension packs. Additional extension packs can be downloaded which extend the functionality of the Oracle VM VirtualBox base package. Currently, Oracle provides a single extension pack, available from: http://www.virtualbox.org. The extension pack provides the following added functionality:
The virtual USB 2.0 (EHCI) device. See Section 3.11.1, “USB Settings”.
The virtual USB 3.0 (xHCI) device. See Section 3.11.1, “USB Settings”.
--
The key to getting good answers is to ask good questions.
3 years, 10 months
Sane Scanner Resolution Configuration
by Stephen Morris
Hi,
Having installed imagescan from Epson, and installed sane and
xsane, and edited the imagescan config file to specify the network
settings of my printer all-in-one, I now have xsane finding my scanner,
but this has highlighted a problem.
Having run xsane it has created Epson:ET-3700.drc in path
~/.sane/xsane, which contains all the options used by xsane for
scanning. Two of the options are for the horizontal and vertical scan
resolution, which by default are set to 75. These options are reflected
in the xsane gui, but they are disabled so I can't alter them from the
gui, I have to edit the config file and specify the resolution I want in
there.
Where can I find documentation on the format of that xsane config
file, that would tell me how I get the list of resolutions the scanner
supports into that config file so that they are selectable by a dropdown
in the xsane gui?
regards,
Steve
3 years, 10 months
whereis 'Users Settings Tool'
by Geoffrey Leach
The doc for Fedora 32 makes reference to a 'Users Settings Tool'
accessible (secretly) from the Settings tool. It does not appear to be
available. Any idea why? Or where there might be a similar GUI?
3 years, 10 months
remote desktop support
by ToddAndMargo
Hi all,
Anyone get Chrome Remote Desktop Support to work on Fedora?
The installer thinks I am running .deb.
Anyone know of a better way? Go To Assist does not work.
Many thanks,
-T
3 years, 10 months
virtual box win7
by Patrick Dupre
Hello,
I am trying to have my virtual box recognizing the USB devices,
but I get <no device recognized>
I installed
Oracle_VM_VirtualBox_Extension_Pack-5.0.40.vbox-extpack
which is supposed to provide the UBS 2.0 and 3.0 drivers
My devices are recognize by linux.
Any idea?
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire interdisciplinaire Carnot de Bourgogne
9 Avenue Alain Savary, BP 47870, 21078 DIJON Cedex FRANCE
Tel: +33 (0)380395988
===========================================================================
3 years, 10 months
What is Portal and pipewire and Why Did They Start?
by Garry T. Williams
A few weeks ago I installed F32-KDE fresh on a workstation (a disk
drive failed). All of a sudden last night Portal service was started
(whatever that is). I did nothing that I know of to trigger this.
Furthermore, since updating after installing this system, that service
has never been started until now.
Directly after the Portal service started, I see error messages coming
from pipewire (whatever that is).
Can anyone tell me what this is all about and why it happens now?
(I'm especially concerned about why it started.)
Jul 16 00:20:59 vfr systemd[1168]: Starting Portal service...
Jul 16 00:20:59 vfr systemd[1168]: Starting flatpak document portal service...
Jul 16 00:20:59 vfr systemd[1168]: Starting sandboxed app permission store...
Jul 16 00:20:59 vfr systemd[1168]: Started sandboxed app permission store.
Jul 16 00:20:59 vfr systemd[1168]: Started flatpak document portal service.
Jul 16 00:20:59 vfr systemd[1168]: Starting Portal service (GTK+/GNOME implementation)...
Jul 16 00:20:59 vfr systemd[1168]: Started Portal service (GTK+/GNOME implementation).
Jul 16 00:20:59 vfr systemd[1168]: Created slice dbus\x2d:1.2\x2dorg.freedesktop.impl.portal.desktop.kde.slice.
Jul 16 00:20:59 vfr systemd[1168]: Started dbus-:1.2-org.freedesktop.impl.portal.desktop.kde@0.service.
Jul 16 00:20:59 vfr systemd[1168]: Started Multimedia Service.
Jul 16 00:20:59 vfr systemd[1168]: Created slice dbus\x2d:1.2\x2dorg.freedesktop.secrets.slice.
