PiHole DNS not Responding, disk full

The Internet seemed unreachable at my house. After checking with the provider I determined it was due to my pihole being down.

Logging into the dashboard of my pihole showed "Lost Connection to API". This indicated an issue with the pihole-FTL service.

After logging in the Unify CloudKey where I installed pihole I used df -h to determined that the disk was full

root@UniFi-CloudKey:~# df -h Filesystem Size Used Avail Use% Mounted on aufs-root 2.9G 2.9G 0 100% / udev 10M 0 10M 0% /dev

It was due to 3 things:

apt cache at "/var/cache/apt/archives"

CloudKey backups at "/data/autobackup"

pihole-FTL database at "/etc/pihole/pihole-FTL.db"

You can cleanup the first using "apt-get autoclean". For the second, you can manually delete some of the old backups but perhaps you should set a better backup policy in your CloudKey.

The third one accumulates all the queries ever done against your pihole (18M in the past 2 years for me) unless you set something like MAXDBDAYS=90 in /etc/pihole/pihole-FTL.conf. Mine was 1.4GB.

You can stop the pihole-FTL with "service pihole-FTL stop", delete the file, and restart it, if you want. Or perform a more surgical cleaning directly deleting old entries from the database before restarting it.

I though I knew computer networking pretty well.

I’ve been fighting our for over a week.

The cable modem was dying, and was replaced.

But another culprit is our Ubiquiti CloudKey generation 2. Plug it in, and everything runs, it’s the brains of the network. If it isn’t running, nothing else does either.

It’s been doing the latter quite often lately.

So I got an RMA to send it back. But before they emailed me the RMA form, they sent another that they had received my old unit. The one I was still factory resetting.

It’s now in a box with a shipping label, awaiting the mail delivery tomorrow.

And Ubiquiti has already sent out a replacement. They are in Utah, I am in North Carolina.

Then my smart watch popped up a message that my CloudKey G2 had added new devices. This is the one unplugged, in a box, on the table.

Thinking I was just noticing an old message, I opened the network app, and there it is!

This is truly magic.

Top Hotel Management ERP Software Options in Bangladesh

Introduction:As the hospitality industry in Bangladesh continues to flourish, the need for efficient and effective hotel management systems has never been greater. Enter Hotel Management ERP (Enterprise Resource Planning) software—a comprehensive solution designed to streamline operations, enhance guest experiences, and drive business growth. In this post, we will explore some of the best hotel management ERP software options available in Bangladesh and highlight their key features and benefits.

Top Hotel Management ERP Software Options in Bangladesh Top hotel management ERP software options in Bangladesh streamline operations, enhance guest experiences, and improve overall efficiency. Leading choices include InnQuest's roomMaster, Oracle Hospitality, eZee FrontDesk, and Hotelogix. These platforms offer features like reservation management, billing, housekeeping, and reporting, tailored to meet the needs of the Bangladeshi hospitality industry.

Why Hotel Management ERP Software?

Hotel Management ERP software integrates various functions such as front desk operations, reservations, housekeeping, maintenance, billing, and customer relationship management (CRM) into a single platform. This integration ensures seamless communication between departments, reduces manual errors, and enhances overall operational efficiency. Here are some of the top benefits:

Improved Efficiency: Automates routine tasks and processes, freeing up staff to focus on delivering exceptional guest experiences.

Real-Time Data Access: Provides real-time insights into hotel operations, enabling better decision-making and strategic planning.

Enhanced Guest Experience: Facilitates personalized services and faster response times, boosting guest satisfaction and loyalty.

Cost Savings: Reduces operational costs through better resource management and minimization of errors.

Scalability: Easily adapts to the growing needs of the business, whether you manage a single property or a chain of hotels.

Top Hotel Management ERP Software in Bangladesh

HotezaKey Features:

1.Comprehensive Property Management: Manages reservations, check-ins, and check-outs seamlessly.

2.Guest Engagement: Offers tools for better guest communication and service personalization.

3.Data Analytics: Provides detailed reports and analytics for informed decision-making.

4.Mobile Accessibility: Allows access to the system from mobile devices, enhancing flexibility.

Why Choose Hoteza? Hoteza stands out for its user-friendly interface and extensive functionality. It caters to the unique needs of the Bangladeshi hospitality market, making it a preferred choice for many hotels.

Oracle Hospitality OPERA CloudKey Features:

1.Cloud-Based Solution: Ensures data security and accessibility from anywhere.

2.Integrated Systems: Combines front desk, sales, and marketing functions in one platform.

3.Scalability: Ideal for both small hotels and large chains.

4.Advanced Reporting: Offers comprehensive reporting tools for performance analysis.

Why Choose OPERA Cloud? As a global leader in hospitality solutions, Oracle’s OPERA Cloud offers a robust and scalable solution. Its cloud-based nature ensures that hotels in Bangladesh can stay ahead with the latest technological advancements.

