Which fan is it?

That’s making an on and off sound. I can mostly only hear it in the bathroom. If I turn the fans down, then I can’t hear it in the bathroom.

Pretty sure only my CPU fan is the only one being auto controlled, others run at full speed, or whatever I have the fan controller on my case set to.

I did just blow some dust out of it again. I need a new can of air, mine doesn’t have much left.

Acer makes a laptop with a desktop Ryzen CPU

You know how long the battery lasts? A review says an hour. Is that playing games or everything? Must be a shitty battery if browsing the web kills it in an hour.

One bad review says the RAM is slow, so games suck on it. Problem is, you can upgrade the RAM, guess they didn’t know that. I thought it was soldered on based on their review, read the other reviews, people replaced the RAM.

You might get one dead M.2 slot, that happened to more then one person.

It costs almost two grand.

I wouldn’t buy it, I already have a Ryzen desktop CPU in a desktop. Also, it only has a second gen one, the third gen will be better. Will they release a bios update so you can upgrade to the 3rd gen Ryzen CPUs?

I wonder when the 3rd gen Ryzen CPUs come out.

Does all the hardware work in Linux? A Dell I bought did. Sold that. Nobody makes a Linux Ryzen laptop. Not a desktop CPU one, or a mobile CPU one.

People don’t buy a gaming laptop to run Linux on it? Why not? I won’t play games on it, I’ll have a massive portable desktop. With a cable running to an outlet, so I can trip on it, and bust the almost 2k laptop. Don’t forget the ethernet cable going to the switch.

Review claims you’ll be able to upgrade to future Ryzen CPUs. Not true, if Acer doesn’t update the bios.

It takes an i7 over 6 hours to compile MongoDB?

According to the comments on the AUR it does. Takes me a little over an hour, so a little slower then a 32 core Xeon.

And that’s with only 6 threads. Can’t use all 16, the compile will fail.

Either they are talking about ancient i7s and Xeons, or there’s something wrong with their computer. Hard to believe six Ryzen threads is almost as fast as 32 Xeon cores. Are they using all 32 cores? Maybe it’s only clocked at 1 GHz or less.

They claim the Xeon is using a high end NVMe SSD. So probably not an ancient Xeon. I use a Crucial P1, which isn’t high end. Might be worse then the Intel one I had. I have more space. But I should compile on a different drive, it uses over 100 GB while compiling. If you do that to often, you won’t be writing anything to the Crucial P1 anymore.

So, if I could compile with all 16 threads, it would be faster then a 32 core Xeon? Notice, I said threads, not cores. My CPU only has 8 cores.

I’m to cheap and lazy to get a new CPU. Don’t remember how to take the CPU cooler off.

Data Units Written:                 6,861,329 [3.51 TB]

I forgot what the max you can write is. Probably more then 10 TB. Funny, I’ve only read 1.90 TB.

According to the answer from Micron on Amazon, it’s rated for 200 TB. They claim 109 GB a day. I thought it was less then that, somebody said like 20-30 GB a day. Oh wait, that might be a 10 year period. MongoDB uses almost 200 GB to compile. I have to delete the src and pkg folder after it’s done. I was running with less then 20 GB of space, since the last time I compiled. I read the AUR comment that says how much space it uses for compiling. So I checked my space usage, and there was barely any free space.

Yup, they say not suitable for greater then 25 GB a day, doesn’t mention how many years. What’s wrong with using 109 GB a day for five years? Then you have an excuse to buy a new one.

I might not live as long as Tonka

I was in bed, getting close to falling a sleep, but then it felt like I couldn’t breathe.

Maybe I can breathe if I use two pillows. That’ll probably make my neck hurt though.

The joke is on me if I die before the dog.

ModSecurity isn't blocking anything

I have all the rules that come with CyberPanel included, two packs.

Last time I checked, the only thing it has blocked was me, when I was testing it.

Looks like the bots are just trying to brute force this site.

iOS is boring

I need a slow Linux phone, but none are available yet.

You can fix the boring in Linux, just use a different UI and/or distro.

Also, the Google Voice app is slow for some reason. Google probably did that intentionally, they want you to use it on an Android phone.

My iOS is to new to jailbreak, if I stayed two versions below, I’d be able to.

That article left words out, says 31 name-of-jailbreak-program, 31 apparently means beta 31, you have to read more of the article to find that out. So if you are confused and keep rereading the beginning, you’ll never know.

If I downgrade, I can jailbreak. To lazy to do so.

Bernie is running again?

Don’t think anybody will beat Trump that already ran. Somebody that hasn’t ran before, might beat him.

