iptables – libvirt with qemu/kvm guest, guest can ssh to host and vice versa, but failed to samba or ftp to host

I am running libvirt/qemu-kvm on Fedora32, guest OS is CentOS7.

I use ‘nat’ mode virtual networking.

root@fedora ~)# virsh net-dumpxml default
<network connections='1'>
  <name>default</name>
  <uuid>36ca4070-160a-47bf-b35e-aa7bee028ec1</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:e1:1e:c3'/>
  <ip address='192.168.122.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.254'/>
    </dhcp>
  </ip>
</network>

On host I can ssh to guest by its ip (192.168.122.230).

On guest, I can access internet, also can ssh to my host,
but failed to access samba and ftp on my host.

For example, I type ‘smbclient -L ‘192.168.122.1’‘ on guest,
host ‘tcpdump -i vnet0‘ shows:

10:03:00.267931 IP 192.168.122.230.57754 > 192.168.122.1.microsoft-ds: Flags (S), seq 1417555984, win 29200, options (mss 1460,sackOK,TS val 4294755489 ecr 0,nop,wscale 7), length 0
10:03:00.267977 IP 192.168.122.1 > 192.168.122.230: ICMP 192.168.122.1 tcp port microsoft-ds unreachable, length 68
10:03:00.273271 IP 192.168.122.230.39152 > 192.168.122.1.netbios-ssn: Flags (S), seq 2454440184, win 29200, options (mss 1460,sackOK,TS val 4294755494 ecr 0,nop,wscale 7), length 0
10:03:00.273290 IP 192.168.122.1 > 192.168.122.230: ICMP 192.168.122.1 tcp port netbios-ssn unreachable, length 68

And ‘smbclient’ eventually reports ‘* do_connect: Connection to 192.168.122.1 failed (Error NT_STATUS_CONNECTION_REFUSED)*’.

In case of ‘ftp’, it is similar to ‘samba’.

0:06:11.030486 IP 192.168.122.230.44748 > 192.168.122.1.ftp: Flags (S), seq 4205484033, win 29200, options (mss 1460,sackOK,TS val 4294946254 ecr 0,nop,wscale 7), length 0
10:06:11.030539 IP 192.168.122.1 > 192.168.122.230: ICMP 192.168.122.1 tcp port ftp unreachable, length 68

I am sure on guest, firewall is turned off, and I can samba to host from other machine in lan.

I checked host ‘iptables -L -nv ‘ and ‘iptables -L -nv -t nat’, no packet got ‘REJECT’ed or ‘DROP’ed.

They look like this:

# iptables -L -nv 
Chain INPUT (policy ACCEPT 56760 packets, 31M bytes)
 pkts bytes target     prot opt in     out     source               destination         
68394   45M LIBVIRT_INP  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
19326   23M LIBVIRT_FWX  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
19326   23M LIBVIRT_FWI  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 9344 1092K LIBVIRT_FWO  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 19706 packets, 2824K bytes)
 pkts bytes target     prot opt in     out     source               destination         
28243 3880K LIBVIRT_OUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain LIBVIRT_FWI (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 9982   22M ACCEPT     all  --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 REJECT     all  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWO (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 9344 1092K ACCEPT     all  --  virbr0 *       192.168.122.0/24     0.0.0.0/0           
    0     0 REJECT     all  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWX (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0           

Chain LIBVIRT_INP (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  102  6959 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    9  3028 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain LIBVIRT_OUT (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    9  3004 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ACCEPT     tcp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:68

and

# iptables -L -nv -t nat
Chain PREROUTING (policy ACCEPT 6314 packets, 5976K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain INPUT (policy ACCEPT 4463 packets, 5827K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 546 packets, 73524 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 526 packets, 69524 bytes)
 pkts bytes target     prot opt in     out     source               destination
 1910  218K LIBVIRT_PRT  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain LIBVIRT_PRT (1 references)
 pkts bytes target     prot opt in     out     source               destination
   13  1359 RETURN     all  --  *      *       192.168.122.0/24     224.0.0.0/24
    0     0 RETURN     all  --  *      *       192.168.122.0/24     255.255.255.255
   87  4628 MASQUERADE  tcp  --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
  192 19180 MASQUERADE  udp  --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
    0     0 MASQUERADE  all  --  *      *       192.168.122.0/24    !192.168.122.0/24

Am I missing something? What could be the cause?
Thanks.