ProtelKey Features:

1.Customizable Interface: Tailored to meet the specific needs of different hotels.

2.Channel Management: Synchronizes with online booking platforms to prevent overbookings.

3.Housekeeping Management: Streamlines housekeeping operations and maintenance requests.

4.Guest CRM: Enhances guest relationship management with detailed profiles and preferences.

Why Choose Protel? Protel is known for its flexibility and customization options. It’s a great fit for hotels looking for a solution that can be tailored to their unique operational needs.

eZee Absolute

Key Features:

1.Centralized Management: Manages multiple properties from a single dashboard.

2.Direct Booking Engine: Integrates with the hotel’s website for direct bookings.

3.24/7 Support: Provides round-the-clock customer support.

4.Third-Party Integrations: Compatible with numerous third-party applications for enhanced functionality.

Why Choose eZee Absolute? eZee Absolute is praised for its comprehensive feature set and excellent customer support. It’s particularly beneficial for hotels aiming to increase direct bookings and improve operational efficiency.

Conclusion

Choosing the right Hotel Management ERP software is crucial for the success of any hotel in Bangladesh. Each of the options mentioned above offers unique features and benefits that cater to different needs and preferences. By investing in a robust ERP solution, hotels can not only streamline their operations but also enhance guest experiences, leading to increased satisfaction and business growth.

Restart Unifi CloudKey Gen 2 PoE from switch SSH command line

I have a Cloud Key Gen 2 that has been replaced twice and is now acting up a third time. Anyway, I needed to reboot it remotely as the drive is a 2 hour trip to this particular Cloud Key. If you have SSH enabled, log in to your switch and, with proper documentation, find the port number that you need to reboot and run this command: swctrl poe restart id [port number] Example: swctrl poe restart…

View On WordPress

The Big Six: Zoe Hines x XAV. / Carolin Koss x Samuel Aalto / Justinus x Cloudkey / CM Ceez / Dear Laura / ECHLO

The Big Six: Every day we select tracks that definitely deserve more attention than Justin Bieber. Today's tracks feature: Zoe Hines x XAV. / Carolin Koss x Samuel Aalto / Justinus x Cloudkey / CM Ceez / Dear Laura / ECHLO

The Big Six: The following tracks are a selection of those submitted to Keep Walking Music that definitely deserve more attention than Justin Bieber! Zoe Hines x XAV. – NEVER FALL IN LOVELocation: United StatesRelease date: Dec 08, 2022 Carolin Koss x Samuel Aalto – Awaking DragonsLocation: Germany x FinlandRelease date: Dec 15, 2022 Justinus x Cloudkey – Needed NowhereLocation:…

View On WordPress

A NetDom tem instalado Hotspot usando as soluções da Ubiquiti. Vários clientes, em sua grande maioria, clínicas, hospitais, lojas e academias já oferecem aos seus clientes o acesso wifi com uma contrapartida. Para acessar a internet seus visitantes precisarão efetuar um cadastro para navegar. O que você ganha em oferecer o hotspot aos seus clientes? banco de dados dos visitantes, compartilhamento no facebook, relatórios de uso, propaganda no dispositivo, proteção marco civil, limite de tempo e velocidade, e muito mais. Conheça nossa solução e veja funcionando em alguns clientes. Use a tecnologia a seu favor. NetDom has installed Hotspot using Ubiquiti solutions. Several customers in the vast majority, clinics, hospitals, shops and gyms already offer their clients wifi access with a counterpart. To access the internet your visitors will need to register to navigate. What do you get at offering the hotspot to your customers? visitors database, facebook sharing, usage reports, device advertising, civil landmark protection, time and speed limits, and more. Get to know our solution and see it working for some customers. Use technology to your advantage. #netdom #hotspot #ubiquiti #unifi #cloudkey #mikrotik #facebook https://www.instagram.com/p/Bs4oxkrAMsi/?utm_source=ig_tumblr_share&igshid=6aplpkq5t5cn

Modern Hero—Week Eight Report

Modern Hero—Week Eight Report

Welcome back to Modern Hero, the column where I take a budget list and slowly tweak it over time, spending $20 a week on new additions, and record the results in MTGO Leagues. If you aren’t up to date, feel free to hit the archives— Deciding on a Deck GB Elves Week One GB Elves Week Two GB Elves Week Three GB Elves Week Four GB Elves Week Five GB Elves Week Six GB Elves Week Seven This week I…

View On WordPress

Installing Pi-Hole on CloudKey v1.1.19 (Debian 8 Jessie)

The Unifi CloudKey v1.1.19 runs Debian 8 (jessie) which reached the end of life in December 2020 so Pi-Hole's installer does not run out of the box. As of Pihole v5.3.1 you can install it using some packages from Debian 9 (Stretch) to fix some dependencies.