Either way, I probably won’t bother voting, as you know the popular vote means nothing.

What happens if 0 people vote?

She only cares about her fantastic ex

No idea why she picks me up, or even talks to me. She goes in the kitchen with her ex, and just talks to him in there. Why have people at your house, if you just going to talk to one person alone in the kitchen? I can stay at home and be ignored, I don’t need to go to her house for that.

Or maybe it’s only me she doesn’t care about.

And she actually thought I’d go out of town with them. She must of forgot what happened.

On another note, I’m going to have a lot of money in the credit union. Can’t ship packages here, can’t buy the stuff I buy in town. So I’ll just get 5k and get evicted instead. She’ll never know, because I won’t speak to her.

Why doesn't the US have good free health care for everybody?

You’d think the “greatest” country, would have health care for everybody.

The reason is simple, money. That’s what the US is run on, just look at who’s the president.

Medicine shouldn’t cost a fortune. Why get rich on something that saves lives? Because most humans are assholes.

The US isn’t the greatest country anymore. Probably hasn’t been for a long time. There’s places in Europe that are better. Canada is probably better. Even the UK might be better, well they left the EU, kind of a dick move, like the current president.

Toaster ovens are great for lazy people

I should probably clean the crumbs out of it though. Or throw it away and buy a new one.

You can make ham and cheese sandwiches in it. I did it wrong the first and possibly second time. Don’t put the bread on top of each other, just put the cheese on one piece, and the meat on the other. Then the cheese melts without a problem, and you don’t get a burnt top piece. I use the toast setting.

I looked it up on Google, but the only thing I did what it said, was not putting the piece of bread on top of each other. I don’t care how toasty it is. As long as the cheese is melted and it isn’t burnt, I don’t care. They say to toast it first for two minutes or something, then add the cheese, toast for 30 seconds.

That’s not good for lazy people, the way I do it works just fine. No point in using the toaster oven if you have to do all that. Might as well use the stove, or the regular oven.

GeForce GTX 1660 Ti

I won’t buy it, because it requires a closed source driver. The open source driver that isn’t compatible with it yet, always froze my computer. Might of had remnants of the closed source driver.

Open source means, I can use any kernel version, unless they drop it in a future kernel. The closed source AMDGPU driver, usually requires patches, if you use a newer kernel, or waiting for AMD to update it. There’s no real reason to use the closed source AMDGPU driver though. At least not for me.

I like Roku TV

It makes simple stuff, like changing the picture settings, look better.

I didn’t really need a 4k Apple TV. Somebody said I needed something with 4k for my TV. I tried saying the built in Roku does that.

Watching my Mythtv recordings will be easier on the Apple TV, it just cost me $10.

I like Roku’s interface better then Amazon’s Fire TV.

Also, the Roku in my TV isn’t slow at all, I’m guessing a 1080p Roku TV could be slow, if they put the Express or whatever inside it. Older smart TVs have a shitty UI compared to Roku TV, I think I’ve seen some of my grandparent’s LG. It’s supposed to look pretty. Not old and ugly.

Problem with Philo is, it looks way better, and your data usage will go up. At least not as much as if I recorded every South Park episode on Premium TV, the cloud DVR, you only watch what you want. It’s like on demand, with fast forwarding. If they made it more like Netflix, then I’d be happy, no more fast forwarding, there’d be no commercials.

They could have a $5 add on for auto commercial skipping. Then get sued by the providers, saying they are in breach of the contract.

How fat will me and Tonka get?

I bought more snacks at Winco. Tonka begs every time I snack now.

The day she was hurting from going to the groomers, I was giving her lots of snacks. Making sure she still likes to eat. Apparently she does, and now we both are going to get fat, and I’m going to get poorer.

That might be common sense

Not using your last name as your name on a dating site.

It might even say not to do that. I deleted my account, it’s run by a scammer of a company. They make it look like people are interested in you, but you can’t see anything, unless you pay money. The accounts are hidden or something.

I think somebody sued them in Europe.

Tonka fell again

I was trying to get my cart out, so I could then help her get out, of my sister’s vehicle. Instead she just jumped down, I might of blocked her or something on accident. Wasn’t expecting her to jump out that quickly.

She seems fine.

Not enough drink mixes at Winco

I only saw six pink lemonade, and I had to reach back to get them. Was there more behind them? They should sell them in a bulk section. Then I can buy 100 at a time, that’s 8 per box, so 800 packets.

Somebody said she and her friend wanted to do something nice for me for Christmas, that’s how long it’s been since I saw her? And is her friend the guy with the car that picks her up some times? She gave me $20.

