Wauw ..

yesterday and today I tried to upgrade my HP Microserver Gen8 from VMWARE ESXI 6.0.0 to 6.5
what a trouble ..

Steps:
shut down all vms (hosts) and enter maintenance mode. If you do this there are a number of online blogs with help to install from online depots but in all my tests it was too slow or I was to impatient to wait to end. But in the end I always ended up with an system with errors:

the transaction is not supported: VIB Hewlett-Packard_bootbank_scsi-hpvsa_5.5.0-88OEM.550.0.0.1331820

Do not try to force the installation. You will end up with an system where it seems that your EXSI is updated to 6.5 but actually is is running in a ramdisk environment. Easy to see cause you have lost your datastores (NFS datastores are still mounted).

If you than reboot: you are back to 6.0.0 .. so how to solve this:

easy: when entering maintenance mode: reboot your machine. In many guidelines this part is not mentioned.

After I rebooted I first tried the online depot installation documentation but ended up waiting and waiting. I got a VMWARE image for update from VMWARE but I got all kinds of different issues again:

“The upgrade contains the following set of conflicting VIB” When using the standard image of VMWARE: many conflicting vibs a no go for me. So I read some blogs and I found out that it is best to keep using your HPE image vmware files. (So in short: if you used the HPE VMWARE ESXI ISO installing Esxi onto your HP Microserver Gen8 keep using the update files with HPE in it and not the plain VMWARE onces. It can give issues !

After I used the HPE image I only got 1 issue: one vib was still complaining. On this blog I read what I needed to do: remove this vib (partner supported, so not native).

After removing this VIB I could upload the various ZIP bundle files like

VMware-ESXi-6.5.0-5310538-HPE-650.10.1.0.47-Jul2017-depot.zip
VMware-ESXi-6.5.0-Update1-5969303-HPE-650.U1.10.1.0.14-Jul2017-depot.zip

with the command:
esxcli software vib install -d “/vmfs/volumes/datastore1/patch-directory/VMware-ESXi-6.5.0-5310538-HPE-650.10.1.0.47-Jul2017-depot.zip”

I was able to install finally the 6.5 version. Due to issues of Storage driver I immediately updated to the U1 update
with the command:

esxcli software vib update -d “/vmfs/volumes/datastore1/patch-directory/VMware-ESXi-6.5.0-Update1-5969303-HPE-650.U1.10.1.0.14-Jul2017-depot.zip”

the blog nxhut showed me some info that with the U1 version the storage speed performance issues should be over.

A simple test downloading a file towards a VM showed me a 18MB/s so the 10MB/s barrier was not seen.

A last reboot and get the machine out of maintenance mode. Finally I have a running 6.5U1.

 

Yeah .. wierd title

So in my case: I am at location A and I am making a VPN to my local network what is at location B

I can access all my local servers and computers, but one !

“The One” is a server which has a dedicated openvpn connection to location C, when this is active my VPN from location A cannot access “The One” at location B. Only when the OpenVPN connection is terminated

Solution: add a static route on “The One”

check with: ip route show

and add the route like this: ip route add 10.10.10.0/24 via 10.1.1.1 dev eth0

where 10.10.10.0 is the VPN IP range what your local network is giving VPN users and via 10.1.1.1 is the IP of your gateway (router)

… easy peacy ..

Google zegt dat deze site mogelijk gehacked is ..

en laat dat nu eens niet het geval zijn

Deze site is mogelijk gehackt., zegt Google. Ja maar …. en dan ga je zoeken, testen en je weet me god niet waar je moet zoeken. Want .. tsja je krijgt wel een link, maar als je link naar de weblog sectie van deze site verwijst dan staan daar een x aantal berichten onder met wat ‘technisch’ karakter, maar dat is het dan wel .. heb dus totaal geen idee waar ik moet zoeken of wel stukje code wat ik getikt hebt een trigger is voor Alphabet’s Google ..

Mocht je iets vreemds bemerken, ik hoor het wel, tot die tijd blijven we ons afvragen wat er mis zou zijn .. (Ik heb het theme is al veranderd .. ) dus een theme hack sluit ik even uit

 

update: Na eerst 1 pagina aan te merken als iets wat niet goed zou zijn, vond Google dat dan de gehele site wel even geïnfecteerd was. Maar echte duiding wat er dan mis is: nope ..

Dus ..

update: diep in de spelonken van dit weblog was wel wat aan de hand met wat gemodificeerde bestanden maar zou niet zo 1-2-3 kunnen zien of dat Google zou signaleren .. maar goed , WordPress maar even waar nodig geheel verwijderd en opnieuw geïnstalleerd zodat er geen ‘historie’ van oude bestanden meer aanwezig was.

Tevens een aantal folders die niet meer gebruikt werden ook verwijderd zodat dat ook geen belemmering zou kunnen geven ..Zie hier . site is weer ok .. zegt Google dan ;)

For many years I am using PGOffline, a tool to get all the content from yahoogroups.

PGOffline was using up to version 3 an Access Database but with the release of version  4 they went to an SQLite database.  Here came my problem.

For years I was inserting the data from the Access Database into an MySQL database so that with an PHP script I could search through more than 100.00 messages.

But after PGOffline went to SQLite I had an issue cause my ODBC connection was not working anymore. Due to some change in PC’s and notebooks I lost my access database with the ODBC and Queries as well (damn .. )

Altough the mailinglist is not that active anymore, there were some 6000 messages submitted in around 1,5 to 2 years. and I want to have them inserted in the MySQL database still ..

