[SOLVED] NCP on Pi4: Forbidden: You don’t have permission to access this resource & random power off

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
1

My System:

  • Raspi4 4GB
  • NCP .img 11-27-2020 (arm64)
  • Boot from SSD (no microSD) like this

The problem/issue:

  • NCP regularly locks me out

WEB UI:

  • Forbidden You don’t have permission to access this resource.

Screenshot 2021-01-20 at 09.48.26
or

  • Forbidden You don’t have permission to access this resource.Server unable to read htaccess file, denying access to be safe.

Screenshot 2021-01-20 at 09.43.52
Screenshot 2021-01-20 at 09.43.521476×414 12.6 KB

SSH access:

ssh_exchange_identification: read: Connection reset by peer

ssh error access

To regain access, I simply unplug the Pi and plug it back in. But as the Pi is not in my house, I always have to ask my friend to do it, which is not exactly nice.

Anyone has an idea what the problem could be and if there is something I can do about it?

2

Bad power source, cable or corrupt drive.
Check dmesg or syslog.

1 Like
3

I’ll go for that first, as I use not the original power cable.

4

Finally, time for an update.
The original power adapter did not do the job.

I still need to do that… lazy me


I was having these issues since I made a new installation and loaded it from a backup. As there were still some devices that had old login credentials, I logged out of all accounts on phones and computers and purged the login section in Settings>Security>Logins
Then logged in again.

It’s now the third day without error. Time will tell if I solved it. I’ll post any findings, hope it helps others.

5

Nope, this did not solve it.

3 Days ago (10 after the post above) I closed the ports 443 and 80 and access the NC over IP using Wireguard.
This is the longest period I was able to go without being locked out on my NCP in a very long time.

So no such output when trying to connect.

HOWEVER, I have to wait a few more days to make sure that this is really not the case anymore.

I also had a look at dmesg finally… (dmesg -T)

Oddly it does not show any entries older than one day. (Is that normal?)
Even more puzzling is the **UFW BLOCK** warning I get. Here is a brief selection >> privatebin.net

Summary 
[Sat Mar 27 18:25:19 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=18752 DF PROTO=2 
[Sat Mar 27 18:27:24 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=24997 DF PROTO=2 
[Sat Mar 27 18:27:54 2021] [UFW BLOCK] IN=eth0 OUT= MAC=02:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=04:00:00:00:00:00:00:00:00:00:00:00:00:00 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
[Sat Mar 27 18:29:03 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54954 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:20 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54972 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:20 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54972 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:21 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54978 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:21 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54978 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:21 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54978 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:29 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=33382 DF PROTO=2 
[Sat Mar 27 18:29:34 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=9.9.9.9 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=59 ID=27054 DF PROTO=TCP SPT=853 DPT=42496 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:29:34 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=9.9.9.9 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=59 ID=27055 DF PROTO=TCP SPT=853 DPT=42496 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:31:34 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=35545 DF PROTO=2 
[Sat Mar 27 18:33:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55050 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:33:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55050 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:33:07 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55058 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:33:39 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=39491 DF PROTO=2 
[Sat Mar 27 18:35:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55074 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:35:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55074 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:35:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55074 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:35:44 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=46669 DF PROTO=2 
[Sat Mar 27 18:37:49 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=57607 DF PROTO=2 
[Sat Mar 27 18:37:54 2021] [UFW BLOCK] IN=eth0 OUT= MAC=02:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=04:00:00:00:00:00:00:00:00:00:00:00:00:00 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
[Sat Mar 27 18:39:54 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=65444 DF PROTO=2 
[Sat Mar 27 18:41:59 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=5351 DF PROTO=2 
[Sat Mar 27 18:43:25 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=135.181.54.45 DST=192.168.70.20 LEN=80 TOS=0x00 PREC=0x00 TTL=57 ID=40279 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.70.20 DST=135.181.54.45 LEN=52 TOS=0x00 PREC=0x00 TTL=53 ID=61237 DF PROTO=TCP SPT=38994 DPT=443 WINDOW=8173 RES=0x00 ACK RST URGP=0 ] 
[Sat Mar 27 18:43:25 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=135.181.54.45 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=0 DF PROTO=TCP SPT=443 DPT=38992 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:43:25 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=135.181.54.45 DST=192.168.70.20 LEN=80 TOS=0x00 PREC=0x00 TTL=57 ID=40280 PROTO=ICMP TYPE=3 CODE=3 [SRC=192.168.70.20 DST=135.181.54.45 LEN=52 TOS=0x00 PREC=0x00 TTL=53 ID=5240 DF PROTO=TCP SPT=38992 DPT=443 WINDOW=8173 RES=0x00 ACK RST URGP=0 ] 
[Sat Mar 27 18:44:04 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=7153 DF PROTO=2 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55582 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55582 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55582 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55584 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55584 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:45:00 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55584 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:46:09 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=13294 DF PROTO=2 
[Sat Mar 27 18:47:02 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55660 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:47:02 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55660 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:47:02 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55660 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:47:07 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=55666 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Sat Mar 27 18:47:54 2021] [UFW BLOCK] IN=eth0 OUT= MAC=02:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=04:00:00:00:00:00:00:00:00:00:00:00:00:00 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
[Sat Mar 27 18:48:14 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=24077 DF PROTO=2 
[Sat Mar 27 18:50:19 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=27474 DF PROTO=2 
[Sat Mar 27 18:52:24 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=37891 DF PROTO=2```