{Host IT Smart} Get up to Extra 30% Rebate on E-Commerce Hosting – Hosting, VPN, Proxies

Thinking to begin your web store?

Sign up with the E-commerce hosting plan of Host IT Smart. We provide you the Cheap web hosting for an e-commerce store. We offer 24/7 support from expert sources in the field ensuring a fully backed up, end-to-end system.

We understand that E-commerce hosting never runs down. It naturally expects a lot of traffic and can have a tendency to slow down and lose functionality. But hosting E-Commerce on Host IT Smart offers the user a 24/7 server and support availability.

Below are the pricing of Ecommerce plans

Starter Plan: Starting @ $1.50/mo

  • Unlimited Webspace (SSD)
  • Unlimited Bandwidth
  • FREE SSL Certificate
  • 1 Website
  • Unlimited E-Mail IDs
  • 1 Subdomain
  • 2 MYSQL Space
  • 1 Park Domain
  • 1 FTP Accounts

Performance plan: Starting @ $2.50/mo

  • Unlimited Webspace (SSD)
  • Unlimited Bandwidth
  • FREE SSL Certificate
  • 10 Websites
  • Unlimited E-Mail IDs
  • 10 Subdomains
  • 10 MYSQL Space
  • 5 Park Domain
  • 10 FTP Accounts

Business Plan: Starting @ $5.00/mo

  • Unlimited Webspace (SSD)
  • Unlimited Bandwidth
  • FREE SSL Certificate
  • Unlimited Websites
  • Unlimited E-Mail IDs
  • Unlimited Subdomains
  • Unlimited Database
  • Unlimited Park Domains
  • Unlimited FTP Accounts

 
Features with Host IT Smart to enjoy:

  • 99.99% Uptime Guarantee
  • Regular Scanning
  • Availability of softaculous
  • Free Automated Backup
  • Unlimited Storage
  • Unlimited websites
  • Unlimited Email

Buy Now: https://global.hostitsmart.com/hosting/ecommerce-hosting
 
Our Support Team is consistently prepared to help you in any circumstance and anytime which encourages you to tackle any issue in the quickest manner. We additionally furnish Instant talk administration to interface with you effectively whenever.

For Immediate Assistance or for information, contact us: info@hostitsmart.com or visit our website for live chat.
 

linux – Bash script to mirror XWindow to remote SSH host

The source code within this question aims to provide a short-cut for mirroring a local XWindow (or session) to a remote host via SSH port forwarding, eg…

x11vnc-push-xwindow --id=none raspberrypi

The ReadMe file contains more detailed instructions for setup, but the TLDR is…

mkdir -vp ~/git/hub/rpi-curious
cd ~/git/hub/rpi-curious

git clone --recurse-submodules git@github.com:rpi-curious/x11vnc-push-xwindow.git
cd x11vnc-push-xwindow
ln -s "${PWD}/x11vnc-push-xwindow" "${HOME}/bin/"
x11vnc-push-xwindow raspberrypi
## Select a XWindow, or use `--id=none` to mirror entire session
# x11vnc-push-xwindow --id=none raspberrypi
q
# Ctrl^c

I wrote this project because it helps my own posture to look up at my remote device’s screen, and currently everything seems to function as intended, but as always there’s room for improvement.

Questions

  • Are there any obvious mistakes?

  • Any features that are both missing and necessary?

  • Is there a better way to fully terminate the connection when q is pressed? Currently this is a two-step process of pressing q then Ctrlc to quit and then terminate the connection.


Source Code

Note, source code for this question is maintained on GitHub at rpi-curious/x11vnc-push-xwindow, what is included here are the scripts and shared functions required to test/review without need of any Git fanciness.

x11vnc-push-xwindow

#!/usr/bin/env bash


## Find true directory script resides in, true name, and true path
__SOURCE__="${BASH_SOURCE(0)}"
while (( -h "${__SOURCE__}" )); do
    __SOURCE__="$(find "${__SOURCE__}" -type l -ls | sed -n 's@^.* -> (.*)@1@p')"
done
__DIR__="$(cd -P "$(dirname "${__SOURCE__}")" && pwd)"
__NAME__="${__SOURCE__##*/}"
__AUTHOR__='S0AndS0'
__DESCRIPTION__='Pushes/mirrors selected XWindow to remote via SSH port forwarding'