Jul 16 00:20:59 vfr systemd[1168]: Started dbus-:1.2-org.freedesktop.secrets@0.service.
Jul 16 00:20:59 vfr rtkit-daemon[910]: Successfully made thread 199490 of process 199489 (/usr/bin/pipewire) owned by '1000' RT at priority 20.
Jul 16 00:20:59 vfr gnome-keyring-daemon[199496]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory
Jul 16 00:20:59 vfr gnome-keyring-d[199496]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory
Jul 16 00:20:59 vfr systemd[1168]: Started Portal service.
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.198429][pipewire.c:118 open_plugin()] can't load /usr/lib64/spa-0.2/jack/libspa-jack.so: /usr/lib64/spa-0.2/jack/libspa-jack.so: cannot open shared object file: No such file or directory
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.198439][pipewire.c:254 pw_load_spa_handle()] can't load 'jack/libspa-jack': No such file or directory
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.198442][spa-device.c:144 pw_spa_device_load()] can't load device handle: No such file or directory
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.198444][module-device-factory.c:167 create_object()] can't create device: No such file or directory
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.198446][private.h:241 pw_core_resource_errorv()] resource 0x563498cde520: id:4 seq:4 res:-2 (No such file or directory) msg:"can't create device: No such file or directory"
Jul 16 00:20:59 vfr pipewire[199492]: [E][000458567.198572][core.c:71 core_event_error()] core 0x559e4a521e00: proxy 0x559e4a54dbb0 id:4: seq:4 res:-2 (No such file or directory) msg:"can't create device: No such file or directory"
Jul 16 00:20:59 vfr pipewire[199492]: [E][000458567.198579][media-session.c:1647 core_error()] error id:4 seq:4 res:-2 (No such file or directory): can't create device: No such file or directory
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.202044][alsa-pcm.c:33 spa_alsa_open()] hw:0,0: open failed: Device or resource busy
Jul 16 00:20:59 vfr pipewire[199489]: [W][000458567.202053][adapter.c:175 find_format()] adapter 0x563498d30c90: can't get format: Device or resource busy
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.202056][module-adapter.c:231 create_object()] can't create node: Device or resource busy
Jul 16 00:20:59 vfr pipewire[199489]: [E][000458567.202059][private.h:241 pw_core_resource_errorv()] resource 0x563498cde520: id:20 seq:74 res:-16 (Device or resource busy) msg:"can't create node: Device or resource busy"
Jul 16 00:20:59 vfr pipewire[199492]: [E][000458567.218111][core.c:71 core_event_error()] core 0x559e4a521e00: proxy 0x559e4a56d5b0 id:20: seq:74 res:-16 (Device or resource busy) msg:"can't create node: Device or resource busy"
Jul 16 00:20:59 vfr pipewire[199492]: [E][000458567.218124][media-session.c:1647 core_error()] error id:20 seq:74 res:-16 (Device or resource busy): can't create node: Device or resource busy
Jul 16 00:21:29 vfr xdg-desktop-por[199455]: Failed to get application states: GDBus.Error:org.freedesktop.portal.Error.Failed: Could not get window list
--
Garry T. Williams
3 years, 10 months
adduser to group
by Patrick Dupre
Hello,
I want to add the user pdupre to the group vboxusers
groups vboxusers
groups: ‘vboxusers’: no such user
but
useradd -m pdupre -G vboxusers
useradd: user 'pdupre' already exists
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire interdisciplinaire Carnot de Bourgogne
9 Avenue Alain Savary, BP 47870, 21078 DIJON Cedex FRANCE
Tel: +33 (0)380395988
===========================================================================
3 years, 10 months
reboot after upgrade? and best practice
by Anil Felipe Duggirala
hello everyone,
I would like to ask what is the best practice for upgrading (updating all packages, ie. "dnf upgrade") in my Fedora 32 Workstation. The Gnome Software graphical application provides a way for me to do this, but it can also be achieved in the command line. Do these two methods achieve exactly the same results? I would also like to plainly ask if in any occasion it is necessary or advisable to perform a system reboot after doing an "dnf upgrade". I have noticed that when the upgrade is performed with Gnome Software, a reboot is always performed after the upgrade.
thank you,
3 years, 10 months