Close

Free DNS providers

Google 8.8.8.8: Private and unfiltered. Most popular option.
CloudFlare 1.1.1.1: Private and unfiltered. New player.
Quad9 9.9.9.9: Private and security aware. New player that blocks access to malicious domains.
OpenDNS 208.67.222.222: Old player that blocks malicious domains and offers the option to block adult content.
Norton DNS 199.85.126.20: Old player that blocks malicious domains and is integrated with their Antivirus.
CleanBrowsing 185.228.168.168: Private and security aware. New player that blocks access to adult content.
Yandex DNS 77.88.8.7: Old player that blocks malicious domains. Very popular in Russia.
Comodo DNS 8.26.56.26: Old player that blocks malicious domains.

Advertisements

Virtualizing pfSense on Proxmox (4 and 5)

Assumptions

  • Proxmox host is up and running
  • Host has at least two network interfaces available for WAN and LAN.
  • you have already upload pfSense image to the host

Basic Proxmox networking

In order to virtualize pfSense we first need to create two Linux Bridges on Proxmox, which will be used for LAN and WAN. Select your host from the server view, navigate to System > Network. We will be using eth1 and eth2 interfaces for pfSense, while eth0 is for Proxmox management.

Screen Shot 2017-06-17 at 23.19.20.png

Click on create and select Linux Bridge. Under Bridge ports enter eth1.

Screen Shot 2017-06-17 at 23.19.59.png

Repeat the process to add another Linux Bridge, this time add eth2 under Bridge ports.

Screen Shot 2017-06-17 at 23.20.13.png

Proxmox Networking should now display two Linux bridges like on the following screenshot. WARNING: Proxmox requires reboot if the interfaces are not marked Active.

Screen Shot 2017-06-17 at 23.23.59.png

Creating pfSense virtual machine

After creating WAN and LAN Linux bridges, now we proceed to create a new virtual machine. Click on Create VM from the top right section and new virtual machine wizard will appear. Under General tab, add a name to your pfSense VM.

Screen Shot 2017-06-17 at 23.28.02.png

Under OS tab select Other OS types and click next.

Screen Shot 2017-06-17 at 23.28.08.png

On CD/DVD tab select local storage and under ISO image find the previously uploaded pfSense ISO.

Screen Shot 2017-06-17 at 23.28.15.png

On the next tab, select VirtIO under Bus/Device and enter disk size you need.

Screen Shot 2017-06-17 at 23.28.31.png

On the CPU tab select a single socket and add one or more cores. Confirm CPU type is Default (kvm64).

Screen Shot 2017-06-17 at 23.28.56.png

Under Memory tab add at least 1024 MB. Use fixed size memory.

Screen Shot 2017-06-17 at 23.29.17.png

On the Network tab select Bridged mode and vmbr1. Make sure VirtIO (paravirtualized) is selected under Model.

Screen Shot 2017-06-17 at 23.29.29.png

Finally confirm the settings and wait for the VM to be created. Select your newly created virtual machine from the server view sidebar.

Screen Shot 2017-06-17 at 23.29.46.png

While the pfSense virtual machine is selected, click on Hardware settings and add another network device. Under Bridge enter vmbr2 and select VirtIO (paravirtualized) under Model.

Screen Shot 2017-06-30 at 18.23.47.png

Confirm your virtual machine has two network interfaces now.

Screen Shot 2017-06-17 at 23.30.05.png

Starting and configuring the pfSense virtual machine

After creating a new virtual machine and adding network interfaces, it’s time to start the virtual machine. If everything was done correctly, you can see pfSense booting up from the Console window

Screen Shot 2017-06-17 at 23.30.32.png

pfSense will prompt you to select boot mode, press I to launch the installer.

Screen Shot 2017-06-17 at 23.31.06.png

When pfSense setup boots up, follow the installation steps as you would on a physical device. Simply run Quick/Easy setup and wait for it to complete. When prompted, select standard kernel. Click reboot to complete the installation. Make sure you remove the .ISO from the virtual CD/DVD media.

Screen Shot 2017-06-17 at 23.41.38.png

After pfSense virtual machine reboots you will be greeted by interfaces assignment wizard. We will not set be setting up VLAN’s now, so press N and confirm

Screen Shot 2017-06-17 at 23.44.04.png

On the following steps assign the WAN and LAN interfaces. For the purpose of this guide, we have assigned vtnet0 to WAN and vtnet1 to LAN.

Screen Shot 2017-06-17 at 23.44.18.png

After interfaces have been assigned, pfSense will complete the boot.

Screen Shot 2017-06-18 at 00.01.41.png

Configuring pfSense to work with Proxmox VirtIO

After the pfSense installation and interfaces assignment is complete, connect to the assigned LAN port from another computer.