(MAC & IP Address changed)

Do I understand it correct that something within my network (my Router?) attempts to connect to my Nextcloud and is being blocked by UFW (Uncomplicated Fire Wall)?
As you can see, it is quite frequent.

Could this be the reason NCP locks me out frequently?

6

Well, it might be that the UFW Blocks do not have any connection with the issue. Some seem to originate from my Fritz!box sending out multicast packets in regular intervals.
(Judging from this two ddg results: askUbuntu & unix.stackexchange).

By running:
sudo ufw deny from 192.168.70.1 to 224.0.0.1
I was able to hide at least those.

But I’m still left with a huge number of requests, see below:

output: sudo dmesg -T 
[Mon Mar 29 19:36:08 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50352 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:36:08 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50352 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:36:43 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=57310 DF PROTO=2 
[Mon Mar 29 19:38:48 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=58525 DF PROTO=2 
[Mon Mar 29 19:40:23 2021] [UFW BLOCK] IN=eth0 OUT= MAC=02:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=fe80:0000:0000:0000:7wff:rdff:f4a8:7bc0 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
[Mon Mar 29 19:40:53 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=63961 DF PROTO=2 
[Mon Mar 29 19:42:58 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=5385 DF PROTO=2 
[Mon Mar 29 19:45:03 2021] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.70.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=15422 DF PROTO=2 
[Mon Mar 29 19:50:23 2021] [UFW BLOCK] IN=eth0 OUT= MAC=02:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=fe80:0000:0000:0000:7wff:rdff:f4a8:7bc0 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=64 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=UDP SPT=53805 DPT=53805 LEN=24 
[Mon Mar 29 19:52:37 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50496 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:37 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50496 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:37 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50496 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:40 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50506 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:40 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50506 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:40 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50506 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:40 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50508 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:52:40 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50508 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:07 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=87.237.174.44 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=TCP SPT=41216 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:07 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=87.237.174.44 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=TCP SPT=41216 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:13 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.3 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=59325 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:20 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=87.237.174.44 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=TCP SPT=41230 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:20 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=87.237.174.44 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=TCP SPT=41230 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:27 2021] [UFW BLOCK] IN=eth0 OUT= MAC=03:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=87.237.174.44 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=TCP SPT=41234 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:55:32 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.3 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=59342 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
[Mon Mar 29 19:57:01 2021] [UFW BLOCK] IN=wg0 OUT= MAC= SRC=10.6.0.7 DST=192.168.70.20 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=50584 DPT=443 WINDOW=0 RES=0x00 RST URGP=0```

Strangely enough many seem to originate from my ncp. (IP= 192.168.70.20)
*all IP’s and MAC addresses randomized.

I have opened the ports 80 and 443 again and will now monitor what happens.

In the meantime, if you have any ideas, please let me know… I’m kind of running in the dark… not knowing what I’m doing.

7

Hm… Your screenshot actually looks like the webserver is blocking your connection attempts and not the firewall because if it was the firewall, you would not even see the message that you don’t have the permission to acces this ressource. Do you maybe have some geoblock config or ip-address limiting config in place for your webserver?

