statecowboy
-
Posts
113 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by statecowboy
-
-
Hi guys. I was curious how to rectify the unraid mem errors with my actual dimms. In my case, I am able to log in to my web console and see errors. I also have an LED that blinks when an error is registered. In this case DIMM H2 is lit up and my web console output the following:
1679 02/17/2018 23:29:30 Mmry ECC Sensor Memory Correctable ECC. CPU: 2, DIMM: H2. - Asserted
That said, this is the error I get in unraid.
Feb 17 17:27:57 someflix-unraid kernel: mce: [Hardware Error]: Machine check events logged
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: HANDLING MCE MEMORY ERROR
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: CPU 10: Machine Check Event: 0 Bank 12: 8c000043000800c3
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: TSC 5365d5a58cd7c
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: ADDR 9dd90f000
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: MISC 122100008000868c
Feb 17 17:27:57 someflix-unraid kernel: EDAC sbridge MC1: PROCESSOR 0:306e4 TIME 1518910077 SOCKET 1 APIC 20
Feb 17 17:27:57 someflix-unraid kernel: EDAC MC1: 1 CE memory scrubbing error on CPU_SrcID#1_Ha#0_Chan#0_DIMM#1 (channel:0 slot:1 page:0x9dd90f offset:0x0 grain:32 syndrome:0x0 - area:DRAM err_code:0008:00c3 socket:1 ha:0 channel_mask:1 rank:4)Can someone explain how to tell from the unraid log which DIMM I am getting an error on? Obviously I can check my web console, but I was curious what the methodology is.
Thanks
-
5 minutes ago, Frank1940 said:
Me, I would be tempted to get a good router and use that Fiber optic box strictly as a Modem. I would bet you don't even have a good manual for it. By the way there is another good tool to use to scan your IP address from the Internet side of things.
https://www.grc.com/x/ne.dll?bh0bkyd2
This the 'Shields up' scanner and is run by Gibson Research and has been around since the days of dial-up modems. Be sure to do an all ports scan and look at any ports that you find in the syslog between port 1024.
Thanks for the tip. I've got a unifi AP and switch. I may just get myself a unifi gateway and replace the fiber network box. That's very disappointing that it was doing that and I have no way of knowing.
-
I think I may have found the problem. When I closed 22 after ssh'ing into the machine a couple of weeks ago, I dont think that change took got implemented. I used pentest tools to scan my server and it found 22 open. I restarted my network box (google fiber - which is also my router) and tried again and 22 was shown as closed. That's frustrating. Guess I'll just have to remember to restart my network box if I mess with ports going forward.
-
1 hour ago, tdallen said:
I agree with @Frank1940 that you should look more closely at your router. Can you turn on firewall logging?
My router is just the google fiber network box. I am confident there are no DMZ assigned ports. I may give a different static IP a try, but damn that's gonna suck re-configuring everything.
-
Sorry for the additional reply, but I am stumped on this. How can these bots possibly be hitting my machine on the ports it says they're trying when those arent even open? For what it's worth, I've stopped each docker one by one while watching my logs to see if these attempts stop and they do not.
ErrorWarningSystemArrayLogin
Feb 16 11:23:01 someflix-unraid sshd[98067]: error: maximum authentication attempts exceeded for root from 42.7.26.49 port 47619 ssh2 [preauth]
Feb 16 11:23:01 someflix-unraid sshd[98067]: Disconnecting authenticating user root 42.7.26.49 port 47619: Too many authentication failures [preauth]
Feb 16 11:23:01 someflix-unraid sshd[98063]: Failed password for root from 61.177.172.188 port 33667 ssh2
Feb 16 11:23:01 someflix-unraid sshd[98063]: Failed password for root from 61.177.172.188 port 33667 ssh2
Feb 16 11:23:03 someflix-unraid sshd[98063]: Failed password for root from 61.177.172.188 port 33667 ssh2
Feb 16 11:23:04 someflix-unraid sshd[98063]: Received disconnect from 61.177.172.188 port 33667:11: [preauth]
Feb 16 11:23:04 someflix-unraid sshd[98063]: Disconnected from authenticating user root 61.177.172.188 port 33667 [preauth] -
2 minutes ago, Squid said:
If you didn't either Acknowledge the error or Reboot your server (ideal to clear out the syslog), everytime FCP does a rescan it will find the same issue and retrigger. I don't suggest however to ever hit Ignore on this one.
