sol

Members
  • Posts

    32
  • Joined

  • Last visited

Everything posted by sol

  1. I have a CyberPower CP1500PFCLCD, very similar to yours, with the same issue. Log fills up with; Dec 23 12:38:43 tmedia usbhid-ups[4122]: nut_libusb_get_report: Input/Output Error. Dec 23 12:40:53 tmedia usbhid-ups[4122]: nut_libusb_get_report: Input/Output Error. Dec 23 12:42:17 tmedia usbhid-ups[4122]: nut_libusb_get_report: Input/Output Error. Dec 23 12:43:35 tmedia usbhid-ups[4122]: nut_libusb_get_report: Input/Output Error. etc etc. Have you figured out how to stop it?
  2. I guess the question now is, be pro-active and try to get signed up with one user at $20/month unlimited and eat the paltry $8 increase for a few extra months? Or, let them transition me sometime next year and see what they sign me up for. Probably a terrible idea to leave it in their hands. I'll likely wait until they start warning me with an actual conversion date before I try to switch.
  3. Looks like we are getting down to the wire on Google Workspace transition. Getting the email below now. Any recommendations/thoughts? One user, just over 7TB (growing slowly). Hello Administrator, We previously notified you that your G Suite subscription will transition to a Google Workspace subscription. We’re writing to let you know that you can now begin your transition. There are two options: Option 1 (recommended): Self-transition now in a few easy steps. Option 2: Let Google transition you automatically once your organization is eligible*, starting from January 31, 2022. We will provide you with at least 30 days notice before your transition date. (There's more but relatively un-important)
  4. Looks like it is some kind of issue with ca-montreal. Changed to ca-ontario and speeds and logs look normal. Thanks for your kind attention. It gives me the confidence to dive in and tinker.
  5. I restarted mine and got these interesting results; 2021-11-08 10:24:18,692 DEBG 'start-script' stdout output: [warn] PIA VPN info API currently down, skipping endpoint port forward check 2021-11-08 10:24:50,767 DEBG 'start-script' stdout output: [warn] Unable to successfully download PIA json to generate token from URL 'https://privateinternetaccess.com/gtoken/generateToken' [info] 12 retries left [info] Retrying in 10 secs...
  6. Did PIA change it's port forwarded servers again? I'm getting all KB speeds this morning. My supervisord.log only shows; [info] qatar.privacy.network [info] saudiarabia.privacy.network [info] sg.privacy.network [info] srilanka.privacy.network [info] taiwan.privacy.network [info] tr.privacy.network [info] ae.privacy.network [info] vietnam.privacy.network [info] aus-melbourne.privacy.network [info] au-sydney.privacy.network [info] aus-perth.privacy.network [info] nz.privacy.network [info] dz.privacy.network [info] egypt.privacy.network [info] morocco.privacy.network [info] nigeria.privacy.network [info] za.privacy.network None of which I currently have configured.
  7. UPDATE: I figured this out after about four hours of re-teaching myself lol. Something odd happened in Google Workspace. App Access Control (api) was untrusted. I re-enabled it and then had to run rclone config as headless and use my Workspace admin account to get the token and update it. I screwed it up the first time by using my main(old) regular google(gmail) account and could see my personal google drive in rclone lol. Using the admin account for Workspace fixed that. I really appreciate this forum. It gives me the confidence to poke around! I figured I was fine as long as I keep copies of the encryption passwords for the crypt portion and, sure enough, I eventually got it. Lost my mount three days ago apparently and it looks like the token has expired. From the mount script log; couldn't fetch token - maybe it has expired? - refresh with "rclone config reconnect gdrive{UpdQG}:": oauth2: cannot fetch token: 400 Bad Request Response: { "error": "invalid_grant", "error_description": "Token has been expired or revoked." } The "rclone config reconnect" command in the log doesn't work, I get; Error: backend doesn't support reconnect or authorize Usage: rclone config reconnect remote: [flags] Flags: -h, --help help for reconnect Use "rclone [command] --help" for more information about a command. Use "rclone help flags" for to see the global flags. Use "rclone help backends" for a list of supported services. 2021/08/16 23:40:29 Fatal error: backend doesn't support reconnect or authorize Going to need some detailed help. I set this up a few years ago and it's been cruising along on its own just fine until now. Thanks.
