This is for NIC Email or services which are linked to Kavach. If you are connected using only IPv6 you will face this issue. Mostly for Jio Mobile network which sometimes uses only IPv6. The Kavach server running over IPv4 fails to detect clients location and fails.
Unless NIC uses IPv6 for Kavach this problem will remain (today is 03/Sep/2024).

dnf upgrade –refresh

dnf install dnf-plugin-system-upgrade

dnf system-upgrade download --releasever=<ver>
Incase of broken dependancy try with 
dnf system-upgrade download --releasever=<ver> –allowerasing

replace <var> with the version you want to upgrade to. Remember <ver> should not be more than 2 versions from current version.
I have tested above from 35 to 37 then 37 to 39 then 39 to 40.

There is no option in windows for adding a static route automatically through a VPN using GUI, but using powershell its working fine here is the command :

Add-VpnConnectionRoute VPN-Name Route-In-CIDR

To remove the route

 Remove-VpnConnectionRoute VPN-Name  Route-In-CIDR

For Example

Add-VpnConnectionRoute "IKEv2 VPN NML" "192.168.1.0/24"

Whenever I connect to NML VPN I get all traffic 192.168.1.0/24 directed to NML Network. Be careful your home network is other than 192.168.1.0/24

Decided to create ipset stophack and add all access to ports 23, 22, 3306, 110, 143, 25 of ip <myserverip>

firewall-cmd –zone=external –add-rich-rule=’rule source ipset=stophack drop’
firewall-cmd –permanent –get-ipsets
firewall-cmd –permanent –new-ipset=stophack –type=hash:net
firewall-cmd –permanent –ipset=stophack –add-entries-from-file=stophack.txt
firewall-cmd –permanent –ipset=stophack –get-entries
firewall-cmd –permanent –ipset=stophack –add-entry=120.224.174.135

cat bdknock.xml
<?xml version="1.0" encoding="utf-8"?>
 <service>
  <port port="12345" protocol="tcp"/>
  <port port="2345" protocol="udp"/>
  <port port="345" protocol="udp"/>
  <port port="54321" protocol="tcp"/>
 </service>

After Fedora upgrade to 35 from 33 faced issue under OwnCloud

Can not run OC 10.xxx under php 8.0.xx

Resolved the issue with following steps

Following was already there under /etc/httpd/conf.d/owncloud.conf

# Enable http authorization headers
SetEnvIfNoCase ^Authorization$ “(.+)” HTTP_AUTHORIZATION=$1

<FilesMatch \.(php|phar)$>
    SetHandler "proxy:unix:/var/opt/remi/php74/run/php-fpm/www.sock|fcgi://localhost"
</FilesMatch>

while doing console upgrade using
occ upgrade
problem arises as default php was 8.0

First renamed /usr/bin/php to /usr/bin/php80
then run following command
update-alternatives –install /usr/bin/php php /opt/remi/php74/root/usr/bin/php 74

next occ update was successful

A separate VLAN created for the printer(say PVLAN). All PCs are in default VLAN.

A router (R1) is connected to both default VLAN and PVLAN. A static route is configured in R1 for the printers IP Address (IP1) via PVLAN interface. Appropriate firewall rules configured in R1 to forward packets only from defined/allowed source IPs to the printer.

Printer is assigned an static IP (IP1) from same pool as the PCs and default route is R1.

DHCP is configured to push a static route to client PCs which are allowed. The static route defined R1 for IPs assigned to printers.

Now any access to the printer is goes through the router/firewall, where you can configured which system you want to allow printer access.

PC <->DefaultVLAN<-> Router<->PRN VLAN<->Printer

First installed podman-compose then created docker file with name docker-compose.yml :

version: '3.1'

services:

  wordpress:
    image: wordpress1
    restart: always
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: mydbuser
      WORDPRESS_DB_PASSWORD: mydbpassword
      WORDPRESS_DB_NAME: mydb
    volumes:
      - wordpress:/var/www/html
      - logs:/var/log/apache2

  db:
    image: wordpress1db
    restart: always
    environment:
      MYSQL_DATABASE: mydb
      MYSQL_USER: mydbuser
      MYSQL_PASSWORD: mydbpassword
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db:/var/lib/mysql

volumes:
  wordpress:
  db:
  logs:

now run :

podman-compose up -d

It will create containers and run webserver at 8080 port.

to stop and remove the containers run

podman-compose down

The docker file will create containers for webserver from image wordpress1 and container for database server from image wordpress1db, please check and update image name incase of any problem. Also you can commit after any change to webserver / mysql configuration to create another image locally.