Thanks Squid. I should have been more clear. When I first got these warnings I did restart the machine and they went away. However, these bots seem to keep coming back. I'm wondering if there's something else I need to be doing to prevent them from trying to get in. They all appear to be SSH or SSH2 connection attempts.
Edit - the other port I have forwarded is for Open VPN as well (1194). So 80, 443, 32400, and 1194 are forwarded.
-
Hi guys - so I still get these warnings when I run fix common problems. It seems to have all started when I opened my port to SSH into my machine. That port has since been closed. The only ports opened now are for plex and for my webserver (80 and 443). My web server has fail2ban integrated in case someone tries to go that route.
Is there anything else I need to do or can do to stop these? It's more of a nuisance now than anything. Or is this just part of having a server open to the internet (even though it's just plex and web hosts that are opened).
Thanks
-
you have all of the isos in your iso share? The windows iso and the virtio? Both in the same folder.
-
Have you watched this?
-
If you're looking for build advice, you may have a look at this subreddit also. I personally went with the E5-2680v2 build. I have 64 GB Ram and I run VMs. I have 2 SSDs in my unraid server. One serves cache needs (speeds up downloading/processing for PVR programs), and the other is used to store and run my dockers and VMs.
-
I've got basically the same setup as you (and google fiber). I find that when I've opened port 22 to ssh into my machine those bots start trying to get in. The solution for me was to change which port SSH operates on and only open it when needed. I run lets encrypt and open vpn on my unraid machine so have those ports opened only. In the end, from what i understand these attack attempts are expected when you open a port like 22 or a more common port. I get the same results as you, but nobody is getting anywhere.
I guess what I'm getting at is the GF network box seems to be doing its job, only allowing in traffic in ports you've specified, and only with good auth.
For what it's worth I also have a unifi AP and have no ports forwarded for the controller and can still access the controller over the cloud.
-
Almost identical error from my post (link below). Seems odd that out of 16 sticks of RAM we're getting the same error on the same DIMM.
Feb 6 18:03:48 someflix-unraid kernel: mce: [Hardware Error]: Machine check events logged
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: HANDLING MCE MEMORY ERROR
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: CPU 10: Machine Check Event: 0 Bank 9: 8c000047000800c0
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: TSC 19b588d990bfb
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: ADDR 98932a000
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: MISC 1221080008000e8c
Feb 6 18:03:48 someflix-unraid kernel: EDAC sbridge MC1: PROCESSOR 0:306e4 TIME 1517961828 SOCKET 1 APIC 20
Feb 6 18:03:48 someflix-unraid kernel: EDAC MC1: 1 CE memory scrubbing error on CPU_SrcID#1_Ha#0_Chan#0_DIMM#1 (channel:0 slot:1 page:0x98932a offset:0x0 grain:32 syndrome:0x0 - area:DRAM err_code:0008:00c0 socket:1 ha:0 channel_mask:1 rank:4) -
No worries on hijacking the thread. I ended up stopping all dockers except krusader and transferring all dockers and my dockers.img that way.
-
OK, I will do some mem testing when I get the chance. Any opinion on the theory that the sas expander is causing some sort of issue with the machine? Has anyone ever heard of that?
-
Logs attached. I noticed I had a drive going bad/getting old. Not sure if this could be related. Really appreciate any advice. I removed the drive and am running unprotected right now. I believe memory errors pop up around 18:00:00 ish.
Also worth mentioning. I have a friend with the exact same build for his machine. We both use LSI 9210-8i controllers with HP 487738-001 HP 24 Bay SAS expanders. He had a similar event happen and it snowballed on him and he ended up removing the card thinking it was causing the issues (I've been running the card for over a week with no issues, FWIW). We bought the cards as a lot of 2 used on ebay.
-
6 minutes ago, CHBMB said:
Thanks CHBMB! Definitely bookmarking that for later use.
