Increase the Firewall Maximum Table Entries size to 400000 in System > Advanced, Firewall & NAT
Category: Linux&Unix
Free DNS providers
Google 8.8.8.8: Private and unfiltered. Most popular option.
CloudFlare 1.1.1.1: Private and unfiltered. New player.
Quad9 9.9.9.9: Private and security aware. New player that blocks access to malicious domains.
OpenDNS 208.67.222.222: Old player that blocks malicious domains and offers the option to block adult content.
Norton DNS 199.85.126.20: Old player that blocks malicious domains and is integrated with their Antivirus.
CleanBrowsing 185.228.168.168: Private and security aware. New player that blocks access to adult content.
Yandex DNS 77.88.8.7: Old player that blocks malicious domains. Very popular in Russia.
Comodo DNS 8.26.56.26: Old player that blocks malicious domains.
Virtualizing pfSense on Proxmox (4 and 5)
Assumptions
- Proxmox host is up and running
- Host has at least two network interfaces available for WAN and LAN.
- you have already upload pfSense image to the host
Basic Proxmox networking
In order to virtualize pfSense we first need to create two Linux Bridges on Proxmox, which will be used for LAN and WAN. Select your host from the server view, navigate to System > Network. We will be using eth1 and eth2 interfaces for pfSense, while eth0 is for Proxmox management.
Click on create and select Linux Bridge. Under Bridge ports enter eth1.
Repeat the process to add another Linux Bridge, this time add eth2 under Bridge ports.
Proxmox Networking should now display two Linux bridges like on the following screenshot. WARNING: Proxmox requires reboot if the interfaces are not marked Active.
Creating pfSense virtual machine
After creating WAN and LAN Linux bridges, now we proceed to create a new virtual machine. Click on Create VM from the top right section and new virtual machine wizard will appear. Under General tab, add a name to your pfSense VM.
Under OS tab select Other OS types and click next.
On CD/DVD tab select local storage and under ISO image find the previously uploaded pfSense ISO.
On the next tab, select VirtIO under Bus/Device and enter disk size you need.
On the CPU tab select a single socket and add one or more cores. Confirm CPU type is Default (kvm64).
Under Memory tab add at least 1024 MB. Use fixed size memory.
On the Network tab select Bridged mode and vmbr1. Make sure VirtIO (paravirtualized) is selected under Model.
Finally confirm the settings and wait for the VM to be created. Select your newly created virtual machine from the server view sidebar.
While the pfSense virtual machine is selected, click on Hardware settings and add another network device. Under Bridge enter vmbr2 and select VirtIO (paravirtualized) under Model.
Confirm your virtual machine has two network interfaces now.
Starting and configuring the pfSense virtual machine
After creating a new virtual machine and adding network interfaces, it’s time to start the virtual machine. If everything was done correctly, you can see pfSense booting up from the Console window
pfSense will prompt you to select boot mode, press I to launch the installer.
When pfSense setup boots up, follow the installation steps as you would on a physical device. Simply run Quick/Easy setup and wait for it to complete. When prompted, select standard kernel. Click reboot to complete the installation. Make sure you remove the .ISO from the virtual CD/DVD media.
After pfSense virtual machine reboots you will be greeted by interfaces assignment wizard. We will not set be setting up VLAN’s now, so press N and confirm
On the following steps assign the WAN and LAN interfaces. For the purpose of this guide, we have assigned vtnet0 to WAN and vtnet1 to LAN.
After interfaces have been assigned, pfSense will complete the boot.
Configuring pfSense to work with Proxmox VirtIO
After the pfSense installation and interfaces assignment is complete, connect to the assigned LAN port from another computer.
WARNING: because the hardware checksum offload is not yet disabled, accessing pfSense WebGUI might be sluggish. This is NORMAL and is fixed in the following step.
To disable hardware checksum offload, navigate under System > Advanced and select Networking tab. Under Networking Interfaces section check the Disable hardware checksum offload and click save. Reboot will be required after this step.
Congratulations, the pfSense virtual machine installation and configuration on Proxmox is now complete.