1 Like
8

Thank you for the reply.
That is a good point and makes totally sense… I did not think that far.

But as it is usually working 2-3 days and only then locks me out I doubt that it can be a geoblock or even a ip limiting config, or?

Could it be that my NCP is being targeted?
but I do not get any waning from fail2ban. So I’m a bit confused.

Less than one day later the Pi was powered off.

9

Since fail2ban also work by modifying firewall rules I think that it is neither fail2ban nor the firewall. Based on your second screenshot does it block your connection attempt because it cannot find the .htaccess file. So maybe the drive where the .htaccess file(s) lie on get disconnected after a while because of a faulty drive/sd-card/cable?

1 Like
10

hm… kind of what @OliverV wrote from the beginning…

Just did not want to believe it as the thing is only 1y old. I’ll start with the cable… though.

1 Like
11

…changed case and cable, still using the old SSD.

It’s been a while that the error described (Forbidden You don’t have permission to access this resource. has come up. It’s difficult to say, but I think after changing the Power Supply to a original PiPowerSupply, it was solved.

But the troubles are not over, the Pi now simply shuts down randomly.

see output:

last -x | grep shutdown | less 
shutdown system down  5.10.17-v8+      Tue Mar 30 20:40 - 01:00 (-18716+18:40)
shutdown system down  5.10.17-v8+      Tue Mar 30 17:04 - 01:00 (-18716+15:04)
shutdown system down  5.10.17-v8+      Tue Mar 30 11:05 - 01:00 (-18716+09:05)
shutdown system down  5.10.17-v8+      Mon Mar 29 20:35 - 01:00 (-18715+18:35)
shutdown system down  5.10.17-v8+      Mon Mar 29 15:48 - 01:00 (-18715+13:48)
shutdown system down  5.10.17-v8+      Mon Mar 29 09:21 - 01:00 (-18715+07:21)
shutdown system down  5.10.17-v8+      Thu Mar 25 20:48 - 01:00 (-18711+19:48)
shutdown system down  5.10.17-v8+      Wed Mar 24 21:54 - 01:00 (-18710+20:53)
shutdown system down  5.10.17-v8+      Wed Mar 24 20:29 - 01:00 (-18710+19:29)
shutdown system down  5.10.17-v8+      Mon Mar 22 00:11 - 01:00 (-18707+23:11)
shutdown system down  5.10.17-v8+      Sun Mar 21 23:23 - 01:00 (-18707+22:23)
shutdown system down  5.10.17-v8+      Sun Mar 21 15:36 - 01:00 (-18707+14:36)
shutdown system down  5.10.17-v8+      Fri Mar 19 22:17 - 01:00 (-18705+21:17)
shutdown system down  5.10.17-v8+      Sat Mar 13 20:52 - 01:00 (-18699+19:52)
shutdown system down  5.10.17-v8+      Sat Mar 13 18:08 - 01:00 (-18699+17:08)
shutdown system down  5.10.17-v8+      Thu Mar 11 08:28 - 01:00 (-18697+07:28)
shutdown system down  5.10.17-v8+      Wed Mar 10 22:43 - 01:00 (-18696+21:43)
shutdown system down  5.10.17-v8+      Tue Mar  9 10:52 - 01:00 (-18695+09:52)
shutdown system down  5.10.17-v8+      Tue Mar  9 10:47 - 01:00 (-18695+09:47)
shutdown system down  5.10.17-v8+      Sat Mar  6 23:04 - 01:00 (-18692+22:04)
shutdown system down  5.10.11-v8+      Sat Mar  6 22:48 - 01:00 (-18692+21:48)
shutdown system down  5.10.11-v8+      Tue Mar  2 20:44 - 01:00 (-18688+19:44)
shutdown system down  5.10.11-v8+      Thu Feb 25 22:37 - 01:00 (-18683+21:37)
shutdown system down  5.10.11-v8+      Tue Feb 23 07:09 - 01:00 (-18681+06:09)
shutdown system down  5.10.5-v8+       Wed Feb 10 09:10 - 01:00 (-18668+08:10)
shutdown system down  5.10.5-v8+       Sat Jan 30 22:02 - 01:00 (-18657+21:02)
shutdown system down  5.10.5-v8+       Sat Jan 16 20:54 - 01:00 (-18643+19:54)
shutdown system down  5.10.5-v8+       Fri Jan 15 21:19 - 01:00 (-18642+20:19)
shutdown system down  5.4.51-v8+       Fri Jan  8 21:01 - 01:00 (-18635+20:01)``

– what on earth is causing this?