1. Update the CloudKey to the latest firmware and controller

Right now those are v1.1.19 for the CloudKey and v6.1.71 for the Cloud Controller. I performed it with ssh [email protected] and then running apt update; apt upgrade but you can do it via the web interface.

2. Add necessary packages from Debian 9 (Stretch)

Fetch (wget) and install (dpkg -i) the following packages

http://ftp.us.debian.org/debian/pool/main/s/sqlite3/libsqlite3-0_3.16.2-5+deb9u1_armhf.deb

http://ftp.us.debian.org/debian/pool/main/n/ncurses/libtinfo5_6.0+20161126-1+deb9u2_armhf.deb

http://ftp.us.debian.org/debian/pool/main/r/readline/libreadline7_7.0-3_armhf.deb

http://ftp.us.debian.org/debian/pool/main/s/sqlite3/sqlite3_3.16.2-5+deb9u1_armhf.deb

http://ftp.us.debian.org/debian/pool/main/n/ncurses/libncurses5_6.0+20161126-1+deb9u2_armhf.deb

http://ftp.us.debian.org/debian/pool/main/n/ncurses/libncursesw5_6.0+20161126-1+deb9u2_armhf.deb

3. Fetch the script and remove dependency on php5-xml

Fetch (wget) the install script in /tmp

wget -O basic-install.sh https://install.pi-hole.net

then manually edit basic-install.sh (e.g., via vim) removing the reference to "${phpVer}-xml".

4. Install without OS checks

Since Debian 8 is not supported you need to run the installer with

PIHOLE_SKIP_OS_CHECK=true ./basic-install.sh

and remember to select eth0 and not eth0p.

5. Stop and Disable DNS daemon

You need to run

systemctl stop systemd-resolved systemctl disable systemd-resolved

to stop and disable the current DNS daemon, then use

systemctl restart pihole-FTL

to start the one embedded with pihole.

6. Switch LigHTTPd to port 81

Edit the configuration file with vim /etc/lighttpd/lighttpd.conf, look and change the port number, save (:x) and then restart

systemctl restart lighttpd

7. Reset or clear the login password

The password should be shown during install but I have never saw it. You can change or reset it with pihole -a -p.

Ubiquiti UniFi CloudKey Gen2 Plus (UCK-G2-PLUS)

Ubiquiti UniFi CloudKey Gen2 Plus (UCK-G2-PLUS)

Описание Ubiquiti UniFi CloudKey Gen2 Plus (UCK-G2-PLUS) При обновлении портативного сервера программного обеспечения UniFi Cloud Key компания Ubiquiti выпустила сразу два устройства UniFi Cloud Key Gen2 и расширенную версию UniFi Cloud Key Gen2 Plus. Основное различие между устройствами — это наличие в версии Plus встроенного жесткого диска объемом 1 ТБ (при желании пользователь может увеличить…

View On WordPress

برنامج CloudKey للتخزين الإحتياطي

بدء التحميل

CloudKey هي نسخة احتياطية سهلة الاستخدام على السحابة * لأجهزة التخزين المحمولة.

البرنامج

برنامج CloudKey

ترخيص البرنامج

مجاني

التصنيف

برامج ويندوز

نظام التشغيل له

ويندوز

أنظمة التشغيل الأخرى

لا يوجد

هذا الأصدار

8.2.12.0 حجم البرنامج 2.57 ميجا بايت

لينك التحميل

تحميل

هذا الأصدار

8.2.12.0

مطور البرنامج

https://www.clevx.com

شرح برنامج CloudKey:

يتم دعم أنواع عديدة من الأجهزة، بما في ذلك محركات أقراص فلاش، والأقراص الصلبة / SSD، وما إلى ذلك.

صور برنامج CloudKey:

#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 25%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

مميزات برنامج CloudKey:

لم يعد لديك ما يدعو للقلق بشأن فقدان بياناتك أثناء التنقل، فقط قم بتوصيل محرك الأقراص الخاص بك وسيقوم التطبيق بنسخه احتياطيًا إلى السحابة الخاصة بك خدمة الاختيار.

يسهّل استخدام تطبيق أمان مثل هذا البرنامج كإجراء نسخ احتياطي لمحركات أقراص USB والأجهزة المحمولة الأخرى على خدمة التخزين السحابي الخاصة بك. بعد التثبيت الأولي على محرك أقراص USB الخاص بك، سيتم تشغيل البرنامج تلقائيًا في كل مرة تقوم فيها بتوصيل محرك الأقراص بكمبيوتر متصل بالإنترنت، مع الاحتفاظ بنسخة احتياطية من محرك الأقراص المحمول في مجلد على خدمة التخزين السحابي المفضلة لديك. عندما تضيف عنصرًا جديدًا إلى محرك أقراص USB الخاص بك ويكون جهاز الكمبيوتر الخاص بك متصلاً بالإنترنت، فإن البرنامج سيقوم تلقائيًا بمزامنة الملف إلى هذا المجلد.