The running containers will share storage outside the docker for mysql database files(/var/lib/mysql) in named space db and website (/var/www/html) at named space wordpress. These named spaces can be looked by running:

# podman volume ls

DRIVER      VOLUME NAME
local       fcab36796140245f735851f808b193c38e4771143db12ead1c59ce2b5fa3177e
local       WordPress_db
local       WordPress_logs
local       WordPress_wordpress

now run following to find out the actual location of the volumes

# podman volume inspect WordPress_db WordPress_wordpress
[
    {
        "Name": "WordPress_db",
        "Driver": "local",
        "Mountpoint": "/var/lib/containers/storage/volumes/WordPress_db/_data",
        "CreatedAt": "2022-01-31T18:54:23.157971622+05:30",
        "Labels": {
            "io.podman.compose.project": "WordPress"
        },
        "Scope": "local",
        "Options": {}
    },
    {
        "Name": "WordPress_wordpress",
        "Driver": "local",
        "Mountpoint": "/var/lib/containers/storage/volumes/WordPress_wordpress/_data",
        "CreatedAt": "2022-01-31T18:54:19.661705064+05:30",
        "Labels": {
            "io.podman.compose.project": "WordPress"
        },
        "Scope": "local",
        "Options": {}
    }
]

You can add/modify webserver files located at /var/lib/containers/storage/volumes/WordPress_wordpress/_data

To login to any of the containers above first findout the names of containers by running

]# podman container ls
CONTAINER ID  IMAGE                   COMMAND               CREATED      STATUS          PORTS                                        NAMES
4f7976ee3529  k8s.gcr.io/pause:3.5                          4 hours ago  Up 4 hours ago  0.0.0.0:8080->80/tcp  bca02e003722-infra
171df0e7c268  localhost/wp1:latest    apache2-foregroun...  4 hours ago  Up 4 hours ago  0.0.0.0:8080->80/tcp  WordPress_wordpress_1
70c70112d52b  localhost/wp1db:latest  mysqld                4 hours ago  Up 4 hours ago  0.0.0.0:8080->80/tcp  WordPress_db_1

the last word in each line is the name i.e. WordPress_wordpress_1 and WordPress_db_1 are the container names. Now to login to wordpress (webserver) type the following

# podman exec -ti WordPress_wordpress_1 /bin/bash
root@171df0e7c268:/var/www/html#

similarly for the db server type:

podman exec -ti WordPress_db_1 /bin/bash
root@70c70112d52b:/#

Generated dhparams.pem for haproxy moved to its directory linked it in the haproxy.cfg file

Kept most global options in the cfg file. Add lines for frontend and backend.

frontend default
   bind :80
   http-request redirect scheme https unless { ssl_fc }
   use_backend % [req.hdr(host),lower,map_dom(/etc/haproxy/maps/hosts.map,be_default)]

   default_backend             acer2

create hosts.map file for each and every host, each line must have host name and backend name like

acer2.nmlindia.org acer2

for each altername port create a frontend like above just replace :80 with say :8080 and provide another map file for hosts handing this port

    backend acer2
        mode http
        http-request redirect scheme https unless { ssl_fc }
        server acer2 acer2.nmlindia.org:8888 check

the line

http-request redirect scheme https unless { ssl_fc }

controls the reirection in case the traffic is SSL

if nonSSL site comment out in both default block and backend block

the port 8888 indicates the port where the website is running

frontend https
   bind *:443 ssl crt-list /etc/haproxy/ssl/private/crt-list.txt   # crt /etc/haproxy/ssl/bdpc-ssl.pem
   mode tcp
   tcp-request inspect-delay 5s
   tcp-request content accept if { req_ssl_hello_type 1 }
   use_backend acer2 if { ssl_fc_sni acer2.nmlindia.org }

Provide certificate path and mode should be tcp for SSL port

dd if=/dev/zero count=8192000 bs=1024 of= test.hdd

dd if=/dev/zero count=20480000 bs=1024 of=cam1.hdd
dd if=/dev/zero count=20480000 bs=1024 of=cam2.hdd

yum install -y http://download.zfsonlinux.org/epel/zfs-release.el6.noarch.rpm

;;; lost lot of time due to following error
;; Error: Package: zfs-dkms-0.8.4-1.el6.noarch (zfs)
;; Requires: dkms >= 2.2.0.3
;;
;; tried several things, al last I found that by default “zfs-kmod” repo is disabled by enabling it the yum install was success
;;

yum install “kernel-devel-uname-r == $(uname -r)” zfs –enablerepo zfs-kmod

/sbin/modprobe zfs
zpool create testpool /home/test.hdd

[root@ictuxen1 ~]