I found this bash command: (unix.stackexchange.com
grep -iv ': starting\|kernel: .*: Power Button\|watching system buttons\|Stopped Cleaning Up\|Started Crash recovery kernel' \ > /var/log/messages /var/log/syslog /var/log/apcupsd* \ > | grep -iw 'recover[a-z]*\|power[a-z]*\|shut[a-z ]*down\|rsyslogd\|ups'

and this is what I got: 
/var/log/messages:Mar 29 00:00:07 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="464" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
/var/log/messages:Mar 29 09:21:45 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 29 09:21:45 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="452" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 29 09:21:45 nextcloudpi kernel: [    2.686483] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 29 09:21:45 nextcloudpi kernel: [   10.232072] raid6: using neon recovery algorithm
/var/log/messages:Mar 29 09:21:45 nextcloudpi udisksd[455]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 29 15:48:51 nextcloudpi kernel: [    2.687169] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 29 15:48:51 nextcloudpi kernel: [   13.500036] raid6: using neon recovery algorithm
/var/log/messages:Mar 29 15:48:51 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 29 15:48:51 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="446" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 29 15:48:52 nextcloudpi udisksd[460]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 29 20:36:11 nextcloudpi kernel: [    2.680356] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 29 20:36:11 nextcloudpi kernel: [   10.332148] raid6: using neon recovery algorithm
/var/log/messages:Mar 29 20:36:11 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 29 20:36:11 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="453" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 29 20:36:12 nextcloudpi udisksd[450]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 30 10:58:32 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="453" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
/var/log/messages:Mar 30 11:05:56 nextcloudpi kernel: [    2.680055] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 30 11:05:56 nextcloudpi kernel: [   10.160012] raid6: using neon recovery algorithm
/var/log/messages:Mar 30 11:05:56 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 30 11:05:56 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="441" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 30 11:05:57 nextcloudpi udisksd[465]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 30 17:05:09 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 30 17:05:09 nextcloudpi kernel: [    2.687048] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 30 17:05:09 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="444" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 30 17:05:09 nextcloudpi kernel: [   10.228086] raid6: using neon recovery algorithm
/var/log/messages:Mar 30 17:05:10 nextcloudpi udisksd[448]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 30 20:40:25 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 30 20:40:25 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="456" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 30 20:40:25 nextcloudpi kernel: [    1.902224] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 30 20:40:25 nextcloudpi kernel: [    9.932078] raid6: using neon recovery algorithm
/var/log/messages:Mar 30 20:40:25 nextcloudpi udisksd[461]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/messages:Mar 30 22:55:18 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/messages:Mar 30 22:55:18 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="454" x-info="https://www.rsyslog.com"] start
/var/log/messages:Mar 30 22:55:18 nextcloudpi kernel: [    2.688416] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/messages:Mar 30 22:55:18 nextcloudpi kernel: [   10.252058] raid6: using neon recovery algorithm
/var/log/messages:Mar 30 22:55:18 nextcloudpi udisksd[448]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/syslog:Mar 30 10:58:32 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="453" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
/var/log/syslog:Mar 30 10:58:33 nextcloudpi /etc/mysql/debian-start[1544]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
/var/log/syslog:Mar 30 11:05:48 nextcloudpi systemd[1]: Stopping Unattended Upgrades Shutdown...
/var/log/syslog:Mar 30 11:05:56 nextcloudpi kernel: [    2.680055] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/syslog:Mar 30 11:05:56 nextcloudpi systemd[1]: Started Update UTMP about System Boot/Shutdown.
/var/log/syslog:Mar 30 11:05:56 nextcloudpi kernel: [   10.160012] raid6: using neon recovery algorithm
/var/log/syslog:Mar 30 11:05:56 nextcloudpi systemd[1]: Started listen-for-shutdown.service.
/var/log/syslog:Mar 30 11:05:56 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/syslog:Mar 30 11:05:56 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="441" x-info="https://www.rsyslog.com"] start
/var/log/syslog:Mar 30 11:05:57 nextcloudpi listen-for-shutdown.sh[448]: /usr/local/bin/listen-for-shutdown.py:8: RuntimeWarning: A physical pull up resistor is fitted on this channel!