Also, I don't want to sound ungrateful for the great info in these forums, but just a suggestion. I think having sub-forums for each of these dockers would be helpful instead of one long support thread. I'm sure whoever makes that decision has valid reasons to keep it the way it is, but I think there's value to doing it that way.
-
1 hour ago, IamSpartacus said:
How do you handle backups of your appdata since it's on an unprotected disk? I'd like to do something similar but I'll need some kind of backup/redundancy for my appdata.
I use this:
And just have the settings configured to point to where my apps/dockers are and they get backed up to the array. I also use the duplicati plugin and have it set to back up my apps folder once a week to google drive.
-
3 hours ago, lovaan said:
Is your server maybe in the DMZ on your network? I put mine on the DMZ last week because I wanted to test something that wasn't covered by my firewall/NAT. In the 3-4 hours it was there I received multiple login attempts from no less than 6 different IP addresses. This is a prime example of why having a secure password is essential.
No it was not. That said, I have been messing about with ports in the last week getting stuff set up. I've since locked everything down to what's required (and removed 22). My bigger concer was that SSH'ing into my machine somehow exposed something to the outside world.
-
Hi guys. I spent a long time last night getting this docker set up to control an AC-AP Pro. In the end, I got it to work and can access the interface over the cloud. Great.
That said, the only thing that allowed me to successfully adopt the AP was to reconfigure the container to be a host connection, not a bridge. That said, after it successfully adopted the AP, I got a STUN error, and reconfigured the docker container to go back to bridge and everything works fine now. I'm sure I went about this the wrong way, but could someone explain why the controller would not adopt the AP when in bridge mode? Was there something else I should have done? Thanks.
-
Not sure how this could have happened, but it appears concerning. I SSH'd into my machine from work today to check something. Just a bit ago I ran fix common problems and was notified there was a possible hack attempt. Excerpt from logs attached (replaced domain name with "DOMAIN-NAME" and my work ip with "GOOD.IP"). Any ideas how this could have happened and how to prevent it from happening again? It does not appear that anyone got anywhere, I'm just concerned with how they started sniffing in the first place.
EDIT - for what it's worth I am serving organizr from my server as well as plex and openvpn. I've set up fail2ban according to the linked guide below.
https://technicalramblings.com/blog/fail2ban-with-organizr-and-let-sencrypt/
-
Hi guys, I am getting the following error:
There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for exact set of domains: INSERTDOMAINHERE.com,www.INSERTDOMAINHERE.com: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container.Some background. I had just done something on my unraid server and saw a notification that there was an update available for the letsencrypt docker. I updated and this is the error I received. Any ideas? I will be checking DNS to make sure nothing is wrong there, but it's highly unlikely as everything was working just fine before updating the docker.
Maybe also worth noting is I validate via http (and the flag is set to true).
UPDATE - I don't know why but deleting my docker an reinstalling fixed it.
-
Thank you - worked flawlessly. Used krusader to copy over all the files and shaved off a few hours versus using smb.
-
31 minutes ago, CHBMB said:
You can move the lot, just make sure the docker service is stopped and you update the location of docker.img in the settings before restarting it.
Sent from my LG-H815 using Tapatalk
At the risk of sounding extra dense. To clarify what you mean. Are you saying I need to create a system/docker folder in the UD? Or just some location (I can choose to call it whatever I want) that docker points to? I assume docker will automatically generate the docker.img, right? Also, can I delete the old docker.img from /mnt/user/system/docker/docker.img afterwards?
-
To be extra cautious....would this work? Backup appdata using appdata backup/restore. Create folder in unassigned drive called "Apps". Extract contents of backed up apps to this new "Apps" folder. Update docker containers with path moved from old "/mnt/user/appdata/appnamehere" to "/mnt/disks/Samsung_SSD_850_EVO_500GB_S3PTNF0JB57874H/Apps"?
Anything in particular I need to do about "/mnt/user/system/docker/docker.img"?
UPDATE - sorry CHBMB, looks like you beat me to the punch.
No Mouse?
in VM Engine (KVM)
Posted
I noticed it on chrome. I switched to using splashtop and it's been a much better experience.