I wonder if it’s real money. If it isn’t, then off to jail I go. That’s about what I spent on toilet paper and dish washer gel. Toilet paper sucks at Winco. You get bigger rolls at Walmart. Not even sure the “mega” rolls at Winco are as big. And you don’t get as many.

I haven’t seen the Hungry Man TV dinner, with chicken and cheesy fries for a long time. No other store has it. I bought two of them. Is it beer battered, or just battered? The ones I had a long time ago, when I was under 18, were beer battered. I assume I was under 18, the first time I had it.

That’s the only Hungry Man TV dinner that is good.

Well, I guess not everybody here hates me, just some people.

Bernie 2016

Saw that on somebody’s car, went to Winco. Don’t think he was on the ballot. You’d have to write his name in.

There’s only one candidate from each party, because if they are all on the ballot, the vote will be split, possibly losing to Trump.

That’s why if they want to be Trump in 2020, there should be only one person, not an Independent and a Democrat.

If there is an Independent on it, I’ll waste my vote, and vote for them. That pretty much means Trump will win again. So not voting would accomplish the same thing.

I wouldn't recommend staying up past 6 am

Your vision might get better though. If you get up before 1 pm, you’ll get six or less hours of sleep.

It’ll suck when the dog wakes you up, well I didn’t get up right away, she ended up going on her bed. Then I remembered she wanted me to get up.

You might fall down too. After you finally get up and go to bed.

I went to the bathroom, and looked in the mirror, my eyes were red.

I could also see pink on my monitor, thought it might be defective, my eyes might of been.

How to use Fail2ban with modsecurity and CyberPanel

The instructions are based on these outdated instructions.

Go to ModSecurity Conf in CyberPanel, change “SecAuditLogRelevantStatus” to “”. Don’t leave it empty, it won’t let you do that. Commenting out the line in the config file doesn’t work either.

/etc/fail2ban/jail.local:

[lsws-modsec]
enabled = true
port = http,https
filter = lsws-modsec
logpath = /usr/local/lsws/logs/auditmodsec.log
maxretry = 1
backend = pyinotify

/etc/fail2ban/filter.d/lsws-modsec.conf:

Fail2Ban lsws-modsec filter

#

[INCLUDES]

before = common.conf

[Init]

maxlines = 6 datepattern = %%d/%%b/%%Y:%%H:%%M:%%S %%z

[Definition] #failregex = [.?]\s[\w.]\s(?:::f{4,6}:)?(?P[\w-.^_]\w)\s.\n.\n.\n.\nModSecurity:\s+(?:[(?:\w+ \”[^\“]\“|[^]])]\s)Access denied with code [45]\d\d _lsws_error_client = [.?]\s[\w.]\s\s failregex = ^%(_lsws_error_client)s.(\n.){4}\nModSecurity:\s+(?:[(?:\w+ \”[^\“]\“|[^]])]\s)*Access denied with code [45]\d\d

ignoreregex =

https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats

Author: Daniel Black

Sergey G. Brester aka sebres (review, optimization)

Thomas Vanvalkinburgh

Then reload Fail2ban, “systemctl reload fail2ban”.

That assumes you already have Fail2ban working. You can find Fail2ban instructions on Google.

I also forgot, Fail2ban only blocks the ports you specify, so it won’t block it to the entire server, unless you configure it that way. Still won’t have to waste resources on modsecurity.

How do I get myself banned? Need to see if the log is even working.

Nope, modsecurity isn’t doing anything now. Guess those really are outdated instructions.

Well, modsecurity works now. And the log isn’t empty, now to see if the apache-modsecurity will work.

There’s no IP address in the line “^ModSecurity:\s+(?:[(?:\w+ \”[^\“]\“|[^]])]\s)Access denied with code”.

The apache doesn’t work, because it’s looking for something with error in it.

Going to have to make my own regex, that’s a bummer.

Finally might of figured out the regex. Haha, don’t replace \n with ^, now it’s banning people and/or bots that didn’t do anything, and it won’t ban me.

It works with PHP, but not Fail2ban. You can’t do it, because the ModSecurity is it’s own line.

Update
Files updated, you need to use maxlines, and whatever “%(_lsws_error_client)s” does. The docs don’t explain very well. To lazy to read the entire Python doc on regex.

You don’t need to change anything in CyberPanel, just use the config from above.

The regex found my IP, but it fails to block me. “fail2ban-regex /usr/local/lsws/logs/auditmodsec.log /etc/fail2ban/filter.d/lsws-modsecurity.conf -v”, shows my IP a bunch.