/var/log/syslog:Mar 30 11:05:57 nextcloudpi listen-for-shutdown.sh[448]:   GPIO.setup(3, GPIO.IN, pull_up_down=GPIO.PUD_UP)
/var/log/syslog:Mar 30 11:05:57 nextcloudpi udisksd[465]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/syslog:Mar 30 11:06:04 nextcloudpi systemd[1]: Started Unattended Upgrades Shutdown.
/var/log/syslog:Mar 30 11:06:26 nextcloudpi /etc/mysql/debian-start[1250]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
/var/log/syslog:Mar 30 11:18:29 nextcloudpi systemd[1410]: Reached target Shutdown.
/var/log/syslog:Mar 30 17:04:56 nextcloudpi systemd[1]: Stopping listen-for-shutdown.service...
/var/log/syslog:Mar 30 17:04:56 nextcloudpi systemd[1]: Stopping Unattended Upgrades Shutdown...
/var/log/syslog:Mar 30 17:04:56 nextcloudpi listen-for-shutdown.sh[4511]: Stopping listen-for-shutdown.py
/var/log/syslog:Mar 30 17:04:56 nextcloudpi systemd[1]: Condition check resulted in Turns off Raspberry Pi display backlight on shutdown/reboot being skipped.
/var/log/syslog:Mar 30 17:05:09 nextcloudpi systemd[1]: Started Update UTMP about System Boot/Shutdown.
/var/log/syslog:Mar 30 17:05:09 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/syslog:Mar 30 17:05:09 nextcloudpi kernel: [    2.687048] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/syslog:Mar 30 17:05:09 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="444" x-info="https://www.rsyslog.com"] start
/var/log/syslog:Mar 30 17:05:09 nextcloudpi kernel: [   10.228086] raid6: using neon recovery algorithm
/var/log/syslog:Mar 30 17:05:10 nextcloudpi systemd[1]: Started listen-for-shutdown.service.
/var/log/syslog:Mar 30 17:05:10 nextcloudpi listen-for-shutdown.sh[446]: /usr/local/bin/listen-for-shutdown.py:8: RuntimeWarning: A physical pull up resistor is fitted on this channel!
/var/log/syslog:Mar 30 17:05:10 nextcloudpi listen-for-shutdown.sh[446]:   GPIO.setup(3, GPIO.IN, pull_up_down=GPIO.PUD_UP)
/var/log/syslog:Mar 30 17:05:10 nextcloudpi udisksd[448]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/syslog:Mar 30 17:05:17 nextcloudpi systemd[1]: Started Unattended Upgrades Shutdown.
/var/log/syslog:Mar 30 17:05:39 nextcloudpi /etc/mysql/debian-start[1254]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
/var/log/syslog:Mar 30 20:40:09 nextcloudpi systemd[1]: Stopping Unattended Upgrades Shutdown...
/var/log/syslog:Mar 30 20:40:25 nextcloudpi systemd[1]: Started Update UTMP about System Boot/Shutdown.
/var/log/syslog:Mar 30 20:40:25 nextcloudpi systemd[1]: Started listen-for-shutdown.service.
/var/log/syslog:Mar 30 20:40:25 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/syslog:Mar 30 20:40:25 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="456" x-info="https://www.rsyslog.com"] start
/var/log/syslog:Mar 30 20:40:25 nextcloudpi kernel: [    1.902224] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/syslog:Mar 30 20:40:25 nextcloudpi kernel: [    9.932078] raid6: using neon recovery algorithm
/var/log/syslog:Mar 30 20:40:25 nextcloudpi listen-for-shutdown.sh[445]: /usr/local/bin/listen-for-shutdown.py:8: RuntimeWarning: A physical pull up resistor is fitted on this channel!
/var/log/syslog:Mar 30 20:40:25 nextcloudpi listen-for-shutdown.sh[445]:   GPIO.setup(3, GPIO.IN, pull_up_down=GPIO.PUD_UP)
/var/log/syslog:Mar 30 20:40:25 nextcloudpi udisksd[461]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/syslog:Mar 30 20:40:32 nextcloudpi systemd[1]: Started Unattended Upgrades Shutdown.
/var/log/syslog:Mar 30 20:40:54 nextcloudpi /etc/mysql/debian-start[1249]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
/var/log/syslog:Mar 30 22:52:27 nextcloudpi systemd[1615]: Reached target Shutdown.
/var/log/syslog:Mar 30 22:55:04 nextcloudpi systemd[1]: Condition check resulted in Turns off Raspberry Pi display backlight on shutdown/reboot being skipped.
/var/log/syslog:Mar 30 22:55:18 nextcloudpi systemd[1]: Started Update UTMP about System Boot/Shutdown.
/var/log/syslog:Mar 30 22:55:18 nextcloudpi systemd[1]: Started listen-for-shutdown.service.
grep: /var/log/syslog:Mar 30 22:55:18 nextcloudpi rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.1901.0]
/var/log/apcupsd*: No such file or directory
/var/log/syslog:Mar 30 22:55:18 nextcloudpi rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="454" x-info="https://www.rsyslog.com"] start
/var/log/syslog:Mar 30 22:55:18 nextcloudpi kernel: [    2.688416] bcm2835-power bcm2835-power: Broadcom BCM2835 power domains driver
/var/log/syslog:Mar 30 22:55:18 nextcloudpi kernel: [   10.252058] raid6: using neon recovery algorithm
/var/log/syslog:Mar 30 22:55:18 nextcloudpi listen-for-shutdown.sh[458]: /usr/local/bin/listen-for-shutdown.py:8: RuntimeWarning: A physical pull up resistor is fitted on this channel!
/var/log/syslog:Mar 30 22:55:18 nextcloudpi listen-for-shutdown.sh[458]:   GPIO.setup(3, GPIO.IN, pull_up_down=GPIO.PUD_UP)
/var/log/syslog:Mar 30 22:55:18 nextcloudpi udisksd[448]: mountpoint /media/BackupPi is invalid, cannot recover the canonical path 
/var/log/syslog:Mar 30 22:55:24 nextcloudpi systemd[1]: Started Unattended Upgrades Shutdown.
/var/log/syslog:Mar 30 22:55:46 nextcloudpi /etc/mysql/debian-start[1249]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables```