البرنامج عبارة عن أداة نسخ احتياطي رائعة إذا كنت بحاجة إلى التأكد من أن البيانات الموجودة على وسائط التخزين المحمولة آمنة. إنه خفيف الوزن نسبيًا، ويستخدم واجهة سهلة العرض ولديه عدد من الحيل الأنيقة مثل القدرة على استبعاد ملفات ومجلدات معينة من النسخ الاحتياطية المؤتمتة.

يتم دعم كل من Dropbox و Box و Amazon Web Services و Microsoft OneDrive و Google Drive.

برنامج CloudKey

تحميل برنامج CloudKey للتخزين الإحتياطي برنامج CloudKey للتخزين الإحتياطي بدء التحميل CloudKey هي نسخة احتياطية سهلة الاستخدام على السحابة * لأجهزة التخزين المحمولة.

Unifi Install - Chiang Mai, Thailand.

Today we were lucky enough to get to install the new Gen2 Cloudkey+ from Ubiquiti. Ubiquiti offers the fastest, most solid Wifi solution here in Thailand. The new Cloudkey has a built-in battery so that it can power down the Cloudkey if there is a power outage. This prevents it from losing power during an important task, it senses when the power is cut and starts the process of a safe shut-down, preserving your settings.

This install will consist of a CloudKey to manage the Unifi interface, 2 AC-Lite’s for great WiFi coverage and 6 of Ubiquiti’s G3 CCTV cameras for security, the owner will be able to login from anywhere in the world and see what’s happening in his villa. The new Cloudkey has a battery backup.

The new security system is called Unifi Protect, the Cloudkey+ features a 1Tb hard disk to store video and allows the owner remote access from anywhere in the world.

Most of our Smart Home installs now feature Ubiquiti Wifi, for the owner it means they will have the fastest Wifi experience possible in Thailand, for us it allows easy setup of all networking or network connected equipment so we can at a glance see exactly what’s happening, name and catalogue devices and administer it remotely.

This house features a Control4 Smart Home system so it’s important that the network is solid, although the Control4 keypads are Zigbee the brains of the Control4 system are all IP Networking so it’s fundamental to have a rock solid network infrastructure as the backbone.

October 2018 Newsletter

Read The Original Newsletter

New Products

Dual Band 6/8 dBi Omni

5GHz/2.4GHz Dual Band OMNI Antenna with N-Connector. Perfect for Ubiquiti Bullets.

Features:

Suitable for 2.4-2.5GHz and/or 5.1-5.9GHz Bands

Connects directly to Ubiquiti Bullets

Superior Performance

Light weight

Clean simple design

Can be installed for vertical polarisation

Outdoor IP66 waterproof rating

Supplied with 2 x UV treated cable ties

Specifications:

Frequency Range 2.4-2.5GHz and/or 5.1-5.9GHz

Return Loss – ≧-14db

Gain 2.4GHz – 6dBi

Gain 5GHz – 8dBi

Polarization – Vertical

Maximum Power – 50W

Horizontal Beamwidth – 360 degrees

Impedance – 50Ω

Connector – N-type Female

Radome Material – White Fiberglass

Operating Temperature－40℃ to ＋80℃

Measurements:

Length – 285mm

Diameter – 20mm

Weight – 95g

These antennas are extremely versatile. These will fit:

BulletM2/BM2-Ti – This antenna will provide 6 dBi of gain.

BulletM5 – This antenna will provide 8 dBi of gain.

Bullet AC – This antenna will provide 6 dBi of gain on the 2.4 GHz channel, and 8 dBi of gain on the 5GHz channel.

These antennas are in stock now, ideal for all Ubiquiti Bullet installations. Check pricing and availability here.

12dBi Omni antenna

12dBi omni-directional antenna highly enlarges the wireless coverage

Features

2.4 GHz band

N-type female connector, compatible with Ubiquiti Bullets

Weather proof design, suitable for all weather conditions

Provided mounting kits enable easy installation for various environments

This antenna will fit the BulletM2/BM2-Ti – This antenna will provide 12 dBi of gain.

These antennas are in stock now, ideal for all Ubiquiti BulletM2 installations. Check pricing and availability here.

Why buy through us?

Here at UBWH Australia, we have been working hard to improve our service offering to you, our customers. In doing so, we are excited to highlight a few of our advantages:

1. Authorised Ubiquiti RMA Centre for Australia.We have worked closely with Ubiquiti USA to set this up. When you lodge warranties with us and send the faulty item back, we send you a new one from our stock. No more lengthy turn around times. View the new RMA form here.

2. Reseller Discount Program. We’re always looking at ways to reward our customers. For approved applicants we have introduced a number of initiatives, including reduced pricing and free returns, to improve your margins and make it easier for you to deal with us. Contact Us with your business information for details.