What’s the point in fail2ban-regex? There’s matches, but the stupid thing isn’t banning anything.

If you are logged in by SSH, will it not ban you? My IP isn’t in the ignore list.

Nope, won’t ban my T-Mobile IP either. Maybe it’s reading the file super slowly.

Removed the extra spaces in the jail.local, still not banned.

Rebooting the server didn’t fix it either.

Using a different backend doesn’t do anything either. I deleted the log again, restarted lsws, and it still won’t ban me. I made a script to run wget on the URL that modsecurity blocks. The script runs till I kill it.

Why would fail2ban-regex find matches, but the actual thing doesn’t seem to care?

fail2ban-client status lsws-modsecurity
Status for the jail: lsws-modsecurity
|- Filter
|  |- Currently failed: 0
|  |- Total failed: 0
|  - File list:    /usr/local/lsws/logs/auditmodsec.log
- Actions
   |- Currently banned: 0
   |- Total banned: 0
   `- Banned IP list:

Google isn’t much help, some say it’s the time, but the time in the file is fine.

Changed the name of the file, that didn’t solve anything.

“Lines: 9243 lines, 0 ignored, 928 matched, 8315 missed”

According to fail2ban-regex.

#!/bin/bash

Bash Script by https://gist.github.com/mitchellkrogza

************************************************************

This script clears the log file and database of Fail2Ban

This resets Fail2Ban to a completely clean state

Useful to use after you have finished testing all your jails

and completed your initial setup of Fail2Ban and are now

putting the server into LIVE mode

************************************************************

Please Set your log file and sqlite db locations

Locations below are common on Ubuntu and Debian based systems

F2Blog=“/var/log/fail2ban.log” F2Bdb=“/var/lib/fail2ban/fail2ban.sqlite3”

Now let us clean up

echo “Stopping Fail2Ban Service” systemctl stop fail2ban echo “Truncating Fail2Ban Log File” truncate -s 0 $F2Blog echo “Deleting Fail2Ban SQLite Database” rm -fr $F2Bdb echo “Restarting Fail2Ban Service” systemctl start fail2ban echo “All Done”

Not sure I’d recommend that, now nothing is banned. Found that from here. Changed it to use systemctl.

Still not banned.

Setting the findtime to 5000, doesn’t work either. It did ban a WordPress brute forcer though. It never says found for anything for the lsws-modsec filter, I changed the name.

I know it can read the log file, when I deleted it, there was an open error in the fail2ban.log. So there’d be an error if it couldn’t read it.

I doubt changing maxlines will do anything, the regex does work, even with 10, might just make it slower.

Did nothing, just like I thought. Making a symlink didn’t change anything either. In case it doesn’t like the /usr folder.

Changed it back. I don’t get why the regex works with fail2ban-regex, but clearly doesn’t with Fail2ban.

“[]\s[\w.]\s(?:::f{4,6}:)?(?P[\w-.^_]\w)\s.(\n.){3}\nModSecurity:\s+(?:[(?:\w+ \”[^\“]\“|[^]])]\s)Access denied with code [45]\d\d”

That’s the regex it’s using. If you try running that with fail2ban-regex, it finds no matches.

Server slowed to a crawl. Need to go to bed.

The new regex it’s using, should work.

^[.?]\s[\w.]\s(?:::f{4,6}:)?(?P[\w-.^_]\w)\s.(\n.){3}\nModSecurity:\s+(?:[(?:\w+ \”[^\“]\“|[^]])]\s*)*Access denied with code [45]\d\d

According to pythex.org, with a log entry in it.

Server is to slow to run that now. Of course it didn’t work, I forgot -L 5. Since I wasn’t using the lsws-modse.conf file.

Guess it doesn’t work, regex is fine, just doesn’t read the file or something. I emptied the log file too, in case it was to big.

I put the above regex, that it generated or modified, and it still doesn’t work, it never finds anything. Of course fail2ban-regex works. I’m guessing fail2ban is broken.

I tried every backend, still doesn’t work. Some other site said to use systemd for the backend, that doesn’t work either. Don’t do that, it won’t check files if you do that. Just the journal.

Update
The filter and jail.local have been updated, it works now. Problem is, fail2ban-regex strips blank new lines, Fail2ban itself doesn’t do that, so I needed to do it how I was doing it at first. Almost 6 am, good job Fail2ban, having the regex tester work differently. I got banned, and then I unbanned myself.

I use systemd and a different backend for the stuff that isn’t in the journal, I’m using pyinotify, but polling probably works too, and maybe even gamin, I have all installed. They should fix the regex tester, make it function like the server.