  8. Home page has a display error of some kind. History and graph tabs look fine. Image is attached of what it looks like. I found one error in the logs; 2021-05-19 19:33:35ERROR[19/May/2021:19:33:35] HTTP Traceback (most recent call last): File "/app/tautulli/lib/cherrypy/_cprequest.py", line 630, in respond self._do_respond(path_info) File "/app/tautulli/lib/cherrypy/_cprequest.py", line 689, in _do_respond response.body = self.handler() File "/app/tautulli/lib/cherrypy/lib/encoding.py", line 221, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/app/tautulli/lib/cherrypy/_cpdispatch.py", line 54, in __call__ return self.callable(*self.args, **self.kwargs) File "/app/tautulli/plexpy/webserve.py", line 399, in home_stats stats_count=stats_count) File "/app/tautulli/plexpy/datafactory.py", line 314, in get_home_stats timestamp = int((datetime.now(tz=plexpy.SYS_TIMEZONE) - timedelta(days=time_range)).timestamp()) AttributeError: 'datetime.datetime' object has no attribute 'timestamp' Any idea how to fix? Or just wait for update... Thanks in advance.
  9. NEVERMIND FIXED: After discovering there were no config files for deluge-vpn I disabled and re-enabled docker. Config files showed up, copied openvpn files as per usual and I'm back up and running. Leaving this post for others. Had some kind of event at 3am that killed my dockers. Could have been a power outage I guess, I have a UPS but it has never worked very well with unraid. I'm not even sure that was it as the server was powered on and it shouldn't have been if there was an outage. UPDATE: 3am on Sunday is when my dockers auto-update. Regardless, all of my dockers came back up except binhex deluge-vpn. When I try to start it I get Execution Error Server Error window. When I check the server logs the only thing that shows up is BELOW. I have had my server set up for IPV4 only in network settings for years. Supervisord.log hasn't been touched since 3am. UPDATE: I got impatient and deleted the docker and re-installed. On startup I got; /usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint binhex-delugevpn (af91521bd4e05570c2288cc4ccc838cbe668d260d8971415f2e7ecf929226404): Bind for 0.0.0.0:58946 failed: port is already allocated. The port is not allocated to any other docker though. UPDATE: Now there are no config files written at all. Dec 21 09:23:33 tmedia kernel: IPv6: ADDRCONF(NETDEV_UP): veth37e079a: link is not ready Dec 21 09:23:33 tmedia kernel: docker0: port 8(veth37e079a) entered blocking state Dec 21 09:23:33 tmedia kernel: docker0: port 8(veth37e079a) entered forwarding state Dec 21 09:23:33 tmedia kernel: docker0: port 8(veth37e079a) entered disabled state Dec 21 09:23:33 tmedia kernel: docker0: port 8(veth37e079a) entered disabled state Dec 21 09:23:33 tmedia kernel: device veth37e079a left promiscuous mode Dec 21 09:23:33 tmedia kernel: docker0: port 8(veth37e079a) entered disabled state Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered blocking state Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered disabled state Dec 21 09:29:18 tmedia kernel: device vethd741bb1 entered promiscuous mode Dec 21 09:29:18 tmedia kernel: IPv6: ADDRCONF(NETDEV_UP): vethd741bb1: link is not ready Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered blocking state Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered forwarding state Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered disabled state Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered disabled state Dec 21 09:29:18 tmedia kernel: device vethd741bb1 left promiscuous mode Dec 21 09:29:18 tmedia kernel: docker0: port 8(vethd741bb1) entered disabled state Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered blocking state Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered disabled state Dec 21 09:32:30 tmedia kernel: device veth63d7cc7 entered promiscuous mode Dec 21 09:32:30 tmedia kernel: IPv6: ADDRCONF(NETDEV_UP): veth63d7cc7: link is not ready Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered blocking state Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered forwarding state Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered disabled state Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered disabled state Dec 21 09:32:30 tmedia kernel: device veth63d7cc7 left promiscuous mode Dec 21 09:32:30 tmedia kernel: docker0: port 8(veth63d7cc7) entered disabled state Dec 21 09:37:49 tmedia kernel: docker0: port 8(vethdc3cb46) entered blocking state Dec 21 09:37:49 tmedia kernel: docker0: port 8(vethdc3cb46) entered disabled state Dec 21 09:37:49 tmedia kernel: device vethdc3cb46 entered promiscuous mode Dec 21 09:37:49 tmedia kernel: IPv6: ADDRCONF(NETDEV_UP): vethdc3cb46: link is not ready Dec 21 09:37:49 tmedia kernel: docker0: port 8(vethdc3cb46) entered blocking state Dec 21 09:37:49 tmedia kernel: docker0: port 8(vethdc3cb46) entered forwarding state Dec 21 09:37:49 tmedia kernel: docker0: port 8(vethdc3cb46) entered disabled state Dec 21 09:37:50 tmedia kernel: docker0: port 8(vethdc3cb46) entered disabled state Dec 21 09:37:50 tmedia kernel: device vethdc3cb46 left promiscuous mode Dec 21 09:37:50 tmedia kernel: docker0: port 8(vethdc3cb46) entered disabled state
  10. I really appreciate your responses. Thanks for the assist!
  11. I got impatient just now and started trying things. I removed the movies folder in union with rmdir and it deleted, so it didn't have anything in it or it would have warned me. I recreated the movies folder and tried to run the mount script. Same error. I removed the movies folder from union and ran the mount script. No error!! I looked in union and nothing was there. I added the moves folder back and everything in rclone reappeared. It looks like it's fixed for now, but I don't know how it got broken and why the script wouldn't fix it as it's been running fine.
  12. /mnt/user/mount_rclone/google_vfs ? No, that's not empty, but unless I'm confused it shouldn't be. It's showing everything that's in my google drive.
  13. Terminal. There is nothing there but the movies directory and it's empty.
  14. I posted this in [Plugin] rclone but crossposting here because I got most of my setup from this guide. Everything has been working great with rclone since I set it up about a month ago. This weekend though, I've lost the unionfs mount. I've shutdown unraid and rebooted and it doesn't seem to want to come back. Manually running ( in background) my rclone_unmount script and then running my rclone_mount script ( in background) always yields the same error in the log. 18.08.2019 08:50:01 INFO: Check rclone vfs already mounted. fuse: mountpoint is not empty fuse: if you are sure this is safe, use the 'nonempty' mount option 18.08.2019 08:50:01 CRITICAL: unionfs Remount failed. Script Finished Sun, 18 Aug 2019 08:50:01 -0500 my mount mount_unionfs isn't empty as I have a movies directory there, the movies directory is empty though. Should I just add the nonempty mount option or is there a different best practice or is something else going on? Any help is appreciated. 
  15. SOLVED: unionfs has to be empty, including directories, when mounting. Everything has been working great with rclone since I set it up about a month ago. This weekend though, I've lost the unionfs mount. I've shutdown unraid and rebooted and it doesn't seem to want to come back. Manually running ( in background) my rclone_unmount script and then running my rclone_mount script ( in background) always yields the same error in the log. 18.08.2019 08:50:01 INFO: Check rclone vfs already mounted. fuse: mountpoint is not empty fuse: if you are sure this is safe, use the 'nonempty' mount option 18.08.2019 08:50:01 CRITICAL: unionfs Remount failed. Script Finished Sun, 18 Aug 2019 08:50:01 -0500 my mount mount_unionfs isn't empty as I have a movies directory there, the movies directory is empty though. Should I just add the nonempty mount option or is there a different best practice or is something else going on? Any help is appreciated.