3. Same Day Dispatch. Our new warehouse will dispatch orders the same day in 98% of cases, for orders paid before 12.30pm AEST and shipped by Australia Post. Occasionally, large orders will cause a delay until the next business day.

If critical, please contact us prior to ordering. We will update you on the days proceedings and will endeavor to have your paid order dispatched same day.

4. Extended Warranties on everything we sell.Optional 2 and 3 year warranties are in addition to the normal Manufacturer’s Warranty, plus the Consumer Guarantee required by Australian Consumer Law (ACL) for all Australian Consumers, at a small cost. These can be selected during the checkout process at http://ubwh.com.au

Stories Of The Month

Unifi G3 Camera – View of a Major Australian Desert Bushfire

View the footage of a bushfire and surrounds recorded by this users UVC-G3.

Full story…

View the Ubiquiti Video Camera pricing and availability here….

Marina/RV Park Installation

Here is a google earth shot of the plan. Prismstation+90degree horn antenna to feed 7 isostations, that will feed the Mesh Pros. It would have been nice to spread them out more evenly, but these poles specifically had power on them already.

Full story…

View the Prism Station pricing and availability here….

Hint: How to Ground an airFiber Properly

This article describes the correct grounding and surge protection of your airFibers.

View the full process here.

Online Training

The UniFi Course has been upgraded and is now based on Version 5 of the Controller and runs on a CloudKey.

In a world’s first, Online training (developed in Australia) is now available for the Ubiquiti products shown.

You benefit  in a number of ways:

Cheaper – than attending a formal 2-day course in a classroom environment.

Faster – no need to wait until the next classroom course is scheduled nearby.

More convenient – the self-paced courses can be scheduled around other demanding work.

More practical – the Ubiquiti classroom courses are great for students needing to delve deep into theory such as Radio Waves, Antenna design, TDMA protocols, Link-Budgets, UniFi-WiFi site surveys, etc. But in many cases, students just want to know how to setup some very common scenarios. These Installer courses are targeted with less theory and more practice.

The way each course works is … each student:

signs up and receives by email a set of detailed course notes. These can be kept as a reference document for use later on-the-job.

is allocated real test hardware for 7 days. This is hardware the student gets to configure (over the Internet).

passes an online quiz for each module. When all module quizzes have been passed, the student gets emailed a Certificate of Completion.

More …

[Something non political] If any of you ever need to work with Ubiquity Unifi devices and they don't want to be adopted. Hey folks, as per my periodic need to get stuff out there that may help other tech/non tech folk who dabble in IT, I have some pointers for those who work with Unifi devices."What are Unifi devices?"Glad you asked. You know those saucer looking access points with the green ring-light in the middle? Those are Unifi Access Points.HERE IS AN EXAMPLENow Unifi devices include various switches and the Unifi Gateway (I HATE THOSE THINGS) and other fancy access points and phones even.The problem with this whole setup is that you need to manage them via some form of Unifi Controller, either via software downloadable for free, or by what is known as a Unifi Cloud Key.Now centrally managing stuff from one unified (yes they did) interface is good in theory, but you are often dealing with adding switches and stuff to complex networks, and this is where the model breaks down.You see, Unifi devices all have a default IP on the 192.168.1.0/24 network (for instance the cloudkey is 192.168.1.30) and you have no web interface to manage devices. You have to adopt them from the cloud key. They do support DHCP out the box, so if your network is on 10.0.0.0/24 for instance, the devices will climb onto that network.The problem comes in with the client devices trying to adopt to the unifi controller. You see, in the Unifi device the device is trying to connect to http://ubnt:8080/notify, and if your network does not tell the device where the dns name "ubnt" lives, the device simply will not be adopted.Luckily there is a solution.If you ever run into this problem, you can ssh into the device directly, if it has not been previously adopted you can ssh in like so:

ssh [email protected]

(or whatever the device IP is for your particular product) The default password is: ubntOnce logged into the router, switch or access point, you can now do:

sudo /bin/sh

to drop to a root shell and then edit /etc/hosts

vi /etc/hosts

From there it is a simple case of taking your cloud controller (or your device that has the controller software installed) and adding it to the host file like so:

127.0.0.1 localhost 192.168.0.2 ubnt

(here 192.168.0.2 is a hypothetical cloudkey or controller software IP). Once done, save the file (I just do :wq) and then the next time the device tries to connect to http://ubnt:8080/inform it will be recognized by your controller and you can adopt it.Devices that are prone to struggling with this are the Unifi Switches. Those effing things just refuse to climb onto complex networks, and I have had to force them to connect to cloudkeys in order to get them to work.You may also in some cases need to add the IP addresses you want the devices to use which are on the same subnet as your controller.

ip ad ad 192.168.0.3/24 dev eth0

should do the trick, and then you are a for away. Unifi switches have a need for some manual IP setting from time to time before they will adopt.Hope this helps a saffer tech somewhere.Cheers folks, your normal political programming will follow shortly... Submitted August 10, 2017 at 03:52PM by quintinza via reddit http://ift.tt/2usUnhL

Fix MongoDB Issues on Unifi CloudKey Gen 1

Today I had to restart several times my network hardware due to some issues with the cable provider (COX) which they did not want to admit. When it was all finally resolved (by them!) I discovered I could not login anymore on my Cloud Key nor my Gateway Controller.