## Source module code within this script
source "${__DIR__}/shared_functions/modules/argument-parser/argument-parser.sh"
source "${__DIR__}/shared_functions/modules/trap-failure/failure.sh"


trap 'failure "LINENO" "BASH_LINENO" "${BASH_COMMAND}" "${?}"' ERR


__license__(){
    local _date_year="$(date +'%Y')"
    cat <<EOF
${__DESCRIPTION__}
Copyright (C) ${_date_year:-2020} ${__AUTHOR__:-S0AndS0}

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.
EOF
}


usage() {
    local _message="${1}"
    cat <<EOF
${__DESCRIPTION__}


## Augments ${__NAME__%.*} responds to


--help | -h

    Prints this message and exits


--x11vnc-listen-port="${_x11vnc_listen_port}"

    Default '5900', port that x11vnc will serve XWindow session on 'localhost' for this device.

    Note, if listen port is already in use then session will be reused, otherwise a new session will be initialized.


--vnc-viewer-port="${_vnc_viewer_port}"

    Default '5900', port that remote host will connect to on their relative 'localhost' to view forwarded XWindow session.

    Note, if 'xscreensaver' is detected on remote host, then it will be disabled until x11vnc session is terminated


--vnc-viewer-name="${_vnc_viewer_name}"

    Default 'vncviewer', executable name of VNC Viewer.

    Note, if troubles are had when using a VNC Viewer other than 'vncviewer', please try 'vncviewer' before opening a new Issue.


--id="${_id}"

    Default 'pick', XWindow ID to forward to remote host.

    Note, if set to 'none' then entire XWindow session will be forwarded.


${_target_host:-<target-host>}

    Required, remote SSH host that XWindow session will be forwarded to.


## Example


${__NAME__} raspberrypi
EOF

    (( "${#_message}" -gt '0' )) && {
        printf >&2 'n## Error: %sn' "${_message}"
    }
}


## Defaults
_target_host=''
_x11vnc_listen_port='5900'
_vnc_viewer_port='5900'
_id='pick'
_vnc_viewer_name='vncviewer'


## Save passed arguments and acceptable arguments to Bash arrays
_passed_args=("${@:?No arguments provided}")
_acceptable_args=(
    '--help|-h:bool'
    '--x11vnc-listen-port:alpha_numeric'
    '--vnc-viewer-port:alpha_numeric'
    '--id:alpha_numeric'
    '--target-host:path-nil'
)


## Pass arrays by reference/name to the `argument_parser` function
argument_parser '_passed_args' '_acceptable_args'
_exit_status="$?"


## Print documentation for the script and exit, or allow further execution
((_help)) || ((_exit_status)) && {
    usage
    exit "${_exit_status:-0}"
}

(("${#_target_host}")) || {
    usage 'Missing target host parameter'
    exit 1
}


## Note, '-shared' with '-forever' and '-threads' or '-once' may be wanted
##  in addition to the following options
_x11vnc_server_opts=(
    '-quiet'
    '-noshared'
    '-viewonly'
    '-noremote'
    '-nobell'
    '-nosel'
    '-noprimary'
    '-nosetprimary'
    '-noclipboard'
    '-nosetclipboard"https://codereview.stackexchange.com/#"-disablefiletransfer'  ## Un-comment for older versions
    '-cursor' 'most'
    '-noipv6'
    '-allow' '127.0.0.1'
    '-autoport' "${_x11vnc_listen_port}"
    '-listen' '127.0.0.1'
    '-nopw'
    '-nossl'
    '-bg'
)

(( "${_id}" =~ 'none' )) || {
  _x11vnc_server_opts+=(
    '-id' "${_id}"
  )
}


_vnc_viewer_opts=(
    '-viewonly'
    '-fullscreen'
    "localhost::${_vnc_viewer_port}"
)


grep -q -- "${_x11vnc_listen_port}" <<<"$(netstat -plantu 2>/dev/null)" || {
    printf '# Running: x11vnc %sn' "${_x11vnc_server_opts(*)}"
    x11vnc ${_x11vnc_server_opts(@)}
}


initialize_connection() {
    ssh -R localhost:${_vnc_viewer_port}:localhost:${_x11vnc_listen_port} "${_target_host}" <<EOF
    reinitalize_xscreensaver(){
        echo 'Resuming: xscreensaver'
        DISPLAY=:0 xscreensaver -no-splash 2>&1 >/dev/null &
        sleep 3
        DISPLAY=:0 xscreensaver-command -activate
    }


