> apk add qemu-guest-agent ERROR: unable to select packages: qemu-guest-agent (no such package): required by: world[qemu-guest-agent] Only way: Change Alpine repositores.
# https://wiki.alpinelinux.org/wiki/Repositories > setup-apkrepos -cf or
http://alpine.ccns.ncku.edu.tw/alpine/v3.20/main
#http://dl-cdn.alpinelinux.org/alpine/v3.20/community
http://alpine.cs.nycu.edu.tw/v3.20/main
http://alpine.cs.nycu.edu.tw/v3.20/community
[轉]How to prepare Alpine Linux image with Cloud-Init ready for Proxmox
https://5wire.co.uk/how-to-prepare-alpine-linux-image-with-cloud-init-ready-for-proxmox/
[轉]Enable cloud-init for a Alpine VM on proxmox
https://gist.github.com/longtian/499261f4c68f0fb40b481bb1e74aa8ca
Create /etc/systemd/system/wstunnel.service
[Unit] Description=Wstunnel Server Service After=network.target [Service] Type=simple Restart=on-failure RestartSec=5s LimitNOFILE=1048576 ExecStart=/usr/bin/wstunnel server wss://[::]:1234 -r aabbccddeeff [Install] WantedBy=multi-user.target systemctl daemon-reload systemctl enable wstunnel.service systemctl start wstunnel.service systemctl status wstunnel.service
https://blog.cyberfront.org/index.php/2021/10/27/debian-fail2ban/
https://gist.github.com/dasgoll/5c7c02f363e7aeaff2837d650d985cc7
EX: *.ccdd.com
openssl req -subj "/C=cd/CN=*.ccdd.com" -x509 -nodes -days 365 -newkey rsa:2048 -keyout ccdd-wildcard-selfsigned.key -out ccdd-wildcard-selfsigned.crt # /etc/fail2ban/jail.local [DEFAULT] default_backend = systemd logtarget = SYSTEMD-JOURNAL # /etc/fail2ban/jail.d/named.conf [named-refused-tcp] backend = systemd How to check
journalctl -r less /var/log/fail2ban.log fail2ban-client status or fail2ban-client status sshd or fail2ban-client status ooxxooxx
https://github.com/anderspitman/awesome-tunneling
https://wiki.gbe0.com/en/linux/firewalling-and-filtering/nftables/template-inbound-outbound
#!/usr/sbin/nft -f
## Clear/flush all existing rules
flush ruleset
# Main inet family filtering table
table inet filter {
# Rules for forwarded traffic
chain forward {
type filter hook forward priority 0; policy drop
## Log any unmatched traffic but rate limit logging to a maximum of 60 messages/minute
## The default policy will be applied to unmatched traffic
limit rate 60/minute burst 100 packets \
log prefix "Forward - Drop: " \
comment "Log any unmatched traffic"
## Count the unmatched traffic
counter \
comment "Count any unmatched traffic"
}
# Rules for input traffic
chain input {
type filter hook input priority 0; policy drop
## Permit inbound traffic to loopback interface
iif lo \
accept \
comment "Permit all traffic in from loopback interface"
## Permit established and related connections
ct state established,related \
counter \
accept \
comment "Permit established/related connections"
## Log and drop new TCP non-SYN packets
tcp flags !