I could connect to 192.168.1.2 where I was welcomed with the usual 2 buttons to login in either interface but they did not work right. In some occasions I was able to login in the Cloud Key, but it would say that unifi was stopped. In other occasions, I would receive a blank screen trying to login in the Cloud Key panel. I was never able to login in the Controller.

Luckily I could still SSH into the Cloud Key and using the username/password above (ubtn/...) I was given root access.

After much tribulation, perusing /srv/unifi/logs/server.log I noticed some issues with MongoDB that prevented starting the unifi process

... [2021-05-04T23:56:57,008] <db-server> INFO db - Tue May 4 23:56:56.998 [initandlisten] recover skipping application of section more... [2021-05-04T23:56:57,051] <db-server> INFO db - Tue May 4 23:56:57.051 [initandlisten] recover /usr/lib/unifi/data/db/journal/j._74 [2021-05-04T23:56:57,083] <db-server> INFO db - Tue May 4 23:56:57.083 [initandlisten] couldn't uncompress journal section [2021-05-04T23:56:57,084] <db-server> INFO db - Tue May 4 23:56:57.083 [initandlisten] Assertion: 15874:couldn't uncompress journal section [2021-05-04T23:56:57,084] <db-server> INFO db - 0x48e13c 0x46f83a 0x45d190 0x27efdc 0x27f15e 0x27f4d4 0x27f718 0x27fe04 0x2800ba 0x273402 0x1681 b0 0x1699dc 0x15004c 0x7678e632 [2021-05-04T23:56:57,097] <db-server> INFO db - bin/mongod(_ZN5mongo15printStackTraceERSo+0x17) [0x48e13c] [2021-05-04T23:56:57,097] <db-server> INFO db - bin/mongod(_ZN5mongo10logContextEPKc+0xa9) [0x46f83a] [2021-05-04T23:56:57,098] <db-server> INFO db - bin/mongod(_ZN5mongo11msgassertedEiPKc+0x67) [0x45d190] [2021-05-04T23:56:57,098] <db-server> INFO db - bin/mongod(_ZN5mongo3dur11RecoveryJob14processSectionEPKNS0_11JSectHeaderEPKvjPKNS0_11JSectFoot erE+0x613) [0x27efdc] [2021-05-04T23:56:57,099] <db-server> INFO db - bin/mongod(_ZN5mongo3dur11RecoveryJob17processFileBufferEPKvj+0xe9) [0x27f15e] [2021-05-04T23:56:57,099] <db-server> INFO db - bin/mongod(_ZN5mongo3dur11RecoveryJob11processFileEN5boost10filesystem4pathE+0x7f) [0x27f4d4] [2021-05-04T23:56:57,099] <db-server> INFO db - bin/mongod(_ZN5mongo3dur11RecoveryJob2goERSt6vectorIN5boost10filesystem4pathESaIS5_EE+0xcf) [0x 27f718] [2021-05-04T23:56:57,100] <db-server> INFO db - bin/mongod(_ZN5mongo3dur8_recoverEv+0x4e3) [0x27fe04] [2021-05-04T23:56:57,100] <db-server> INFO db - bin/mongod(_ZN5mongo3dur7recoverEv+0x15) [0x2800ba] [2021-05-04T23:56:57,101] <db-server> INFO db - bin/mongod(_ZN5mongo3dur7startupEv+0x25) [0x273402] [2021-05-04T23:56:57,101] <db-server> INFO db - bin/mongod(_ZN5mongo14_initAndListenEi+0x67f) [0x1681b0] [2021-05-04T23:56:57,101] <db-server> INFO db - bin/mongod(_ZN5mongo13initAndListenEi+0xb) [0x1699dc] [2021-05-04T23:56:57,102] <db-server> INFO db - bin/mongod(main+0x1d3) [0x15004c] [2021-05-04T23:56:57,102] <db-server> INFO db - /lib/arm-linux-gnueabihf/libc.so.6(__libc_start_main+0x99) [0x7678e632] [2021-05-04T23:56:57,105] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] dbexception during recovery: 15874 couldn't uncompress journal section [2021-05-04T23:56:57,105] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] exception in initAndListen: 15874 couldn't uncompress journal section, terminating [2021-05-04T23:56:57,106] <db-server> INFO db - Tue May 4 23:56:57.105 dbexit: [2021-05-04T23:56:57,106] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: going to close listening sockets... [2021-05-04T23:56:57,107] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: going to flush diaglog... [2021-05-04T23:56:57,107] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: going to close sockets... [2021-05-04T23:56:57,107] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: waiting for fs preallocator... [2021-05-04T23:56:57,108] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: lock for final commit... [2021-05-04T23:56:57,108] <db-server> INFO db - Tue May 4 23:56:57.105 [initandlisten] shutdown: final commit... [2021-05-04T23:56:57,152] <db-server> INFO db - Tue May 4 23:56:57.150 [initandlisten] shutdown: closing all files... [2021-05-04T23:56:57,153] <db-server> INFO db - Tue May 4 23:56:57.151 [initandlisten] closeAllFiles() finished [2021-05-04T23:56:57,153] <db-server> INFO db - Tue May 4 23:56:57.151 [initandlisten] shutdown: removing fs lock... [2021-05-04T23:56:57,153] <db-server> INFO db - Tue May 4 23:56:57.152 dbexit: really exiting now [2021-05-04T23:56:57,169] <db-server> INFO db - DbServer stopped ...