WARNING: because the hardware checksum offload is not yet disabled, accessing pfSense WebGUI might be sluggish. This is NORMAL and is fixed in the following step.

To disable hardware checksum offload, navigate under System > Advanced and select Networking tab. Under Networking Interfaces section check the Disable hardware checksum offload and click save. Reboot will be required after this step.

Screen Shot 2017-06-30 at 18.51.25.png

Congratulations, the pfSense virtual machine installation and configuration on Proxmox is now complete.

 

Source: https://doc.pfsense.org/index.php/Virtualizing_pfSense_on_Proxmox

Metasploit, How do I reset my username and password?

If you have forgotten your username and password, you can run the createuser.bat file, which is located in the Metasploit directory, to create a new account. The script takes a few minutes to run. When the script completes, it will ask you to enter a new username. After you provide a username, the script will auto-generate a new default password for the account. Use the new credentials to log in to Metasploit Pro and to change the password.

If you only have a single user license, the first thing you need to do is run the deleteuser.bat file to remove the initial account you created. After you delete the account, you can run the create.bat file to create a new account.
I know my password. How do I recover my username?

You cannot recover a username after you have forgotten it. You must create a new username and password.
I know my username. How do I reset my password?

If you need to reset the password for a user account, you will need to run the resetpw script. The resetpw script generates a random password for the user account that is currently active.
Running the reset password script on Linux

From the Linux console, enter the following command:

user@ubuntu:~? $ sudo /opt/metasploit/resetpw

When the Metasploit Password Reset screen appears, it alerts you that the password for the user account will be changed. Enter yes to continue. A new password is generated.
Copy the password and save it.

Running the reset password script on Windows

From the Start menu, choose All Programs > Metasploit > Password Reset.

When the Password Reset window appears, wait for the environment to load.
When the dialog prompts you to continue, enter yes. The system resets the password to a random value.
Copy the password and use the password the next time you log in to Metasploit Pro.
Exit the Password Reset window.

If you’re still using old release (Ubuntu < 12.04) and still want to get updates using apt-get

deb http://old-releases.ubuntu.com/ubuntu/ oneiric main
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric main
deb http://old-releases.ubuntu.com/ubuntu/ oneiric-updates main
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric-updates main
deb http://old-releases.ubuntu.com/ubuntu/ oneiric universe
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric universe
deb http://old-releases.ubuntu.com/ubuntu/ oneiric-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric-updates universe
deb http://old-releases.ubuntu.com/ubuntu oneiric-security main
deb-src http://old-releases.ubuntu.com/ubuntu oneiric-security main
deb http://old-releases.ubuntu.com/ubuntu oneiric-security universe
deb-src http://old-releases.ubuntu.com/ubuntu oneiric-security universe

Installing Veeam Agent for Microsoft Windows in Unattended Mode (Veeam Agent for Microsoft Windows 2.1)

Installation Syntax

To install Veeam Agent for Microsoft Windows in the unattended mode, use a command with the following syntax:

<path_to_exe> /silent /accepteula

where <path_to_exe> is a path to the Veeam Agent for Microsoft Windows installation file.

Veeam Agent for Microsoft Windows uses the following codes to report about the installation results:

1000 — Veeam Agent for Microsoft Windows has been successfully installed.
1001 — prerequisite components required for Veeam Agent for Microsoft Windows have been installed on the machine. Veeam Agent for Microsoft Windows has not been installed. The machine needs to be rebooted.
1002 — Veeam Agent for Microsoft Windows installation has failed.
1101 — Veeam Agent for Microsoft Windows has been installed. The machine needs to be rebooted.

Proxmox VE differential backups

Source: https://ayufan.eu/projects/proxmox-ve-differential-backups/

Proxmox VE is a complete virtualization management solution for servers. You can virtualize even the most demanding application workloads running on Linux and Windows Servers. Checkout their page: proxmox.com

Due to lack of better backup functionality I prepared patches to support differential backups in Proxmox VE. These patches are in use for over a year.

Currently supported versions are 3.4, 4.1, 4.2, 4.3, 4.4, 5.0.

What are differential backups?

According to Wikipedia:

A differential backup is a type of data backup that preserves data saving only the difference in the data since the last full backup. (…) Another advantage, at least as compared to the incremental backup method of data backup, is that at data restoration time, at most two backup media are ever needed to restore all the data. This simplifies data restores as well as increases the likelihood of shortening data restoration time.

What my patches do?

My patches extends vzdump, xdelta3 and Web-GUI support. And yes, these patches fully support OpenVZ and KVM.

System administrator can use one additional parameter in Backup Jobs (Datacenter -> Backup -> Add/Edit) the Full Backup Every:

  • By default this value is set to 0. Which simply means: use old behavior (always create full backups).
  • But if you specify value larger than 0, for example 7. It will instruct the vzdump to create full backup once a week and use differentials for the rest.