    initalize_viewer(){
        _xscreensaver_time="$(DISPLAY=:0 xscreensaver-command -time 2>&1)"
    (( "${_xscreensaver_time}" =~ 'no screensaver is running' )) || {
            trap 'reinitalize_xscreensaver' RETURN SIGINT SIGTERM EXIT
            echo 'Halting: xscreensaver'
            DISPLAY=:0 xscreensaver-command -deactivate
            DISPLAY=:0 xscreensaver-command -exit
        }

        printf 'Starting: $(which ${_vnc_viewer_name}) %sn' "${_vnc_viewer_opts(*)}"
    DISPLAY=:0 $(which ${_vnc_viewer_name}) ${_vnc_viewer_opts(@)}
        return "${?}"
    }

    initalize_viewer
EOF
}


initialize_connection &
_connection_pid="$!"

printf 'Press %s to quit...n' "q"
while read -n1 -r _input; do
    case "${_input,,}" in
        q)
            printf 'Killing PID %in' "${_connection_pid}"
            kill "${_connection_pid}"
            sleep 2
            printf 'Please use Ctrl^c to exit!'
        ;;
    esac

    sleep 1
done

shared_functions/modules/argument-parser/argument-parser.sh

#!/usr/bin/env bash


# argument-parser.sh, source it in other Bash scripts for argument parsing
# Copyright (C) 2019  S0AndS0
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation; version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.


shopt -s extglob


_TRUE='1'
_DEFAULT_ACCEPTABLE_ARG_LIST=('--help|-h:bool' '--foo|-f:print' '--path:path-nil')


arg_scrubber_alpha_numeric(){ printf '%s' "${@//(^a-z0-9A-Z)/}"; }


arg_scrubber_regex(){ printf '%s' "$(sed 's@.@\.@g' <<<"${@//(^(:print:)$'t'$'n')/}")"; }


arg_scrubber_list(){
    printf '%s' "$(sed 's@..*@.@g; s@--*@-@g' <<<"${@//(^a-z0-9A-Z,+_./@:-)/}")"
}


arg_scrubber_path(){
    printf '%s' "$(sed 's@..*@.@g; s@--*@-@g' <<<"${@//(^a-z0-9A-Z ~+_./@:-)/}")"
}


arg_scrubber_posix(){
    _value="${@//(^a-z0-9A-Z_.-)/}"
    _value="$(sed 's@^(-_.)@@g; s@(-_.)$@@g; s@..*@.@g; s@--*@-@g' <<<"${_value}")"
    printf '%s' "${_value::32}"
}


return_scrubbed_arg(){
    _raw_value="${1}"
    _opt_type="${2:?## Error - no option type provided to return_scrubbed_arg}"
    case "${_opt_type}" in
        'bool'*)  _value="${_TRUE}"      ;;
        'raw'*)   _value="${_raw_value}" ;;
        'path'*)  _value="$(arg_scrubber_path "${_raw_value}")"  ;;
        'posix'*) _value="$(arg_scrubber_posix "${_raw_value}")" ;;
        'print'*) _value="${_raw_value//(^(:print:))/}"          ;;
        'regex'*) _value="$(arg_scrubber_regex "${_raw_value}")" ;;
        'list'*)  _value="$(arg_scrubber_list "${_raw_value}")"  ;;
        'alpha_numeric'*) _value="$(arg_scrubber_alpha_numeric "${_raw_value}")" ;;
    esac

    if (( "${_opt_type}" =~ ^'bool'* )) || (( "${_raw_value}" == "${_value}" )); then
        printf '%s' "${_value}"
    else
        printf '## Error - return_scrubbed_arg detected differences in valuesn' >&2
        return 1
    fi
}


