The script for adding IP addresses from a file to ipset

It took one day to write a script to add to ipset all the IP for which the session was started on the access server, Abills billing was used, so I decided to take IP addresses from the MySQL billing table.

The first step is to create a test ipset:

ipset create test iphash

Continue reading “The script for adding IP addresses from a file to ipset”

The solution to the error “Another app is currently holding the xtables lock”

Recently noticed on one server with the billing system ABillS, that when the script /etc/ppp/ip-up is executed in bulk, an error occurs:

Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

Having looked at the script code, I found that there are two rules among the iptables rules that can slow down the work, namely, the search for ipoe interfaces by two commands:

IPTABLES="/sbin/iptables"
EXIST=`${IPTABLES} -t nat -L PREROUTING -v | grep "${IFNAME} ";  ${IPTABLES} -L -v | grep DROP | grep "${IFNAME} "`

To raise 3000 sessions, it took more than 30 minutes and some rules could not be added at all or deleted by the script.
By default, if the -L option is used, iptables resolves the IP addresses and tries to display DNS names instead of them, which takes a long time, and so that this does not happen, you need to add the -n option, and just in case I added the -w 20 switch, which will cause the new rules to be postponed until 20 seconds if iptables is already busy executing another command:

IPTABLES="/sbin/iptables"
IPTABLES_WAIT="-w 20"
EXIST=`${IPTABLES} $IPTABLES_WAIT -t nat -n -L PREROUTING -v | grep "${IFNAME} ";  ${IPTABLES} $IPTABLES_WAIT -n -L -v | grep DROP | grep "${IFNAME} "`

After that, the script with iptables rules began to work out instantly.
Since the old rules are not all fulfilled, I checked this by counting some by the team:

iptables -n -L -t nat -v | grep DNAT | wc -l

And I checked with the number of sessions, the rules were obviously smaller, so I had to clear all rules and restart the session so that the /etc/ppp/ip-up script worked correctly, this time at 3000 sessions it did its job in less than a minute.
Note that in the / etc / ppp / scripts, it’s better not to use iptables rules.

Solution “Internal Server Error” when opening Nextcloud

Recently moved Nextcloud from one server to another and when it opened, noticed the following error in the browser:

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

In my case, the error occurred because of a damaged MySQL database, so I restored it from another backup and Nextcloud opened.
I assume that the same error can occur when the Nextcloud database exists, but is empty.

See my article:
Install Nextcloud in Ubuntu

Installing Webmin

Webmin – a graphical web interface for managing a Linux server, written in Perl.
Official site: www.webmin.com

Here is an example of installing Webmin in Ubuntu.

Open the list of sources in a text editor:

nano /etc/apt/sources.list

Add this line to it:

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

We go to the temporary directory and import the key:

cd /tmp
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc

We update the list of sources:

apt-get update

We install the packages necessary for the correct operation of Webmin:

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl

Install Webmin:

apt-get install webmin

The installation is complete, to open the Webmin interface we will open in the browser https://HOST:10000

Transfer /boot from a separate partition to a main partition

On the test, I installed a clean Ubuntu Server 18.04, during the installation, the system automatically split the disk into one main /dev/sda1, which already had /boot files.
Since I did not have a system with /boot on a separate partition, I transferred it to a separate one and described the process in this article – Transfer /boot from a main partition to a separate partition

Now let’s move the /boot partition to the main /.

Let’s look at the information about the disks:

sudo fdisk -l
df -h

Continue reading “Transfer /boot from a separate partition to a main partition”

Transfer /boot from a main partition to a separate partition

Today, I’ll give an example of moving /boot from a shared partition to a separate partition.
For the test, you can connect a new disk or use the first partition on any disk, for example, with a size of 512MB.

Let’s look at the information about the disks:

sudo fdisk -l
sudo ls -l /boot
sudo du -hs /boot

Continue reading “Transfer /boot from a main partition to a separate partition”