  16. Had an out of control Radarr docker tonight, three instances of mono at 164%+ cpu. First is the first few lines of top then second is the ps of the mono processes. Anything I should investigate? Only been running Radarr for about a week after getting sick of Couchpotato. The docker page eventually responded and I stopped Radarr and everything has gone back to normal, for now. PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 833 nobody 20 0 2512020 849136 208 R 164.9 5.3 12929:11 mono 26250 nobody 20 0 3116308 1.3g 216 R 164.9 8.4 14097:29 mono 8833 nobody 20 0 2301536 206876 56 S 164.2 1.3 14027:21 mono 4305 root 0 -20 0 0 0 D 9.9 0.0 6:47.54 loop2 700 root 20 0 0 0 0 S 6.3 0.0 28:37.32 kswapd0 11003 root 20 0 229556 23348 18896 S 2.3 0.1 0:00.07 php 21251 root 20 0 0 0 0 I 2.3 0.0 0:03.55 kworker/u16:8-btrfs-endio 2375 root 20 0 0 0 0 I 1.7 0.0 0:03.11 kworker/u16:1-btrfs-endio nobody 833 150 5.2 2512020 849136 ? Sl Apr13 12929:32 /usr/sbin/mono --debug /usr/lib/radarr/Radarr.exe /data=/config /nobrowser /restart nobody 880 0.4 3.8 3259644 624176 ? Ssl Apr14 40:02 mono --debug NzbDrone.exe -nobrowser -data=/config nobody 8833 162 1.2 2301536 206876 ? Rl Apr13 14027:43 /usr/sbin/mono --debug /usr/lib/radarr/Radarr.exe /data=/config /nobrowser /restart root 11016 0.0 0.0 5712 2040 pts/0 S+ 20:06 0:00 grep mono nobody 18319 0.5 3.2 2769340 522740 ? Dl Apr14 44:03 /usr/sbin/mono --debug /usr/lib/radarr/Radarr.exe /data=/config /nobrowser /restart nobody 26250 160 8.4 3116308 1359656 ? Rl Apr13 14097:50 /usr/bin/mono --debug /usr/lib/radarr/Radarr.exe -nobrowser -data=/config
  17. Just an FYI for somebody trying to use CrashPlan for Small Business for their unRAID server. Some info; I am a completely new user to this docker and CrashPlan, no previous CP home backups etc. I have a 10TB system with 7.58TB used. Biggest offenders of space are movies, tv shows, music, photos, pretty much the regular stuff. Most active docker is Plex and it's metadata refreshing etc. I'm backing up flash and appdata and storage, which comes out to 7.5TB. Even though I have almost 8TB to backup, I have my CP docker memory set to 4G, as I only have 8GB in the system total. I have never gotten a crash from memory issues with this setting. When I first setup the docker CP was reporting that it would take around 5 months to complete the backup. This seemed ridiculous to me, and after letting it run for a month and only backup up 2TB I started tweaking settings. This is what I landed on that seems to be working as it's done 10% in the last 12 hours and is showing 4.4 days remaining for the 5TB that are left. The first thing I changed was Frequency and Versions, which I don't think make a difference, but I'm including here for completeness. Setting are; Back up changes every: 30 minutes For one week, keep a version: Every week After one week, keep a version: Every month After 90 days, keep a version: Every 6 months After one year, keep a version: Every year Remove deleted files: Never (I will likely change this as when I delete a file, I do it for a reason) The next thing I changed, which has to be done on the CrashPlan for Small Business website, is to change the Data de-duplication to Minimal. I kind of wish you could turn it off completely, but this is the lowest setting. I also pushed the settings to devices with the radio icon button as I assumed that was important and didn't know how long it would be until the device picked up the setting from CP. I shut down the docker and remembered a previous post here (thanks @denishay ) about dedupe settings; When I looked at mine the value was set to 0, which to my mind would say that no deduping was happening at all, I don't know if it was changed to zero from the Minimal push setting or if it was zero before. Regardless, as people in this thread had some success before, I changed it to 1. I probably should have left it, as I really don't know EXACTLY what setting made a difference, but after restarting, it reduced the backup time from 5 months to 5 days. Thanks to Djoss, and other contributors, things are now working beautifully!
