Recent content by CRCinAU

Thanks. And yes, for the sake of anyone coming across this later on and skim reading, DO NOT do this unless there is a functional access restriction that limits the world from using your system - or it'll make you an open relay to everyone and be a massive abusive target.

Had a chance to take a look at this today. I've done modifications to templates before, so not a huge learning curve here - but on the postfix config side, if I'm understanding it right, I just have to add `-o mynetworks=0.0.0.0/0` to the section for pmg.mail.int_port (which is port 26 in my...

Hi all, So I have a mate that I'm relaying email via my PMG instance. He's on a dynamic IP - which due to DNS updates works fine for sending mail TO his mail server, but having mail sent via PMG port 26 becomes difficult because I can't add a dynamic IP to the list of trusted networks. Given I...

Ahhh gotcha. Ok, i'll remove the fstab entry for /boot/efi and see how that goes.

Thanks for the tip - I did manage to find a missing security group on one of the VMs I imported from elsewhere. From looking at the firewall on each VM, the UI didn't indicate in anyway that the security group was missing. It was the only problem I managed to locate. I seem to remember that...

@shanreich - I have noticed an issue with the nftables firewall where this rule seems to be repeated thousands of times: meta protocol != arp ct state vmap { invalid : jump invalid-conntrack, established : accept, related : accept } Some logging shows that there might be a problem here with...

*nudge*

I've just been playing with my newly installed PVE 9.0.6 install - and when implementing BGP on the host using FRR, I noticed that if I shut down all VMs on the host, then the bridges will end up in the `state DOWN` state when viewing the output of `ip addr`. I managed to find a bit of a...

Since removing grub and using systemd-bootd via proxmox-boot-tool, now updates via apt show: root@mel-dc:~# apt dist-upgrade Summary: Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 1 not fully installed or removed. Space needed: 0 B / 39.4 GB available Continue? [Y/n] y...

Interestingly, I left the firewall rules as they were and then enabled nftables - and all the created rules were there as expected. I added a macro rule, and saw its output just fine. It was almost instant. Interestingly, when I wrote this post, I had waited several minutes for the rule to...

Hi all, I've just done a fresh install of PVE 9.0.6, and noticed that when I add macro rules to a guests firewall - such as the HTTP / HTTPS macros, I can't seem to locate any rule that is created in the nftables firewall. I'm checking with `nft list ruleset` - and the guest chain doesn't seem...

https://bugzilla.proxmox.com/

Fixed in 4.0.11-4.

Hmmm - I still see this with 4.0.11.. The journal logs for the entire login to logged out are: Aug 07 06:56:55 pbs unix_chkpwd[829]: password check failed for user (root) Aug 07 06:56:55 pbs proxmox-backup-api[615]: pam_unix(proxmox-backup-auth:auth): authentication failure; logname= uid=0...

It occurs in 4.0.10 - even after reboots etc. I can't see a 4.0.11 anywhere at the moment. Also, I can login ok, but normally get logged out again quickly. The journal seems to show the auth failures, and the login session will be invalidated within a couple of page loads.