Source: https://doc.pfsense.org/index.php/Virtualizing_pfSense_on_Proxmox
If you’re still using old release (Ubuntu < 12.04) and still want to get updates using apt-get
deb http://old-releases.ubuntu.com/ubuntu/ oneiric main
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric main
deb http://old-releases.ubuntu.com/ubuntu/ oneiric-updates main
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric-updates main
deb http://old-releases.ubuntu.com/ubuntu/ oneiric universe
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric universe
deb http://old-releases.ubuntu.com/ubuntu/ oneiric-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu/ oneiric-updates universe
deb http://old-releases.ubuntu.com/ubuntu oneiric-security main
deb-src http://old-releases.ubuntu.com/ubuntu oneiric-security main
deb http://old-releases.ubuntu.com/ubuntu oneiric-security universe
deb-src http://old-releases.ubuntu.com/ubuntu oneiric-security universe
Proxmox VE differential backups
Source: https://ayufan.eu/projects/proxmox-ve-differential-backups/
Proxmox VE is a complete virtualization management solution for servers. You can virtualize even the most demanding application workloads running on Linux and Windows Servers. Checkout their page: proxmox.com
Due to lack of better backup functionality I prepared patches to support differential backups in Proxmox VE. These patches are in use for over a year.
Currently supported versions are 3.4, 4.1, 4.2, 4.3, 4.4, 5.0.
What are differential backups?
According to Wikipedia:
A differential backup is a type of data backup that preserves data saving only the difference in the data since the last full backup. (…) Another advantage, at least as compared to the incremental backup method of data backup, is that at data restoration time, at most two backup media are ever needed to restore all the data. This simplifies data restores as well as increases the likelihood of shortening data restoration time.
What my patches do?
My patches extends vzdump, xdelta3 and Web-GUI support. And yes, these patches fully support OpenVZ and KVM.
System administrator can use one additional parameter in Backup Jobs (Datacenter -> Backup -> Add/Edit) the Full Backup Every:
- By default this value is set to 0. Which simply means: use old behavior (always create full backups).
- But if you specify value larger than 0, for example 7. It will instruct the vzdump to create full backup once a week and use differentials for the rest.
Please consider the following example:
vzdump 101 --remove 0 --mode snapshot --compress lzo --storage local --node hvm --fullbackup 4
It will create full backup of VM101 every 4 days, compressed using lzo, stored on local storage.
How to install?
There are three files:
c760d7481beae8dba3c62f1d95c6fbde pve-2.2-diff-backup-addon
42c1a0f34eca9ac23de83523db00f6c5 pve-2.3-diff-backup-addon
1292670afa84914aac4ebda59d2a7122 pve-3.0-diff-backup-addon
cd68c203bb1804105a3b4acd52382f6d pve-3.1-diff-backup-addon
67fb4d2b397759fb83066ae93cc07b78 pve-3.2-diff-backup-addon
3e095bd0ed5744a545016018e235fa27 pve-3.3-diff-backup-addon
350ed7844a5802ca114a6b60e0b013dc pve-3.4-diff-backup-addon
e33ef0b546fb16baacc4baed57af20d2 pve-3.4-14-diff-backup-addon
1657dbc46d9f8b379896a9c0a7dffc3e pve-4.0-diff-backup-addon
e5701606733fb10dc117ff2b008da11b pve-4.1-diff-backup-addon
9fd8b3cb99283e55b00d694ce633b723 pve-4.1-22-diff-backup-addon
300b07f7837200b9cc281aff06105991 pve-4.2-diff-backup-addon
05c8520f87443a8902faa3b24d25735f pve-4.2-17-diff-backup-addon
c9fc4aeb2e42d1d78f54c8e7b007fc3d pve-4.3-diff-backup-addon
3991a5773e1d85503513889eaf04910c pve-4.4-diff-backup-addon
6646d0bc79a70beeca482dcf5354d021 pve-4.4-13-diff-backup-addon
cc07c340b4dbfcf00e9d216a2f8f8466 pve-5.0-diff-backup-addon
The installation procedure is fairly simple:
- Logged as root download:For PVE 2.2 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-2.2-diff-backup-addon
For PVE 2.3 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-2.3-diff-backup-addon
For PVE 3.0 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.0-diff-backup-addon
For PVE 3.1 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.1-diff-backup-addon
For PVE 3.2 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.2-diff-backup-addon
For PVE 3.3 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.3-diff-backup-addon