  18. Follow up! I had to leave the network box (router) offline for over 30 minutes, but once I got a new ip all the attacks stopped. Still interested in getting a firewall I can actually control though.
  19. Thanks so much for fixing this so quickly. Hope you are feeling better!
  20. Yes, I do think the edgerouter lite as just a firewall may be a good option for my wired devices. Wireless would still be controlled by the Google fiber network box though. Replacing the network box (maybe more complicated than I can handle) and adding a wifi router would solve pretty much everything. I was hoping for a more simple solution, using unRAID and or docker, that could mitigate some of the possibility of attacks like this. I did find some information about using keys instead of a password for SSH, but most of the threads appear to be pretty old and not at all detailed for someone, like myself, who would need more specific instructions. This would make brute forcing SSH, like what is happening to me now, pretty much impossible.
  21. As mentioned in my first post; My ISP is Google Fiber, which I love except for their terrible network box that really has nothing but port forwarding available for firewall features. It has extremely limited firewall settings. Other settings include, setting static IPs for devices, setting DNS servers, setting DHCP (basic like address range), and setting an endpoint as a DMZ. One thing I could do is put some kind of appliance between the network box (router) and my endpoints, but I don't have an idea for that yet and it would need to be able to handle the 1gig up and down. Using a third party router on their system is possible but difficult. For example; https://www.stevejenkins.com/blog/2015/11/replace-your-google-fiber-network-box-with-a-ubiquiti-edgerouter-lite/ Putting something like fail2ban directly on unRAID would be a nice way to frustrate these attempts, but I haven't found a way to do that. Still looking for any ideas. I did contact Google Fiber and they can't do anything to my network box to mitigate the attacks. They can't even force it to change it's IP.
  22. I can run that from a browser on a windows machine in the same network. Common Ports test gives; ---------------------------------------------------------------------- GRC Port Authority Report created on UTC: 2018-02-12 at 17:13:43 Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113, 119, 135, 139, 143, 389, 443, 445, 1002, 1024-1030, 1720, 5000 0 Ports Open 11 Ports Closed 15 Ports Stealth --------------------- 26 Ports Tested NO PORTS were found to be OPEN. Ports found to be CLOSED were: 0, 1002, 1024, 1025, 1026, 1027, 1028, 1029, 1030, 1720, 5000 Other than what is listed above, all ports are STEALTH. TruStealth: FAILED - NOT all tested ports were STEALTH, - NO unsolicited packets were received, - A PING REPLY (ICMP Echo) WAS RECEIVED. ---------------------------------------------------------------------- All Service Ports test gives; ---------------------------------------------------------------------- GRC Port Authority Report created on UTC: 2018-02-12 at 17:23:42 Results from scan of ports: 0-1055 0 Ports Open 70 Ports Closed 986 Ports Stealth --------------------- 1056 Ports Tested NO PORTS were found to be OPEN. Ports found to be CLOSED were: 0, 1, 2, 3, 4, 30, 61, 62, 91, 92, 121, 122, 151, 152, 181, 182, 211, 212, 241, 242, 271, 272, 301, 302, 332, 333, 362, 363, 392, 393, 422, 423, 452, 453, 483, 