# zfs list
NAME USED AVAIL REFER MOUNTPOINT
testpool 91.5K 7.27G 24K /testpool

[root@ictuxen1 ~]

# zpool list
NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
testpool 7.50G 116K 7.50G – – 0% 0% 1.00x ONLINE –

[root@ictuxen1 ~]

# zpool status
pool: testpool
state: ONLINE
scan: none requested
config:

    NAME              STATE     READ WRITE CKSUM
    testpool          ONLINE       0     0     0
      /home/test.hdd  ONLINE       0     0     0

errors: No known data errors

[root@ictuxen1 ~]

# zpool destroy testpool

[root@ictuxen1 home]

# rm test.hdd

zpool create cam1pool /home/cam1.hdd
zpool list

zfs create -o mountpoint=/home/cam1 cam1pool/fs1
zfs set quota=19g cam1pool/fs1
zfs set reservation=1g cam1pool/fs1

[root@ictuxen1 home]

# zfs list
NAME USED AVAIL REFER MOUNTPOINT
cam1pool 1.00G 17.9G 24K /cam1pool
cam1pool/fs1 24K 18.9G 24K /home/cam1

zpool create cam2pool /home/cam2.hdd

[root@ictuxen1 home]

# zpool list
NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
cam1pool 19.5G 174K 19.5G – – 0% 0% 1.00x ONLINE –
cam2pool 19.5G 88K 19.5G – – 0% 0% 1.00x ONLINE –

zfs create -o mountpoint=/home/cam2 cam2pool/fs1
zfs set quota=19g cam2pool/fs1
zfs set reservation=1g cam2pool/fs1

[root@ictuxen1 home]

# zfs list
NAME USED AVAIL REFER MOUNTPOINT
cam1pool 1.00G 17.9G 24K /cam1pool
cam1pool/fs1 24K 18.9G 24K /home/cam1
cam2pool 1.00G 17.9G 24K /cam2pool
cam2pool/fs1 24K 18.9G 24K /home/cam2

REMOVING ZFS

[root@ictuxen1 tmp]# zfs unmount cam1pool/fs1
[root@ictuxen1 tmp]# zfs unmount cam2pool/fs1

[root@ictuxen1 tmp]# zfs list
NAME USED AVAIL REFER MOUNTPOINT
cam1pool 1.00G 17.9G 24K /cam1pool
cam1pool/fs1 54.5M 18.8G 54.5M /home/cam1
cam2pool 1.00G 17.9G 24K /cam2pool
cam2pool/fs1 59.8M 18.8G 59.8M /home/cam2

[root@ictuxen1 tmp]# zfs destroy cam1pool/fs1
[root@ictuxen1 tmp]# zfs destroy cam2pool/fs1

[root@ictuxen1 tmp]# zfs list
NAME USED AVAIL REFER MOUNTPOINT
cam1pool 207K 18.9G 24K /cam1pool
cam2pool 314K 18.9G 24K /cam2pool

[root@ictuxen1 tmp]# zpool destroy cam1pool
[root@ictuxen1 tmp]# zpool destroy cam2pool

[root@ictuxen1 tmp]# zpool list
no pools available
[root@ictuxen1 tmp]# zfs list
no datasets available

To add deduplication which is by default is off. Check using(replace poolname with your own poolname):

zfs get all poolname |grep -i dedup

Then use the following after pool creation to enable it:

zfs set dedup=on poolname

To add compression first check with (use your own poolname) :

zfs get all poolname | grep compress

Then the following to add compression

zfs set compression=lz4 poolname

Used link https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
for guidance, with only few manual changes.

wait to for reboot yo complete

Faced following problem after reboot: OwnCloud Not working:

This version of ownCloud is not compatible with PHP 7.3
You are currently running PHP 7.3.15.

rpm --import https://download.owncloud.org/download/repositories/production/Fedora_31/repodata/repomd.xml.key

dnf config-manager --add-repo http://download.owncloud.org/download/repositories/production/Fedora_31/ce:stable.repo

dnf clean all

dnf install owncloud-files; dnf upgrade owncloud-files

cd /var/www/html/owncloud/
 sudo -u apache php ./occ app:disable files_videoplayer
 sudo -u apache php ./occ upgrade
 after 15 minutes
 sudo -u apache php occ maintenance:mode --off
 wait 5 minutes
 sudo -u apache php occ background:queue:status

Login issues found as user_ldap version 11.0 did not work
Unable to upgrade the module. Found apps folder ownership is root. Changed ownership with chown -R apache.apcahe apps/* 
It worked now and user_
ldap updated to 15.0
enabled LDAP_Integration (now checked login working fine)