The issue I had was that the SQLite database of PGOffline contains a BLOB (Binary Object)  with the message and is not ‘simply’ readable.

for months I was trying and there was no solution for me to fix that. Until last weekend. And actually it was pretty easy. And I fixed it ..

1. Microsoft Access

2. Make sure you have access to your MySQL database and able to connect to it (do check my.cnf for the bind address (if you are on Linux) make sure you can connect to it from other machines) and make sure the firewall does not block its port (which I noticed after 15 minutes of trying or so)

3. install MySQL ODBC drivers in your environment

4. install SQLite ODBC drivers in your environment

In Access make sure you link to the database with linked tables.

the SQLite database is just the file. In my example its on the same computer as the Access database

The issue I had with the SQLite database and its linked tables was that the ODBC driver did not allow me to search with wildcards (select * from person  where person is like ‘a%’) . To make sure I have all subscribers I made an update query to a local table with all the persons, but in fact that is not needed.

Than I made sure I could read the messages

with this query: ‘StrConv([content],64)’ I was able to decode the BLOB.  and with some other InStr queries I removed the beginning and end of the start of the message as this is ‘garbage’ not needed, I added some HTML breaks.

Finally I created an update query inserting all the new messages from the SQL database not in the MySQL database, I even found that very old messages were not imported at all they were forgotten, now they were inserted as my Query statement request to insert all YahooMessageID’s not in the MySQL database ..

 

 

 

Gisteren de website overgezet naar https, gewoon omdat het kan en omdat ik eea wilde uittesten met een certificaat op de website. Het werkt. Ik ben er dus blij mee. Certificaat werkt voor een jaar dus daarna zien we wel verder ;0)

Alleen krijg ik momenteel het niet voor elkaar om die www  eraf te halen (too many redirects) .. uhmm zal wel een foute plugin zijn ..

[nerd mode] this article includes the update with solution ;-)

Does someone know how to configure Munin to change or rename graph titles of a smart switch with SNMP?

I have a smart Ethernet switch and I get my SNMP data, but the interface ports are called: interface port 1, interface port 2, interface port 3 etc.. But I want to have this renamed so that I can identify the various interface ports as: router, NAS, uplink, wireless, server1, server 2 etc.

Is it possible to configure this with munin?

I’ve looked in the docs, but cannot find anything about how to rename something.

Update, after long searching and looking through manuals/guides/how-to I have found what does the job [this was the entry telling me: hey that could be the solution]

in munin.conf select the config part where the device / node is configured

[highway1]
address 127.0.0.1
use_node_name no

Under use_node_name no you can put your manual ‘overrides’

Port one of my smart switch is called:

  • snmp_highway1_if_err_1 (for errors)
  • snmp_highway1_if_1.graph_title (for traffic)

So here I define the names of the interfaces:

snmp_highway1_if_err_1.graph_title [P1] Cable/Router Errors
snmp_highway1_if_1.graph_title [P1] Cable/Router Traffic
snmp_highway1_if_err_2.graph_title [P2] Smart Switch Boven Errors
snmp_highway1_if_2.graph_title [P2] Smart Switch Boven Traffic
snmp_highway1_if_err_3.graph_title [P3] AccessPoint/Switch Kamer Errors
snmp_highway1_if_3.graph_title [P3] AccessPoint/Switch Kamer Traffic

etc.

The magic is done with .graph_title, per interface you can define the graph title.

After 5 minutes of waiting my graphs are being updated and generated with the correct interface names so that you can remember what you have connected to which port of your smart switch (in my case).

networktraffic

I use a number of ‘open’ directories on my server for years, but I switched servers and updated Plesk to version 11.

Suddenly my open directories where not open anymore and no content was visible. In my error.log I find this error:

Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/vhosts/domain.com/httpdocs/index.pl

I searched the internet and I could not find a good solution other than that I had to change my dir.conf where is stated: DirectoryIndex at_domains_index.html index.php index.html index.cgi index.pl index.xhtml index.htm index.shtml index.cfm

I even changed my vhost configuration what did not work either, it might helped finding the solution, so I will check if my changed vhost.conf is necessary.

in the end: changing dir.conf with the line about the indexes was the solution. I had to remove to remove at least the perl (.pl) one.

I now have:

DirectoryIndex at_domains_index.html index.php index.html index.htm

restarted apache with: service apache2 restart and issue was resolved

zo, vandaag weer eens een oud spelletje gespeeld met spammers. Wat scripts waren op de een of andere manier aangetast.
Beestje lastig uitzoeken wat, maar ik denk te weten wat het was ..
helaas pindakaas voor de rotating banners..

Today I got an SMS that my mailserver was bouncing mail from someone. In first instance it was unclear to me why it was blocked, but after analyzing further I found out that by default the cloud outlook mailservice of microsoft is being blocked by many mailservers. Because the name of the server is using ‘pool’ in the domainname lookup:

greylisting filter[539]: list type: black, from: ch1outboundpool.messaging.microsoft.com, match string: dsl|pool|broadband|hsd

So missing important emails is a big failure and even a bigger bummer when you do not know exactly why. Ok I added the mail adres in the whitelist, but it would be better to allow such kind of domains sending mail.

So how to do this in plesk with greylisting?

See first with ./greylisting -i (info-Server) that it is indeed blocked

./grey_listing –update-server -domains-blacklist del:”dsl|pool|broadband|hsd”

this will remove it and with ./grey_listing -i you can see