484, 513, 514, 544, 545, 606, 607, 636, 637, 667, 668, 696, 697, 726, 727, 756, 757, 787, 788, 817, 818, 847, 848, 877, 878, 907, 908, 938, 939, 968, 969, 998, 999, 1028, 1029 Other than what is listed above, all ports are STEALTH. TruStealth: FAILED - NOT all tested ports were STEALTH, - NO unsolicited packets were received, - A PING REPLY (ICMP Echo) WAS RECEIVED. ---------------------------------------------------------------------- I don't run a browser inside unRAID. However I can run lsof -Pni | grep LISTEN to show all ports being used. Doesn't assess their vulnerability of course. rpcbind 1467 rpc 8u IPv4 1727 0t0 TCP *:111 (LISTEN) rpcbind 1467 rpc 11u IPv6 1730 0t0 TCP *:111 (LISTEN) rpc.statd 1471 rpc 9u IPv4 9886 0t0 TCP *:44971 (LISTEN) rpc.statd 1471 rpc 11u IPv6 9890 0t0 TCP *:35775 (LISTEN) inetd 1481 root 4u IPv4 3480 0t0 TCP *:37 (LISTEN) inetd 1481 root 6u IPv4 3482 0t0 TCP *:21 (LISTEN) inetd 1481 root 7u IPv4 3483 0t0 TCP *:23 (LISTEN) sshd 1489 root 3u IPv4 2787 0t0 TCP *:22 (LISTEN) sshd 1489 root 4u IPv6 2789 0t0 TCP *:22 (LISTEN) smbd 1526 root 29u IPv6 1830 0t0 TCP *:445 (LISTEN) smbd 1526 root 30u IPv6 1831 0t0 TCP *:139 (LISTEN) smbd 1526 root 31u IPv4 1832 0t0 TCP *:445 (LISTEN) smbd 1526 root 32u IPv4 1833 0t0 TCP *:139 (LISTEN) apcupsd 2628 root 4u IPv4 11472 0t0 TCP *:3551 (LISTEN) docker-pr 2647 root 4u IPv6 340250 0t0 TCP *:8989 (LISTEN) nginx 2712 root 7u IPv4 10563 0t0 TCP *:80 (LISTEN) nginx 2712 root 8u IPv6 10564 0t0 TCP *:80 (LISTEN) nginx 2712 root 15u IPv4 210329 0t0 TCP *:443 (LISTEN) nginx 2712 root 16u IPv6 210330 0t0 TCP *:443 (LISTEN) docker-pr 4970 root 4u IPv6 18265 0t0 TCP *:9117 (LISTEN) docker-pr 5311 root 4u IPv6 19090 0t0 TCP *:8181 (LISTEN) docker-pr 5508 root 4u IPv6 22671 0t0 TCP *:2203 (LISTEN) docker-pr 5525 root 4u IPv6 21770 0t0 TCP *:2202 (LISTEN) docker-pr 5802 root 4u IPv6 21907 0t0 TCP *:5050 (LISTEN) ts3server 6569 nobody 32u IPv4 22270 0t0 TCP *:30033 (LISTEN) ts3server 6569 nobody 33u IPv6 22271 0t0 TCP *:30033 (LISTEN) ts3server 6569 nobody 45u IPv4 22282 0t0 TCP *:10011 (LISTEN) ts3server 6569 nobody 46u IPv6 22283 0t0 TCP *:10011 (LISTEN) Plex\x20M 6731 nobody 59u IPv4 25603 0t0 TCP *:32400 (LISTEN) Plex\x20M 6731 nobody 61u IPv4 25607 0t0 TCP 127.0.0.1:32401 (LISTEN) Plex\x20S 7104 nobody 8u IPv4 25950 0t0 TCP 127.0.0.1:33189 (LISTEN) Plex\x20T 7573 nobody 14u IPv4 25127 0t0 TCP 127.0.0.1:32600 (LISTEN) Plex\x20D 7574 nobody 15u IPv4 26709 0t0 TCP *:1894 (LISTEN) Plex\x20D 7574 nobody 24u IPv4 26722 0t0 TCP *:32469 (LISTEN) Plex\x20S 7610 nobody 4u IPv4 27781 0t0 TCP 127.0.0.1:42725 (LISTEN) docker-pr 17802 root 4u IPv6 883902 0t0 TCP *:58946 (LISTEN) docker-pr 17814 root 4u IPv6 883917 0t0 TCP *:58846 (LISTEN) docker-pr 17825 root 4u IPv6 883930 0t0 TCP *:8118 (LISTEN) docker-pr 17837 root 4u IPv6 882835 0t0 TCP *:8112 (LISTEN) nginx 27811 nobody 7u IPv4 10563 0t0 TCP *:80 (LISTEN) nginx 27811 nobody 8u IPv6 10564 0t0 TCP *:80 (LISTEN) nginx 27811 nobody 15u IPv4 210329 0t0 TCP *:443 (LISTEN) nginx 27811 nobody 16u IPv6 210330 0t0 TCP *:443 (LISTEN) Plex\x20S 30083 nobody 4u IPv4 2820813 0t0 TCP 127.0.0.1:44253 (LISTEN) Plex\x20S 30124 nobody 4u IPv4 2821797 0t0 TCP 127.0.0.1:43857 (LISTEN) docker-pr 30144 root 4u IPv6 292394 0t0 TCP *:51413 (LISTEN) docker-pr 30156 root 4u IPv6 289660 0t0 TCP *:9091 (LISTEN) Plex\x20S 30193 nobody 4u IPv4 2820904 0t0 TCP 127.0.0.1:38447 (LISTEN) Plex\x20S 30231 nobody 4u IPv4 2823356 0t0 TCP 127.0.0.1:39423 (LISTEN) Plex\x20S 30256 nobody 4u IPv4 2822469 0t0 TCP 127.0.0.1:39925 (LISTEN)