My guess is that the many restart corrupted one of the journal files (/usr/lib/unifi/data/db/journal/j._74) and that it was unrecoverable.

To restore things, I simply deleted the file and restarted unifi with

systemctl restart unifi

It took a while (I monitored progress with tail -f /srv/unifi/logs/server.log in another window) but eventually it started it cleanly and I was again able to login both in the Cloud Key and the Gateway Controller.

Setup NAT DNS rules on UniFi Security Gateway

For the past few years I have used Steven Black's hosts files in my machine to block adware, trackers, etc. Recently I was made aware of the Pi-Hole project and want to move to that solution.

While learning more I discovered that many IoT devices (e.g., WyzeCam v3, Withings Aura, ...) have hardcoded DNS settings (e.g., 8.8.8.8) and bypass whatever values the DHCP server recommended. Who knew! But I get it, from their perspective it's one less thing to worry about.

Thankfully, I can setup NAT rules in Unifi Security Gateway (USG) to intercept all DNS requests (i.e., TCP and UDP on port 53) and reroute them wherever I want (the gateway, in my case).

There is lots of documentation and forum posts on how to do it but since it took me a couple of hours to figure things out I decided to write it down here hoping to save time to others (or myself in the future!).

IMPORTANT: CloudKey must be on separate VLAN

When I applied the approach below I had my CloudKey and laptops on the main LAN network, my IoT devices on VLAN 200, and guest devices on VLAN 300. Devices on the LAN network could not resolve domains while any on the VLANs could.

In lots of forum threads people suggest to add a "masquerading" rule to make things work. That does solve the problem but also hides the origin of the DNS request in Pi-Hole. That was not good enough for me.

After various trials and errors I discovered that simply moving my devices on a separated VLAN (and adding/adjusting the NAT rules appropriately) solved the issue. Currently, my USG and CloudKey are on LAN (192.168.1.x), laptops/phones on VLAN 100, IoT devices on VLAN 200, etc.

What you will need

You will need a few things: 1. The password of your Unifi CloudKey (e.g., ubnt/...) 2. Enable SSH access to your USG (Controller -> System Settings -> Device SSH Authentication) and set user/password 3. The list of the VLAN IDs that you want to affect (e.g., default one, 200, 300, etc) 4. The name of your site - you can find it in the URL of the Controller Dashboard after "site", it is "default" for the main/first one

Inspect Controller's Traffic

First thing to learn is how to check on the traffic going on through your router. To do that, SSH into the controller (e.g., ssh [email protected]) and then do tail -f /var/log/messages. You will see lots of messages, to isolate the DNS ones you can run

tail -f /var/log/messages | grep 'DPT=53 '

it will display things like

Dec 30 20:32:46 ubnt kernel: [LAN_LOCAL-default-A]IN=eth1.200 OUT= MAC=cc:ee:dd:77:55:aa:55:55:33:ff:77:88:88:00:55:00:00:45 SRC=192.168.5.93 DST=8.8.8.8 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=51477 DF PROTO=TCP SPT=65371 DPT=53 WINDOW=32768 RES=0x00 SYN URGP=0

in the case above, the interface is eth1 the VLAN ID is 200, the request was made by 192.168.5.93 and it was directed to 8.8.8.8 (instead of the local 192.168.5.1).

Add the configuration in the CloudKey

Now SSH into the CloudKey (e.g., ssh [email protected]) and go edit the config.gateway.json file. The right one to edit is located at /srv/unifi/data/sites/<sitename> where <sitename> will be default for the main site created.

You can use vim config.gateway.json to edit/add the file if it does not exist. Remember to execute chwon unifi:unifi config.gateway.json after editing and saving it.