Please consider the following example:

    vzdump 101 --remove 0 --mode snapshot --compress lzo --storage local --node hvm --fullbackup 4

It will create full backup of VM101 every 4 days, compressed using lzo, stored on local storage.

How to install?

There are three files:

    c760d7481beae8dba3c62f1d95c6fbde  pve-2.2-diff-backup-addon
    42c1a0f34eca9ac23de83523db00f6c5  pve-2.3-diff-backup-addon
    1292670afa84914aac4ebda59d2a7122  pve-3.0-diff-backup-addon
    cd68c203bb1804105a3b4acd52382f6d  pve-3.1-diff-backup-addon
    67fb4d2b397759fb83066ae93cc07b78  pve-3.2-diff-backup-addon
    3e095bd0ed5744a545016018e235fa27  pve-3.3-diff-backup-addon
    350ed7844a5802ca114a6b60e0b013dc  pve-3.4-diff-backup-addon
    e33ef0b546fb16baacc4baed57af20d2  pve-3.4-14-diff-backup-addon
    1657dbc46d9f8b379896a9c0a7dffc3e  pve-4.0-diff-backup-addon
    e5701606733fb10dc117ff2b008da11b  pve-4.1-diff-backup-addon
    9fd8b3cb99283e55b00d694ce633b723  pve-4.1-22-diff-backup-addon
    300b07f7837200b9cc281aff06105991  pve-4.2-diff-backup-addon
    05c8520f87443a8902faa3b24d25735f  pve-4.2-17-diff-backup-addon
    c9fc4aeb2e42d1d78f54c8e7b007fc3d  pve-4.3-diff-backup-addon
    3991a5773e1d85503513889eaf04910c  pve-4.4-diff-backup-addon
    6646d0bc79a70beeca482dcf5354d021  pve-4.4-13-diff-backup-addon
    cc07c340b4dbfcf00e9d216a2f8f8466  pve-5.0-diff-backup-addon

The installation procedure is fairly simple:

  1. Logged as root download:For PVE 2.2 (deprecated):
    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-2.2-diff-backup-addon
    

    For PVE 2.3 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-2.3-diff-backup-addon
    

    For PVE 3.0 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.0-diff-backup-addon
    

    For PVE 3.1 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.1-diff-backup-addon
    

    For PVE 3.2 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.2-diff-backup-addon
    

    For PVE 3.3 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.3-diff-backup-addon
    

    For PVE 3.4 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.4-diff-backup-addon
    

    For PVE 4.0 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.0-diff-backup-addon
    

    For PVE 4.1 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.1-diff-backup-addon
    

    For PVE 4.1-22 (compatible with 4.1-22 and newer) (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.1-22-diff-backup-addon
    

    For PVE 4.2 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.2-diff-backup-addon
    

    For PVE 3.4-14 (compatible with 3.4-14 and newer) (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.4-14-diff-backup-addon
    

    For PVE 4.2-17 (compatible with 4.2-17 and newer) (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.2-17-diff-backup-addon
    

    For PVE 4.3 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.3-diff-backup-addon
    

    For PVE 4.4 (deprecated):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.4-diff-backup-addon
    

    For PVE 4.4-13 (compatible with 4.4-13 and newer) (stable):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.4-13-diff-backup-addon
    

    For PVE 5.0 (stable):

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-5.0-diff-backup-addon
    
  2. Execute bash script. The script contains all needed patches:
    bash pve-4.4-diff-backup-addon apply
    
  3. When everything went right, you’ll see:
    Proxmox VE 5.0 - differential backup support
    Kamil Trzcinski, http://ayufan.eu/, ayufan@ayufan.eu
    
    PATCHED: /usr/share/pve-manager/
    PATCHED: /usr/share/perl5/PVE/
    
    Restarting PVE API Proxy Server: pveproxy.
    Restarting PVE Daemon: pvedaemon.
    
  4. Download and install xdelta3. If you want to use LZOP compressor, you have to download my xdelta3 compilation.
    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-xdelta3_3.0.6-1_amd64.deb
    dpkg -i pve-xdelta3_3.0.6-1_amd64.deb
    

    However, if you paranoid about installing untrusted applications you can compile the package yourself. All the sources can be found here: pve-xdelta3-master.tar.bz2

    Previous release of xdelta was 3.0.5. Please update to the newer one: 3.0.6.

And what about uninstall?

The procedure is simpler than installation. Type in the bash:

    bash pve-5.0-diff-backup-addon revert

After a while, you’ll see:

    Proxmox VE 5.0 - differential backup support
    Kamil Trzcinski, http://ayufan.eu/, ayufan@ayufan.eu

    RESTORED: /usr/share/pve-manager/
    RESTORED: /usr/share/perl5/PVE/

    Restarting PVE API Proxy Server: pveproxy.
    Restarting PVE Daemon: pvedaemon.