at 20:40 the Pi shut down unexpected and did nor reboot.
(note: listen-for-shutdown.py is my power button, it was not pressed.)

is anyone seeing something suspicious?

I might soon just make a fresh install of the whole thing… it’s driving me nuts… :sweat_smile:

12

What just totally confuses me, is that as soon as I open the ports, it’s a matter of hours and the Pi either shuts down.
As mentioned, I had the ports closed for about 6 days and did not have issues.

Yesterday, or the day before in the evening, I opened the ports again and within less than 24hours the pi was turned off (See log in the post above).

I closed the ports again and will now give it a go for about one week.
Using Wireguard to access NCP and keeping all other ports closed.

Meanwhile, if anyone has some wisdom for me, or can see the obvious, that I don’t, please let me know.

Thanks a lot!

:smile:

13

Closing the ports did not help. It seems to have been a coincidence, that before it was working for so long with closed ports.

Reviewing all I have tried:

  • Original Power Supply
  • Hard drive cable/case replacement
  • Logging out of all devices
  • Closing ports

The last thing to try would be to use a powered USB drive (powered hub or powered drive itself.
If even that does not work, try to re-install NCP.

However, as I just got an HP EliteDesk 800 mini PC where I plan to install NCP in a LXC Linux Container on Proxmox, I’m abandoning this without being able to see if a new installation would have worked.

14

Running NCP on Pi4 w/SSD, I had random shutdown as well turned out I had low voltage causing shutdowns and hanging w/SSD (2) plugged into PI4. Bought a Powered USB HUB off Amazon ($20-30USD), one I researched to work with PI and my SSDs (WD). Plugged in SSD to HUB, connect Powered USB HUB to PI, and all has been good since then. It was a PITA trying to config/setup PI w/NC and running into power off issues. Also running SSD in RAID1 config.

1 Like
15

On another project on my Pi4 I found out something interesting:

Try something like the “LogiLink UA0115” case. It has two USB cables, one USB3 for data and one USB for power only. If you plug in the USB3 to the Pi’s USB3 port and the USB for power to the Pi’s USB2 port, it seems to solve the power issue.