  23. I could really use some help deciding how to approach this problem and prevent this in the future. I've done a bunch of searching (these forums and reddit) and I'm just spinning my wheels at this point. Two days ago I upgraded to 6.4.1. During the process of this I made some other changes. I generated an SSL cert, which seems to work fine. I also moved Sonarr from a plugin to a docker, which also seems to work fine. However, since upgrading, or maybe not related at all, I have somehow exposed my server to the internet resulting in the Fix Common Problems Plugin reporting that I have over 12k invalid login attempts over the past two days. (Mostly from China and Brazil.) EXAMPLES at end of post. My ISP is Google Fiber, which I love except for their terrible network box that really has nothing but port forwarding available for firewall features. I have three ports forwarded to my Unraid server for Plex, Ubooquity, and Teamspeak. The Teamspeak server uses duckdns so that my friends can get to it when my home IP rotates. Plex forwards connections themselves and Ubooquity is only used by me with a Ubooquity generated username and password. My public facing IP will eventually change with Google Fiber and I can force it by leaving the network box unconnected for about an hour. However, I would like to just have more security for my whole network in general and especially for this currently targeted unRAID box. Any immediate suggestions for my unRAID server are highly welcome. Any other suggestions regarding security with Google Fiber are also welcome, here or in private. Thanks. Feb 12 07:26:45 tmedia sshd[29184]: Disconnected from authenticating user root 61.177.172.188 port 45888 [preauth] Feb 12 07:27:19 tmedia sshd[29270]: Failed password for root from 61.177.172.188 port 53730 ssh2 Feb 12 07:27:19 tmedia sshd[29270]: Failed password for root from 61.177.172.188 port 53730 ssh2 Feb 12 07:27:19 tmedia sshd[29270]: Failed password for root from 61.177.172.188 port 53730 ssh2 Feb 12 07:27:20 tmedia sshd[29270]: Received disconnect from 61.177.172.188 port 53730:11: [preauth] Feb 12 07:27:20 tmedia sshd[29270]: Disconnected from authenticating user root 61.177.172.188 port 53730 [preauth] Feb 12 07:27:40 tmedia in.telnetd[29312]: connect from 187.10.72.47 (187.10.72.47) Feb 12 07:27:41 tmedia login[29313]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:27:45 tmedia login[29313]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:27:49 tmedia login[29313]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:27:53 tmedia login[29313]: invalid password for 'UNKNOWN' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:27:53 tmedia sshd[29332]: Failed password for root from 61.177.172.188 port 53602 ssh2 Feb 12 07:27:53 tmedia sshd[29332]: Failed password for root from 61.177.172.188 port 53602 ssh2 Feb 12 07:27:54 tmedia sshd[29332]: Failed password for root from 61.177.172.188 port 53602 ssh2 Feb 12 07:27:54 tmedia sshd[29332]: Received disconnect from 61.177.172.188 port 53602:11: [preauth] Feb 12 07:27:54 tmedia sshd[29332]: Disconnected from authenticating user root 61.177.172.188 port 53602 [preauth] Feb 12 07:27:56 tmedia login[29313]: invalid password for 'UNKNOWN' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:27:56 tmedia login[29313]: REPEATED login failures on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:00 