avconf was (fortunately) discontinued and the project went back to ffmpeg.
user@host:~$ avconv -i The.Wire.1x02.The.Detail..DvDRip.XviD.AC3.Thomilla.avi -f srt -i The_Wire.102_English.srt -c:v copy -c:a copy -c:s mov_text The.Wire.1x02.The.Detail.Subs.Eng.avi`
A collection of ffmpeg commands that I’ve used over years to add subtitles, convert formats, etc… Is available at my ffmpeg Gitlab project
user@host:~$ mencoder Homeland.S01E01.webm -sub Homeland\ -\ 1x01\ -\ Pilot.720p\ HDTV.en.srt -o Homeland.S01E01.subs.webm -oac copy -ovc x264 -ni -x264encopts threads=1:preset=veryslow:tune=film:crf=15:frameref=15:fast_pskip=0:global_header
user@host:~$ opendkim-genkey -b 2048 -d admiraphotography.com -s admiraphotography.com
user@host:~$ chown opendkim:opendkim admiraphotography.com.*
/etc/postfix/dkim/keylist AND /etc/postfix/dkim/signtableuser@host:~$ dsync -u jorge@nubelibre.es mirror ssh -p 3000 vmail@localhost dsync -u jorge@nubelibre.com
user@host:~$ route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.1 dev eth1
user@host:~$ route del -net 192.168.100.0/24
user@host:~$ vblank_mode=0 optirun -b primus glmark2
user@host:~$ primusrun glmark2
If you only need remote access from one IP address (say from work to your home server), then consider filtering connections at your firewall by either adding a firewall rule on your router or in iptables to limit access on port 22 to only that specific IP address. For example, in iptables this could be achieved with the following type of rule:
user@host:~$ iptables -A INPUT -p tcp -s 72.232.194.162 --dport 22 -j ACCEPT
SSH also natively supports TCP wrappers and access to the ssh service may be similarly controlled using hosts.allow and hosts.deny.
If you are unable to limit source IP addresses, and must open the ssh port globally, then iptables can still help prevent brute-force attacks by logging and blocking repeated attempts to login from the same IP address. For example,
user@host:~$ iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name ssh --rsource
user@host:~$ iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT
The first rule records the IP address of each new attempt to access port 22 using the recent module. The second rule checks to see if that IP address has attempted to connect 4 or more times within the last 60 seconds, and if not then the packet is accepted. Note this rule would require a default policy of DROP on the input chain.
Don’t forget to change the port as appropriate if you are running ssh on a non-standard port. Where possible, filtering at the firewall is an extremely effective method of securing access to an ssh server.
OUTDATED
When key and cert are in separate files, decrypt as:
user@host:~$ openssl rsa -in groups.nubelibre.com.key -out groups.nubelibre.com_d.key
user@host:~$ du -sch .[!.]* * | sort -h
user@host:~$ echo "saimonpc@gmail.com" | add_members -a y -w y -r - trecefreaks
suscrito: saimonpc@gmail.com
user@host:~$ root@hermes:/var/lib/mailman/bin# list_members trecefreaks
rafa@unodelostrece.com
saimonpc@gmail.com
user@host:~$ groupadd castel
user@host:~$ useradd -m -d /home/castel -c "gaia admin" -b /home/castel -g castel -G kvm,libvirt,adm,sudo castel
A simple solution that worked for me
For everyone who had problems running it on the rp2 a simple solution is to use the bmap-tools to copy the image (as the author says) on the sd instead of any other programs. The procedure that worked for me was:
sudo apt-get install bmap-tools and install it.sudo bmaptool copy --nobmap 'yourlocation/jessie-rpi2.img' /dev/sdx (Change yourlocation to the location of the .img file and sdx for the letter where the SD is mounted, if you don’t know it type sudo fdisk -l and look for it).Actually this port is pretty damm fast, it seems a clearly replacement for our lovely Raspbian
dd will do the job too
Example:
user@host:~$ pen smtp mailhost1:smtp mailhost2:25 mailhost3
you can check amount of packet drop for each rule with
iptables -L INPUT -v -n
-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j LOG --log-prefix "FIN: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
-A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j LOG --log-prefix "PSH: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
-A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j LOG --log-prefix "URG: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j LOG --log-prefix "XMAS scan: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j LOG --log-prefix "NULL scan: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j LOG --log-prefix "pscan: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j LOG --log-prefix "pscan 2: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j LOG --log-prefix "pscan 2: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN -j LOG --log-prefix "SYNFIN-SCAN: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j LOG --log-prefix "NMAP-XMAS-SCAN: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN -j LOG --log-prefix "FIN-SCAN: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,PSH,URG -j LOG --log-prefix "NMAP-ID: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,PSH,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j LOG --log-prefix "SYN-RST: " --log-level 7
proxima-nova;I have fixed my own problem as follows:
brctl show on manila-share node (option2) and I see one bridge like “brqba908a69-41” added “vxlan-78” but it’s not have “tab12345…”brctl addif brqba908a69-41 tap6235430e-05 with root privilegeuser@host:~$ dd bs=64k if=/dev/cinder-volumes/volume-8c705c8d-9af5-42b1-a588-6326bda7c807 | ssh gaia -p 3000 -i /home/castel/.ssh/castelkey dd bs=64k of=/dev/vg0/gitlab
OUTDATED: Nowadays I use
rspamd.
user@host:~$ sa-learn --showdots --spam /opt/mail/admiraphotography.it/info/Maildir/.Spam/
user@host:~$ openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
user@host:~$ openstack subnet create --network provider --allocation-pool start=192.168.1.50,end=192.168.1.100 --dns-nameserver 8.8.4.4 --gateway 192.168.1.1 --subnet-range 192.168.1.0/24 provider