argument_parser(){
    local -n _arg_user_ref="${1:?# No reference to an argument list/array provided}"
    local -n _arg_accept_ref="${2:-_DEFAULT_ACCEPTABLE_ARG_LIST}"
    _args_user_list=("${_arg_user_ref(@)}")
    unset _assigned_args
    for _acceptable_args in ${_arg_accept_ref(@)}; do
        ## Take a break when user supplied argument list becomes empty
        (( "${#_args_user_list(@)}" == '0' )) && break
        ## First in listed acceptable arg is used as variable name to save value to
        ##  example, '--foo-bar fizz' would transmute into '_foo_bar=fizz'
        _opt_name="${_acceptable_args%%(:|)*}"
        _var_name="${_opt_name#*(-)}"
        _var_name="${_var_name#*(-)}"
        _var_name="_${_var_name//-/_}"
        ## Divine the type of argument allowed for this iteration of acceptable args
        case "${_acceptable_args}" in
            *':'*) _opt_type="${_acceptable_args##*(:)}" ;;
            *)     _opt_type="bool"                      ;;
        esac
        ## Set case expressions to match user arguments against and for non-bool type
        ##  what alternative case expression to match on.
        ##  example '--foo|-f' will also check for '--foo=*|-f=*'
        _arg_opt_list="${_acceptable_args%%:*}"
        _valid_opts_pattern="@(${_arg_opt_list})"
        case "${_arg_opt_list}" in
            *'|'*) _valid_opts_pattern_alt="@(${_arg_opt_list//|/=*|}=*)" ;;
            *)     _valid_opts_pattern_alt="@(${_arg_opt_list}=*)"        ;;
        esac
        ## Attempt to match up user supplied arguments with those that are valid
        for (( i = 0; i < "${#_args_user_list(@)}"; i++ )); do
            _user_opt="${_args_user_list(${i})}"
            case "${_user_opt}" in
                ${_valid_opts_pattern})     ## Parse for script-name --foo bar or --true
                    if (( "${_opt_type}" =~ ^'bool'* )); then
                        _var_value="$(return_scrubbed_arg "${_user_opt}" "${_opt_type}")"
                        _exit_status="${?}"
                    else
                        i+=1
                        _var_value="$(return_scrubbed_arg "${_args_user_list(${i})}" "${_opt_type}")"
                        _exit_status="${?}"
                        unset _args_user_list($(( i - 1 )))
                    fi
                ;;
                ${_valid_opts_pattern_alt}) ## Parse for script-name --foo=bar
                    _var_value="$(return_scrubbed_arg "${_user_opt#*=}" "${_opt_type}")"
                    _exit_status="${?}"
                ;;
                *)                          ## Parse for script-name direct_value
                    case "${_opt_type}" in
                        *'nil'|*'none')
                            _var_value="$(return_scrubbed_arg "${_user_opt}" "${_opt_type}")"
                            _exit_status="${?}"
                        ;;
                    esac
                ;;
            esac
            if ((_exit_status)); then return ${_exit_status}; fi
            ## Break on matched options after clearing temp variables and re-assigning
            ##  list (array) of user supplied arguments.
            ## Note, re-assigning is to ensure the next looping indexes correctly
            ##  and is designed to require less work on each iteration
            if ( -n "${_var_value}" ); then
                declare -g "${_var_name}=${_var_value}"
                declare -ag "_assigned_args+=('${_opt_name}="${_var_value}"')"
                unset _user_opt
                unset _var_value
                unset _args_user_list(${i})
                unset _exit_status
                _args_user_list=("${_args_user_list(@)}")
                break
            fi
        done
        unset _opt_type
        unset _opt_name
        unset _var_name
    done
}

Note, the source code for argument-parser.sh is a Git Submodule maintained on GitHub at bash-utilities/argument-parser, and can be cloned individually via…

mkdir -vp ~/git/hub/bash-utilities
cd ~/git/hub/bash-utilities

git clone git@github.com:bash-utilities/argument-parser.git

shared_functions/modules/trap-failure/failure.sh

#!/usr/bin/env bash


# Bash Trap Failure, a submodule for other Bash scripts tracked by Git
# Copyright (C) 2019  S0AndS0
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation; version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.


## Outputs Front-Mater formatted failures for functions not returning 0
## Use the following line after sourcing this file to set failure trap
##    trap 'failure "LINENO" "BASH_LINENO" "${BASH_COMMAND}" "${?}"' ERR
failure(){
    local -n _lineno="${1:-LINENO}"
    local -n _bash_lineno="${2:-BASH_LINENO}"
    local _last_command="${3:-${BASH_COMMAND}}"
    local _code="${4:-0}"

    ## Workaround for read EOF combo tripping traps
    ((_code)) || {
      return "${_code}"
    }

    local _last_command_height="$(wc -l <<<"${_last_command}")"

    local -a _output_array=()
    _output_array+=(
        '---'
        "lines_history: (${_lineno} ${_bash_lineno(*)})"
        "function_trace: (${FUNCNAME(*)})"
        "exit_code: ${_code}"
    )