What about UPGRADE? (READ THIS)

This is important part. If you will ever want to upgrade your Proxmox installation (by apt-get dist-upgrade or apt-get upgrade) ALWAYS revert/uninstall patches. You will still be able to apply them afterwards.

How to apply new patch version?

  • Use previous patch to revert changes.
  • Download new patch version and apply as described before.

The results

The results are really astonishing! These are real word values:

    VM   full      diff 1day   diff 2days   diff 3days    diff 4days
    1.   39.10GB   41MB        47MB         51MB          55MB
    2.   96.84GB   1.07GB      1.38GB       1.43GB        1.68GB
    3.   83.95GB   1.68GB      2.66GB       3.69GB        4.25GB
    4.   9.19GB    76KB        76KB         166MB         198MB

You see the differences. The diff sizes strictly depends on the use of the VMs. Using differential backups I have backups from last month (full backup once a week, differential daily)

Why this is not upstream?

I tried to push the changes upstream. They were rejected by Dietmar:

We removed that feature 3 years ago. I have no plans to re-add that. We want to keep vzdump a simple tool.

But I thought that it would be really shame if I wouldn’t go public with this.

Is it stable?

Yes, it is. This extensions uses xdelta3 as differential backup tool, which proven to be well tested and stable. I use it for about 9 months on 4 different Proxmox based servers. No problems so far.

However, if you happen to be paranoidal about backups… You should consider running following script. The script simply tries to verify all differential backups. I recently updated the script to support new VMA archive. So now you can verify backups all supported backups.

    wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-verify-backups
    chmod +x pve-verify-backups
    ./pve-verify-backups <backup-dir>

FAQ

In case of any problems applying or reverting patches you can always simple revert back to stock. Simply reinstall modified packages:

    apt-get --reinstall install pve-manager qemu-server libpve-storage-perl

Then you can try to reapply patches once again.

In order to remove all leftovers you have to edit /etc/pve/vzdump.cron and remove fullbackup switch from vzdump command line.

Changelog

  • v1: initial public release with support for PVE2.2 and PVE2.3 (2013-03-05)
  • v2: improved kvm backup size and speed for PVE2.3 (2013-03-08)
  • v3: added support for PVE3.0 (2013-06-02)
  • v3′: updated pve-verify-backups to support VMA archives (2013-06-06)
  • v3”: updated patches to support PVE3.1 (2013-08-24)
  • v3”: updated xdelta3 to 3.0.6. More info about changes: http://xdelta.org/ (2013-08-24)
  • v3”: updated patches to support PVE3.2 (2014-03-15)
  • v3”: added FAQ (2014-04-30)
  • v3”: updated patches to support PVE3.3 (2014-09-23)
  • v3”: updated patches to support PVE3.4 (2015-02-26)
  • v3”: updated patches to support PVE4.0 (2015-11-07)
  • v3”: updated patches to support PVE4.1 (2016-01-22)
  • v3”: updated patches to support PVE4.1-22 (2016-04-13)
  • v3”: updated patches to support PVE4.2 (2016-05-02)
  • v3”: updated patches to support PVE3.4-14 (2016-08-02)
  • v3”: updated patches to support PVE4.2-17 (2016-08-02)
  • v3”: updated patches to support PVE4.3 (2016-10-24)
  • v3”: updated patches to support PVE4.4 (2017-01-23)
  • v3”: updated patches to support PVE4.4-13 (2017-04-10)
  • v3”: updated patches to support PVE5.0 (2017-07-20)

Detailed list of changes

  1. pve-xdelta3:
  2. vzdump:
    • added “fullbackup” option
  3. qmrestore and vzrestore:
    • added support for differential backups
  4. PVE.dc.BackupEdit:
    • added controls for maxfiles and fullbackup

Proxmox Free Community upgrade from 4.4 to 5.x version

01. /etc/apt/sources.list
deb http://ftp.debian.org/debian jessie main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian jessie pve-no-subscription

# security updates
deb http://security.debian.org jessie/updates main contrib

02. mv /etc/apt/sources.list.d/pve-enterprise.list /home

03. apt-get update

04. apt-get dist-upgrade

05. reboot

06. Virtual Environment 4.4-18/ef2610e8

07. /etc/apt/sources.list
deb http://ftp.debian.org/debian stretch main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve stretch pve-no-subscription

# security updates
deb http://security.debian.org stretch/updates main contrib

08. apt-get update

09. apt-get dist-upgrade

10. reboot

11. Virtual Environment 5.0-32/2560e073

Soure: https://forum.proxmox.com/threads/test-upgrade-from-community-4-4-to-5-x.37232/

Back to top