[10:11] <michele> I'm using needrestart with the configuration "automatically restart daemons". However, my logs say: Services to be restarted:
[10:11] <michele>  systemctl restart nginx.service
[10:11] <michele> Even though it does not restart nginx.
[10:11] <michele> How can I understand why?
[13:28] <punkgeek> Hello, I want to forward l2tp connection from a middle server (like tunnel), i'm using the following iptables command but it doesn't work, any suggestion?
[13:28] <punkgeek> sudo sysctl net.ipv4.ip_forward=1
[13:28] <punkgeek> iptables -t nat -A POSTROUTING -p udp --match multiport --sports  1701,500,4500,50 -j MASQUERADE 
[13:28] <punkgeek> iptables -t nat -A PREROUTING -p udp --match multiport --sports  1701,500,4500,50 -j DNAT --to-destination #ip
[14:21] <sdeziel> punkgeek: did you intend to use *source* ports? I'm not sure why you handle UDP ports 50, 500 and 4500? Feels like some confusion with IPsec/IKE
[14:23] <punkgeek> sdeziel: What do you mean about source ports? as I understand, l2tp use 1701 port
[14:23] <sdeziel> punkgeek: `--sports` tells IPtables to match on source port numbers
[14:24] <sdeziel> and it's more common to match on destination ports `--dports`
[14:24] <sdeziel> because the source ports can be rewritten by say NAT/masquerading
[14:27] <sdeziel> punkgeek: could you elaborate on what you want to do? The big picture.
[14:28] <punkgeek> sdeziel: yes sorry, I wrote the mistake command in here. I'm using dports but it didn't work and here is the tcpdump output:
[14:28] <punkgeek> IP #My_IP.33807 > #middle_server.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() FIRM_VER(1680) *HOST_NAME(Alireza-LP) VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(34711) *RECV_WIN_SIZE(8)
[14:28] <punkgeek> IP #My_IP.33807 > #VPN_server.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() FIRM_VER(1680) *HOST_NAME(Alireza-LP) VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(34711) *RECV_WIN_SIZE(8)
[14:28] <punkgeek> IP #My_IP.33807 > #middle_server.1701:  l2tp:[TLS](0/0)Ns=1,Nr=0 *MSGTYPE(StopCCN) *ASSND_TUN_ID(34711) *RESULT_CODE(1/0 Server closing)
[14:29] <punkgeek> IP #My_IP.33807 > #VPN_server.1701:  l2tp:[TLS](0/0)Ns=1,Nr=0 *MSGTYPE(StopCCN) *ASSND_TUN_ID(34711) *RESULT_CODE(1/0 Server closing)
[14:30] <punkgeek> sdeziel: I want to connect to an l2tp server outside of our country but because of Iranian government censorship, it is blocked. So i want to use a tunnel server
[14:31] <sdeziel> punkgeek: are you using IPsec/L2TP?
[14:32] <punkgeek> sdeziel: yes, without preshared key
[14:32] <sdeziel> punkgeek: are you connecting to a VPN provider or a box you've setup yourself?
[14:34] <punkgeek> sdeziel: it is my vpn server. I can access it from outside of country but my friends are not able from inside.
[14:36] <sdeziel> punkgeek: I would suggest you look at wireguard or if you insist/need to use IPsec, use IKEv2 which let go of the overly complex IPsec/L2TP combo 
[18:11] <baldpope> I recently installed landscape server on-permise, however I'm seeing errors when inviting other admins via email, but I saw no way to configure an smtp server in landscape, I'd assume it's just using the on box ssmtp.conf / client?
[18:28] <znf> the hell is landscape
[18:29] <znf> Oh, I see
[18:30] <znf> meh. 10 machines free, rest $$
[18:34] <baldpope> yea just wanted to check it out
[18:34] <baldpope> can do some of the same things with ansible, but having a dashboard is nice