tmedia in.telnetd[29365]: connect from 187.10.72.47 (187.10.72.47) Feb 12 07:28:02 tmedia login[29366]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:06 tmedia login[29366]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:10 tmedia login[29366]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:14 tmedia login[29366]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:18 tmedia login[29366]: invalid password for 'UNKNOWN' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:18 tmedia login[29366]: REPEATED login failures on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:21 tmedia in.telnetd[29439]: connect from 187.10.72.47 (187.10.72.47) Feb 12 07:28:23 tmedia login[29440]: invalid password for 'root' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:27 tmedia login[29440]: invalid password for 'UNKNOWN' on '/dev/pts/0' from '187-10-72-47.dsl.telesp.net.br' Feb 12 07:28:30 tmedia sshd[29467]: Failed password for root from 61.177.172.188 port 31753 ssh2 Feb 12 07:28:30 tmedia sshd[29467]: Failed password for root from 61.177.172.188 port 31753 ssh2
  24. *update update* I'm an idiot. It helps if you put in a name in the field for the client. Totally sorry for bothering you. *update* I checked all the files you listed and they are there, minus peter of course. Yeah I waited for quite a while. Didn't really keep track. It did give me a green check mark. Tried it with 2048 bit and got the same error: Adding client: spawn ./easyrsa build-client-full nopass Generating a 2048 bit RSA private key ..................................................................................................+++ ...+++ writing new private key to '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/nopass.key.XXXXbBXC6g' Enter PEM pass phrase: Verifying - Enter PEM pass phrase:cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/issued/.crt': No such file or directory cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/.key': No such file or directory you got only one client script, instead of script plus 4 keys and certs /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 473: ./.crt: No such file or directory /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 477: ./.key: No such file or directory cp: cannot stat '.crt': No such file or directory cp: cannot stat '.key': No such file or directory rm: cannot remove '.crt': No such file or directory rm: cannot remove '.key': No such file or directory Done Inline file !
  25. Can't seem to generate a client. Getting; Adding client: spawn ./easyrsa build-client-full nopass Generating a 4096 bit RSA private key ..................++ ...++ writing new private key to '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/nopass.key.XXXXy2EIKW' Enter PEM pass phrase: Verifying - Enter PEM pass phrase:cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/issued/.crt': No such file or directory cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/.key': No such file or directory you got only one client script, instead of script plus 4 keys and certs /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 473: ./.crt: No such file or directory /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 477: ./.key: No such file or directory cp: cannot stat '.crt': No such file or directory cp: cannot stat '.key': No such file or directory rm: cannot remove '.crt': No such file or directory rm: cannot remove '.key': No such file or directory Done Inline file !