For PVE 3.4 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.4-diff-backup-addon
For PVE 4.0 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.0-diff-backup-addon
For PVE 4.1 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.1-diff-backup-addon
For PVE 4.1-22 (compatible with 4.1-22 and newer) (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.1-22-diff-backup-addon
For PVE 4.2 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.2-diff-backup-addon
For PVE 3.4-14 (compatible with 3.4-14 and newer) (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-3.4-14-diff-backup-addon
For PVE 4.2-17 (compatible with 4.2-17 and newer) (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.2-17-diff-backup-addon
For PVE 4.3 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.3-diff-backup-addon
For PVE 4.4 (deprecated):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.4-diff-backup-addon
For PVE 4.4-13 (compatible with 4.4-13 and newer) (stable):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-4.4-13-diff-backup-addon
For PVE 5.0 (stable):
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-5.0-diff-backup-addon
- Execute bash script. The script contains all needed patches:
bash pve-4.4-diff-backup-addon apply
- When everything went right, you’ll see:
Proxmox VE 5.0 - differential backup support Kamil Trzcinski, http://ayufan.eu/, ayufan@ayufan.eu PATCHED: /usr/share/pve-manager/ PATCHED: /usr/share/perl5/PVE/ Restarting PVE API Proxy Server: pveproxy. Restarting PVE Daemon: pvedaemon.
- Download and install xdelta3. If you want to use LZOP compressor, you have to download my xdelta3 compilation.
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-xdelta3_3.0.6-1_amd64.deb dpkg -i pve-xdelta3_3.0.6-1_amd64.deb
However, if you paranoid about installing untrusted applications you can compile the package yourself. All the sources can be found here: pve-xdelta3-master.tar.bz2
Previous release of xdelta was 3.0.5. Please update to the newer one: 3.0.6.
And what about uninstall?
The procedure is simpler than installation. Type in the bash:
bash pve-5.0-diff-backup-addon revert
After a while, you’ll see:
Proxmox VE 5.0 - differential backup support
Kamil Trzcinski, http://ayufan.eu/, ayufan@ayufan.eu
RESTORED: /usr/share/pve-manager/
RESTORED: /usr/share/perl5/PVE/
Restarting PVE API Proxy Server: pveproxy.
Restarting PVE Daemon: pvedaemon.
What about UPGRADE? (READ THIS)
This is important part. If you will ever want to upgrade your Proxmox installation (by apt-get dist-upgrade or apt-get upgrade) ALWAYS revert/uninstall patches. You will still be able to apply them afterwards.
How to apply new patch version?
- Use previous patch to revert changes.
- Download new patch version and apply as described before.
The results
The results are really astonishing! These are real word values:
VM full diff 1day diff 2days diff 3days diff 4days
1. 39.10GB 41MB 47MB 51MB 55MB
2. 96.84GB 1.07GB 1.38GB 1.43GB 1.68GB
3. 83.95GB 1.68GB 2.66GB 3.69GB 4.25GB
4. 9.19GB 76KB 76KB 166MB 198MB
You see the differences. The diff sizes strictly depends on the use of the VMs. Using differential backups I have backups from last month (full backup once a week, differential daily)
Why this is not upstream?
I tried to push the changes upstream. They were rejected by Dietmar:
We removed that feature 3 years ago. I have no plans to re-add that. We want to keep vzdump a simple tool.
But I thought that it would be really shame if I wouldn’t go public with this.
Is it stable?
Yes, it is. This extensions uses xdelta3 as differential backup tool, which proven to be well tested and stable. I use it for about 9 months on 4 different Proxmox based servers. No problems so far.
However, if you happen to be paranoidal about backups… You should consider running following script. The script simply tries to verify all differential backups. I recently updated the script to support new VMA archive. So now you can verify backups all supported backups.
wget http://ayufan.eu/projects/proxmox-ve-differential-backups/pve-verify-backups
chmod +x pve-verify-backups
./pve-verify-backups <backup-dir>
FAQ
In case of any problems applying or reverting patches you can always simple revert back to stock. Simply reinstall modified packages:
apt-get --reinstall install pve-manager qemu-server libpve-storage-perl
Then you can try to reapply patches once again.
