November 6, 20187 yr Hello everyone, I have a problem with the share. After a while, my shares are no longer visible on the WebUi and I can not access them from Windows. If I restart the server, everything returns to normal. I do not know if it's related to updates. If not the only thing that has changed on my server is adding a Melanox Connectx II card. I do not know where to start if someone had an idea that would be appreciated. Thank you for your answers Unraid version : 6.6.3 Edited November 6, 20187 yr by nanouke
November 6, 20187 yr Grab your diagnostics after the problem has happened. If the GUI is responsive that would be Tools -> Diagnostics. If not you can type diagnostics at the command prompt - either ssh in or, if you can't, connect a keyboard and monitor. In the latter case the diagnostics zip file is stored in the logs folder on the flash device. Attach it to your next post.
November 7, 20187 yr Author Here are my diagnostic files. I specify that the WebUi works perfectly. tower-diagnostics-20181106-1901.zip
November 7, 20187 yr 3 minutes ago, nanouke said: Here are my diagnostic files. I specify that the WebUi works perfectly. tower-diagnostics-20181106-1901.zip You have a ton of attempted SSH connections from the Netherlands to your server in the logs. Do you have your server exposed to the Internet?
November 7, 20187 yr @nanouke See this thread regarding the same problem (external SSH connections) recently experienced by another user and how to make sure your server is secure. I haven't looked at your log for anything related to the shares issue, but, the very large number of attempted SSH connections should be of concern to you.
November 7, 20187 yr Author Yes, my server is exposed on the web in a DMZ. Strangely, I often connect to a VPN in Netherlands, but I never connect to my server from this network interface. I will cut off access immediately.
November 7, 20187 yr 10 minutes ago, nanouke said: Yes, my server is exposed on the web in a DMZ. Putting your server in a DMZ will eventually result in external attempts to attack your server (in your case it already has). Someone from IP address 62.112.11.81 really wants to get to your server. A better practice would be to keep your server out of the DMZ, lock it down as much as possible and forward only the ports you need for external access such as OpenVPN, Plex, etc. Edited November 7, 20187 yr by Hoopster
November 7, 20187 yr 27 minutes ago, limetech said: Beware the Dutch! That's what I think every time a new "feature" appears in the webGUI. There is probably all sorts of spyware in there and backdoor access to our servers. 😀
November 7, 20187 yr Author For now, I will stay in local and I restarted the server. I do not know if this will solve the problem of the shares folder, but it will not hurt. I'll have to wait until tomorrow, see if the problem comes back. Thank you for pointing out the security problem. Usually it is not my style to neglect this type of problem, but being novice in Unraid I got excited about the things I could do, neglecting safety.
November 7, 20187 yr 1 hour ago, nanouke said: I have a problem with the share. After a while, my shares are no longer visible on the WebUi and I can not access them from Windows. If I restart the server, everything returns to normal. I see you have several NFS shares. Most users who had this issue reported that 6.6.3 seems to have resolved it, but, what you describe is exactly what many users with NFS-accessible share were reporting with 6.6.0 and 6.6.1. See here for the discussion. You do not not have any nfsd crashes in your log so, hopefully, your issue is unrelated.
November 7, 20187 yr Author I hope that is not the case. I'll confirm that tomorrow. On the other hand, it looks a lot like my problem. If it's the same problem, I do not know how I'm going to fix it. Thanks for your help.
November 7, 20187 yr Community Expert 1 hour ago, Hoopster said: Someone from IP address 62.112.11.81 really wants to get to your server. If you expose your server like this, it isn't really necessary for any real person to want to get into your particular server. There are bots that make these attacks automated and if they can they will try repeatedly and relentlessly and only get the people involved once they get in.
November 7, 20187 yr 3 minutes ago, trurl said: There are bots that make these attacks automated No real person can attempt to login multiple times per second as indicated in the logs. "Someone" does not necessarily mean a real person was trying to attack him; bots are people too in this case. 😀
November 7, 20187 yr 2 minutes ago, Hoopster said: bots are people too in this case. All hail our robot overlords.
November 7, 20187 yr Author Finally, I think it's related to the NFS bug. I'm going to open a post in the bug section. Thank you for your help and I promise to secure my server once the bug is fixed.
November 7, 20187 yr 1 minute ago, nanouke said: I promise to secure my server once the bug is fixed. Doesn't seem to me to be the correct approach
November 7, 20187 yr Author Why, currently my server is behind a firewall (then it is no longer accessible from outside) and it is not usable because of the bug. So I do not see the importance of securing it. I do not even know if the problem will persist.
November 7, 20187 yr 21 hours ago, Hoopster said: That's what I think every time a new "feature" appears in the webGUI. There is probably all sorts of spyware in there and backdoor access to our servers. 😀 You missed the “NSA” and “CIA” feature set (read the small print)
November 7, 20187 yr 4 minutes ago, bonienl said: You missed the “NSA” and “CIA” feature set (read the small print) Should be noted that CA does NOT report back to the NSA / CIA / MPAA / The Vatican. (Although I wouldn't be allowed to tell you if it did )
November 7, 20187 yr 2 minutes ago, Squid said: Should be noted that CA does NOT report back to the NSA / CIA / MPAA / The Vatican. (Although I wouldn't be allowed to tell you if it did ) CA seems to know everything I do and have installed. Sounds suspiciously like spyware ...
Archived
This topic is now archived and is closed to further replies.