    (( "${#BASH_SOURCE(@)}" -gt '1' )) && {
        _output_array+=('source_trace:')
        for _item in "${BASH_SOURCE(@)}"; do
            _output_array+=("  - ${_item}")
        done
    } || {
        _output_array+=("source_trace: (${BASH_SOURCE(*)})")
    }

    (( "${_last_command_height}" -gt '1' )) && {
        _output_array+=(
            'last_command: ->'
            "${_last_command}"
        )
    } || {
        _output_array+=("last_command: ${_last_command}")
    }

    _output_array+=('---')
    printf '%sn' "${_output_array(@)}" >&2
    exit ${_code}
}

Note, the source code for failure.sh is a Git Submodule maintained on GitHub at bash-utilities/trap-failure, and can be cloned individually via…

mkdir -vp ~/git/hub/bash-utilities
cd ~/git/hub/bash-utilities

git clone git@github.com:bash-utilities/trap-failure.git

.host domain | Web Hosting Talk

.host domain | Web Hosting Talk


‘);
var sidebar_align = ‘right’;
var content_container_margin = parseInt(‘350px’);
var sidebar_width = parseInt(‘330px’);
//–>









  1. .host domain


    You also have registered your hosting commercial names on the .host domain? Do you use it? I think I would start using it for a project, .com is completely nothing.













Similar Threads


  1. Replies: 3


    Last Post: 08-13-2002, 12:27 AM


  2. Replies: 3


    Last Post: 07-24-2002, 06:19 PM


  3. Replies: 0


    Last Post: 02-13-2002, 03:38 PM


  4. Replies: 3


    Last Post: 08-30-2001, 03:19 PM

Tags for this Thread



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  








google search console – How to host sitemaps on an internal system efficiently?

I am currently hosting my sitemaps for my site on an external system (google.storageapis) and have uploaded them to Google. It seems that by hosting it on an external system, the Google Search Console is not able to properly get the data and is messing up the stats on my Google Search Console. According to the Google Rep I was talking to, he said that because the sitemaps are hosted on an external system, that Google Search Console is not properly able to get and display the data. He suggested I host them on my internal system (my site). The problem is that I have over 200 sitemap xml files with each of them being around 9MB. That would mean if I kept them on my internal war file, that it would balloon to over 2GB and every time I need to re-publish the war file after making changes it would take a very long time.

Is it possible to initially upload the sitemaps on my war file and then every time I re-publish, for the upload to ignore the sitemap folder and only upload the main folders?

Or are there any other suggestions that would be possible?

Any input is must appreciated!

Thank you!

networking – Converted to firewalld and Now “No route to host” Error Between Subnets in a Zone

I have a router running Debian 10 that I have been using for years. Yesterday I decided to convert from iptables to firewalld because I needed to beef up my security and support some new networks in the future. But for now I’m keeping things simple.

The good news is that I’m able to route traffic from devices on my home zone to the internet, which is 90% of the router’s job. The bad news is that now I’m getting no route to host errors when I try to cross subnets within my home zone. This didn’t use to be the case so I think it has something to do with firewalld.

Here’s an example of me trying to ssh into a computer on the 10.0.0.0 network from one on the 10.0.1.0 network:

$ ssh foo@libreelec
ssh: connect to host libreelec port 22: No route to host

However, I can definitely route to it using ping:

$ ping libreelec
PING libreelec (10.0.0.29) 56(84) bytes of data.
64 bytes from LibreELEC (10.0.0.29): icmp_seq=1 ttl=63 time=5.05 ms
...

Here’s how firewalld is setup on my router:

Zones:
--> home
----> eth1 (10.0.1.0/24)
----> wlan0 (10.0.0.0/24)
--> public
----> eth0 (73.xxx.77.xxx/23) / Interface to my modem

Here’s what my home zone config looks like:

home (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlan0 eth1
  sources:
  services: ssh mdns samba-client dhcpv6-client dhcp dns
  ports: 9000/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

…and here’s my routing table (which hasn’t changed):

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         73.246.76.1     0.0.0.0         UG    202    0        0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 wlan0
10.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth1
73.xxx.76.0     0.0.0.0         255.255.254.0   U     202    0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     204    0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     305    0        0 wlan0

Is this a common issue when people switch to firewalld? Is there anything I can do at a router level that unblocks this route between the two subnets in the home zone?