In order to remove all leftovers you have to edit /etc/pve/vzdump.cron and remove fullbackup switch from vzdump command line.
Changelog
- v1: initial public release with support for PVE2.2 and PVE2.3 (2013-03-05)
- v2: improved kvm backup size and speed for PVE2.3 (2013-03-08)
- v3: added support for PVE3.0 (2013-06-02)
- v3′: updated pve-verify-backups to support VMA archives (2013-06-06)
- v3”: updated patches to support PVE3.1 (2013-08-24)
- v3”: updated xdelta3 to 3.0.6. More info about changes: http://xdelta.org/ (2013-08-24)
- v3”: updated patches to support PVE3.2 (2014-03-15)
- v3”: added FAQ (2014-04-30)
- v3”: updated patches to support PVE3.3 (2014-09-23)
- v3”: updated patches to support PVE3.4 (2015-02-26)
- v3”: updated patches to support PVE4.0 (2015-11-07)
- v3”: updated patches to support PVE4.1 (2016-01-22)
- v3”: updated patches to support PVE4.1-22 (2016-04-13)
- v3”: updated patches to support PVE4.2 (2016-05-02)
- v3”: updated patches to support PVE3.4-14 (2016-08-02)
- v3”: updated patches to support PVE4.2-17 (2016-08-02)
- v3”: updated patches to support PVE4.3 (2016-10-24)
- v3”: updated patches to support PVE4.4 (2017-01-23)
- v3”: updated patches to support PVE4.4-13 (2017-04-10)
- v3”: updated patches to support PVE5.0 (2017-07-20)
Detailed list of changes
- pve-xdelta3:
- repackaged from http://packages.debian.org/wheezy/xdelta3
- added support for lzop
- removed all python references
- vzdump:
- added “fullbackup” option
- qmrestore and vzrestore:
- added support for differential backups
- PVE.dc.BackupEdit:
- added controls for maxfiles and fullbackup
Proxmox Free Community upgrade from 4.4 to 5.x version
01. /etc/apt/sources.list
deb http://ftp.debian.org/debian jessie main contrib
# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian jessie pve-no-subscription
# security updates
deb http://security.debian.org jessie/updates main contrib
02. mv /etc/apt/sources.list.d/pve-enterprise.list /home
03. apt-get update
04. apt-get dist-upgrade
05. reboot
06. Virtual Environment 4.4-18/ef2610e8
07. /etc/apt/sources.list
deb http://ftp.debian.org/debian stretch main contrib
# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve stretch pve-no-subscription
# security updates
deb http://security.debian.org stretch/updates main contrib
08. apt-get update
09. apt-get dist-upgrade
10. reboot
11. Virtual Environment 5.0-32/2560e073
Soure: https://forum.proxmox.com/threads/test-upgrade-from-community-4-4-to-5-x.37232/
How to Install KeePass in Linux Mint / Ubuntu
Technically, we can install KeePass through Ubuntu Software…
…or the Linux Mint Software Manager.
However, if we install KeePass through these channels, we won’t be getting the very latest version. And where’s the fun in that?
Add the KeePass repository
For the latest and greatest KeePass installation on Linux, we must add a repository. We just need to fire up a terminal, with Ctrl+Alt+T, and type:
sudo apt-add-repository ppa:jtaylor/keepass -y
Just a reminder for Linux newcomers, when we use the “sudo” command, and we enter our password, nothing will show as we type, no stars or dots or anything. We just enter the password and hit Enter.
For more information about Linux terminal commands, check out our guide:
After successfully adding the repository, we need to do an update with:
sudo apt-get update
Install KeePass
Once the update is done, and we had no error messages, we type the following command to install KeePass:
sudo apt-get install keepass2 -y
Once we finish with the installation, we will find KeePass at the Mint menu, in the Accessories section.
In Ubuntu, we just need to search for it on the Dash.
Source: https://www.pcsteps.com/3544-install-keepass-linux-mint-ubuntu/