> apk add qemu-guest-agent ERROR: unable to select packages: qemu-guest-agent (no such package): required by: world[qemu-guest-agent] Only way: Change Alpine repositores.
# https://wiki.alpinelinux.org/wiki/Repositories > setup-apkrepos -cf or
http://alpine.ccns.ncku.edu.tw/alpine/v3.20/main
#http://dl-cdn.alpinelinux.org/alpine/v3.20/community
http://alpine.cs.nycu.edu.tw/v3.20/main
http://alpine.cs.nycu.edu.tw/v3.20/community
[轉]How to prepare Alpine Linux image with Cloud-Init ready for Proxmox
https://5wire.co.uk/how-to-prepare-alpine-linux-image-with-cloud-init-ready-for-proxmox/
[轉]Enable cloud-init for a Alpine VM on proxmox
https://gist.github.com/longtian/499261f4c68f0fb40b481bb1e74aa8ca
https://blog.cyberfront.org/index.php/2021/10/27/debian-fail2ban/
https://wiki.gbe0.com/en/linux/firewalling-and-filtering/nftables/template-inbound-outbound
#!/usr/sbin/nft -f
## Clear/flush all existing rules
flush ruleset
# Main inet family filtering table
table inet filter {
# Rules for forwarded traffic
chain forward {
type filter hook forward priority 0; policy drop
## Log any unmatched traffic but rate limit logging to a maximum of 60 messages/minute
## The default policy will be applied to unmatched traffic
limit rate 60/minute burst 100 packets \
log prefix "Forward - Drop: " \
comment "Log any unmatched traffic"
## Count the unmatched traffic
counter \
comment "Count any unmatched traffic"
}
# Rules for input traffic
chain input {
type filter hook input priority 0; policy drop
## Permit inbound traffic to loopback interface
iif lo \
accept \
comment "Permit all traffic in from loopback interface"
## Permit established and related connections
ct state established,related \
counter \
accept \
comment "Permit established/related connections"
## Log and drop new TCP non-SYN packets
tcp flags !
1. aws https://www.fortinet.com/content/dam/fortinet/assets/solutions/aws/FortiGate-AWS-Engineering-Reference-Document-Q4-2015.pdf 2. https://geekdudes.wordpress.com/2018/07/18/install-fortigate-amazon-ec2-instance/ 3. https://geekdudes.wordpress.com/2018/08/19/creating-static-route-in-aws-ec2-fortigate-instance/ Many documents forget SG(security group) 1. FortiGate VM SG need Inbound rules:
All traffic All All 10.0.0.0/16
2. Private VM SG need Inbound rules:
All traffic All All 10.0.0.0/16
Setting finish.
First fortigate cmd:
execute ping Private VM private ip. Need success.
Second in private vm cmd:
ping FortiGate Lan ip. Need success. Don’t forgate Check “Ping” option.
ping 10.0.1.1. Need success.
Now ping 8.
Help use docker geth for geth attach and watch log. Geth Command line path need to change for yourself env.
#!/bin/sh IFS=$'\n' echo $1 echo $2 case $2 in attach) docker exec -it $(docker ps -a --no-trunc | grep $1 | awk '{print $1}') geth attach --datadir=/root/.ethereum/devchain ;; log) docker exec -it $(docker ps -a --no-trunc | grep $1 | awk '{print $1}') tail -n 30 -f /root/geth.log ;; sh) docker exec -it $(docker ps -a --no-trunc | grep $1 | awk '{print $1}') sh ;; bash) docker exec -it $(docker ps -a --no-trunc | grep $1 | awk '{print $1}') bash ;; *) echo "command parms1: docker container name" echo "command parms2: attach (geth attach) or log (tail -n 30 -f) or sh or bash" esac
https://blog.kkbruce.net/2020/01/linux-windows-container-add-cert.html?fbclid=IwAR0d_LhzAYwatOZ-Ibl4mK7Ne-iAViwKT_UWcj0Wg52YlHTKzSFNDWcp-Hk#more
ubuntu
/usr/local/share/ca-certificates update-ca-certificates windows
Import-Certificate -FilePath ooxx -CertStoreLocation ooxx