Need to find a free host with mysql 5.7 or better for a script I need to run


I am having trouble running my script on existing paid provider bc they dont support my sql above 5.6 and my script required at least 5.7. I have been trying to search a new provider to test but haven’t been able to find one supporting above 5.6. Do you guys have any suggestions?

———

Steven S.

Online Enterupner

Host that keep files for long time

Hi, as the title says, i’m looking for a file host that keeps files for a long time (or forever!) without deletion even without getting downloads.

gounlimited.to | Lifetime file storing, no deletion due to inactivity – Clean Ads – 24Hrs Payouts – Oldest video host since 2016 | NewProxyLists

About

The GO Unlimited service, which may be known by the name of many of you, is one of the oldest services specialized in the field of video hosting. The goal of the service has always been to ensure the provision of a secure and stable platform for its long-term partners, in addition to providing features and characteristics commensurate with their aspirations and of course renewed development in order to ensure keeping pace with industry requirements.

GO Unlimited, 2020

In the year 2020, we seek to transfer the service from the field of traditional video hosting to integrated solutions in this field, by providing advanced tools, some of which were not previously proposed or used in this field, in order to keep pace with the development contained in this industry and its requirements.

————————————————————–

Our Goal

Our primary goal is to ensure the long-term stability of the platform and the stability of the services the tools it provides to its partners. We work in GO Unlimited on the basis of long-term plans and not short so as to ensure the opportunity to work for many years and successfully meets the aspirations and aspirations of our partners.

Our work since 2016 and our accomplishments are evidence of this goal that we seek. We will always continue to work on this goal.​

If you have any suggestions, or inquiries, we will always be glad to hear.

New Id Host – Cheap Reliable Host , +7 years in business, Dedicated Server Sale! 10% OFF


New Id Host – Cheap Reliable Host , +7 years in business, Dedicated server Sale! 10% OFF

New ID Host is known for offering cheap but Reliable hosting solutions for +7 years – Cheap Dedicated Server Starting $154.99 . we are now offering Cheap High end Server- $995.99/mo , back up servers and more server services!

Whether you are looking for cheap but reliable host that include cPanel , vps or dedicated server, New ID Host is your host you have been looking for. We have been operating more than 7 years and we will always grow our customer base each years. So , sign up to day!
Website : newidhost.com

Email support : care @newidhost.com

Our Strength:

  • Stable and profitable hosting company
  • We have been serving our clients world wide for +7 years
  • Quality Assurance
  • Our servers come with a number of Windows and Linux based Operating systems, either free or at great low price
  • Our DDOS protected servers you will have the greatest protection and enjoying the safety of our firewall.

Save Money

Pay for a year with coupon code : getgooddeal to get 10% saving !

Our Package:

Standard Server

  • 8GB RAM Memory
  • 500GB Hard Drive
  • 20TB/Month (1Gbit Port) Bandwidth
  • 5 Usable IPv4
  • Starting $154.99/mo or pay yearly and save 10%!

More Info | Order Now

Growth Server

  • 16GB DDR2 RAM Memory
  • 1TB Hard Drive
  • 1Gbit Port (20TB/Month)
  • 5 Usable IPv4
  • Starting $254.99/mo or pay yearly and save 10% !

Order Now

Scale Server

  • 24GB DDR3 RAM Memory
  • 2TB Hard Drive
  • 20TB/Month (1Gbit Port) Bandwidth
  • 5 Usable IPv4
  • Starting $554.99/mo or pay yearly and save 10%!

Order Now

Platinum Server 1

  • 128GB DDR3 RAM Memory
  • 480GB SSD Hard Drive
  • 1Gbit Port (20TB/Month)
  • 5 Usable IPv4
  • Starting $1000 or pay yearly and save 10% !

Order Now

Platinum Server 2

  • 192GB DDR3 RAM Memory
  • 2TB SSD Hard Drive
  • 1Gbit Port (20TB/Month)
  • 5 Usable IPv4
  • Starting $1999.99/mo or pay yearly and save 10% !

Order Now

We also offer :
Windows dedicated server
cPanel Dedicated Server
Managed Dedicated Server
100TB Dedicated Server
Unmetered dedicated server

We also have other offers as well , such as backup server, VPS , you can order it at www.newidhost.com

Should you have any questions, Need to deploy server package?email us : care@newidhost.com

We’d love to hear from you.(/QUOTE)

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123