Here is what to add to redirect all "foreign" DNS requests on eth1.200 (network eth1, vlan 200) to the internal DNS server (192.168.5.1)

{ "service": { "nat": { "rule": { "1": { "description": "Redirect all DNS requests to 192.168.5.1", "destination": { "address": "!192.168.5.1", "port": "53" }, "inbound-interface": "eth1.200", "inside-address": { "address": "192.168.5.1", "port": "53" }, "protocol": "tcp_udp", "type": "destination", "log": "enable" } } } } }

Once you saved it (vim key :x), go in the Controller Dashboard, click on Devices -> USG -> Config -> Manage Device -> Provision to force the configuration to be propagated.

Check if it worked

To check if the configuration has been applied, SSH back into the USG and launch the following commands

configure show service nat

If your rule(s) show there, congratulations, they have been propagated correctly!

To see if they are applied, monitor for NAT- messages in the logs with tail -f /var/log/messages | grep 'NAT-'. To force it to happen, go on your computer and try to lookup some domain using a specified DNS, e.g.,

dig google.com @8.8.8.8

it should trigger the rule, e.g.,

Dec 30 20:34:16 ubnt kernel: [NAT-2-DNAT] IN=eth1.200 OUT= MAC=cc:ee:dd:77:55:aa:55:55:33:ff:77:88:88:00:55:00:00:45 SRC=192.168.5.93 DST=8.8.8.8 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=51516 DF PROTO=TCP SPT=65362 DPT=53 WINDOW=32768 RES=0x00 SYN URGP=0

and it should be followed by an appropriate network connection, e.g.,

Dec 30 20:34:16 ubnt kernel: [LAN_LOCAL-default-A]IN=eth1.200 OUT= MAC=cc:ee:dd:77:55:aa:55:55:33:ff:77:88:88:00:55:00:00:45 SRC=192.168.5.93 DST=192.168.5.1 LEN=74 TOS=0x00 PREC=0x00 TTL=64 ID=37206 DF PROTO=UDP SPT=46620 DPT=53 LEN=54

If you see all this, you also know they are being applied!

[Something non political] If any of you ever need to work with Ubiquity Unifi devices and they don't want to be adopted. Hey folks, as per my periodic need to get stuff out there that may help other tech/non tech folk who dabble in IT, I have some pointers for those who work with Unifi devices."What are Unifi devices?"Glad you asked. You know those saucer looking access points with the green ring-light in the middle? Those are Unifi Access Points.HERE IS AN EXAMPLENow Unifi devices include various switches and the Unifi Gateway (I HATE THOSE THINGS) and other fancy access points and phones even.The problem with this whole setup is that you need to manage them via some form of Unifi Controller, either via software downloadable for free, or by what is known as a Unifi Cloud Key.Now centrally managing stuff from one unified (yes they did) interface is good in theory, but you are often dealing with adding switches and stuff to complex networks, and this is where the model breaks down.You see, Unifi devices all have a default IP on the 192.168.1.0/24 network (for instance the cloudkey is 192.168.1.30) and you have no web interface to manage devices. You have to adopt them from the cloud key. They do support DHCP out the box, so if your network is on 10.0.0.0/24 for instance, the devices will climb onto that network.The problem comes in with the client devices trying to adopt to the unifi controller. You see, in the Unifi device the device is trying to connect to http://ubnt:8080/notify, and if your network does not tell the device where the dns name "ubnt" lives, the device simply will not be adopted.Luckily there is a solution.If you ever run into this problem, you can ssh into the device directly, if it has not been previously adopted you can ssh in like so:ssh [email protected] (or whatever the device IP is for your particular product) The default password is: ubntOnce logged into the router, switch or access point, you can now do:sudo /bin/sh to drop to a root shell and then edit /etc/hostsvi /etc/hosts From there it is a simple case of taking your cloud controller (or your device that has the controller software installed) and adding it to the host file like so:127.0.0.1 localhost 192.168.0.2 ubnt (here 192.168.0.2 is a hypothetical cloudkey or controller software IP). Once done, save the file (I just do :wq) and then the next time the device tries to connect to http://ubnt:8080/inform it will be recognized by your controller and you can adopt it.Devices that are prone to struggling with this are the Unifi Switches. Those effing things just refuse to climb onto complex networks, and I have had to force them to connect to cloudkeys in order to get them to work.You may also in some cases need to add the IP addresses you want the devices to use which are on the same subnet as your controller.ip ad ad 192.168.0.3/24 dev eth0 should do the trick, and then you are a for away. Unifi switches have a need for some manual IP setting from time to time before they will adopt.Hope this helps a saffer tech somewhere.Cheers folks, your normal political programming will follow shortly... Submitted August 10, 2017 at 03:52PM by quintinza via reddit http://ift.tt/2usUnhL http://ift.tt/2vtx8p7