Archive for February, 2024

Enormous Church Scandal in the Bulgarian Orthodox Church on the selection of new Metropolitan for one of Biggest Church Eparchies the Eparchy of Sliven

Wednesday, February 28th, 2024


Currently an enormous scandal has been ongoing in the Bulgarian Orthodox Church. The Church Mafia is fighting the People's will for choice of a Metropolitan in an attempt to 'install' a new Metropolitan, that is part of the clique clerics that has a connection to the Underground Criminal World in Bulgaria.


Holy Liturgy Blessing of Metropolitan Ioanikij Nedelchev (Joanichius) in the Dormition of Mother of God Church in Nessebar 15 August 2008 
(Photo source Wikipedia)

The reason for the Scandal is the choice of a New Metropolitan of Sliven after the blessed passing of his Holiness Joanichius the Metropolitan of Sliven (2nd March 1939 – 9 January 2024 ), who has wisefully governed the Eparchy for almost a decate a 44 years in which he has seen the times and lived through when communist try to infiltrate the Churches completely as well as the new time after the fall of communist (socialist) regime in Bulgaria, where big part of ex-communist party has given money to different people to work and grow business for them leading to the dark years in which thje ex-communist reordered the country in a way to make each other a super rich and act only for their interests and against the interests of people, leaving a lot of people without any normal social benefits and normal standard of living for one to feel himself a person but pushing him all the time to live on the edge and just making money out of the people's tragedies for few and leaving on the border of poorness many.

Those dark years, where the country was bankrupt and people lost their money and belongings in favour of some people who become mega rich, stealing from the country's belongings selling them for pennys and destroying everything built till this moment however seems to have not ended.

The democracy and democractic choice for governors in Both the Country Stages of Power in Bulgaria (The National Assembly, President and local  city Mayers and all the other people assigned with functions to govern over the citizens) is still suppressed and people are installed on country government positions in the old communist 'scheme' of dictatorship not regarding at all the choice and will of people on who should govern the country.

So far so good everyone in Bulgaria now knows, that even though the European Union inclusion of the country and the attempt from the European Union messangers to change some realms of power distance and over-dominance of governors of Bulgaria and unwalfulness for the better, still the situation is critical and again following the old communist scheme before 1995 is again practiced fully not only in the Country but also in the Church.

Bulgarian Orthodox Church has done a lot of improvement and development at first after the great Scheme that was organized by Secret services of Bulgaria called (DS Darzhavna Sigurnost or Country Security / CS). After those terrible time of dictatorship only few of the new seclected Church highest authorities (Mitrpolitans) like Metropolitan Daniil of Vidin and Seraphim of Nevrokop as well as the old selected (during communism) but very much pious and truth loving Gavriil of Lavchanska eparchy has been legally selected venerating both the will of people and the will of the Highest Church governing Authorities, that is the Holy Synod.

Those metropolitans until today over the years, since their official election as Metropolitans after the pass of the old Metropolitans has shown their high spirituality and perseverence for God and the Church and  every normal orthodox christian in Bulgaria highly values, their good deeds for the Church, the preach and the charisma and their sincere desire and acts to help the Bulgarian Church institution rise up its position in the eyes of todays degradated youth to push back Church moral in society and educate the long time kept illiterate of faith nominal Christians in Bulgaria, just like they have done a lot to share the Gospel and help people in spiritual and material need and has truly dedicated themselves to follow the Gospel as it is preached and shown on a deed by Jesus Christ himself.

Unfortunately the old government installed Metropolitans (agents) in the Synod even though as publicly showing as a perfect and good are known by people in the country that most of them have some at least points of dark past (connection with Secret Services and compromising materials with sexual and immoral acts) that helped them to rise over the ladder of Church power to become the Metropolitans they are today.

This is not a secret to anyone in the country even though noone really speaks about it too frequent.

This is also at least partially the reason if not fully, why many people in Bulgaria even though baptized in the Church, choose to be a nominal Christians and not frequently visit Church services. I myself was one those people while my faith was missing (or partial and shaking) and took me very difficult and hard road to return back to my ancestors Orthodox faith. Many of people in Bulgaria that are about 40 – 50 has walked similar path and we all have interacted or seen some of the abnormalities in the Church and the unwalfullness in times. Don't get me wrong unlawfulness actually is normal as we're human and such we do sin all the time, but still there are some limitations on when unwalfulness that is created by our own passions ends and unwalfulness from a mania for power and money and even megalomania comes. 

The Church as everyone knows has a set of Financial activities that are interesting for people willing to live a relatively confort live and less, or people who want to become a succesful businessman in cassocs, without having too high education but having a high perseverence to follow orders without thinking of superior.
For that reason over the past years of 'pseudo' democracy, where the country shows the face of a fully free to the world even though such a democracy and law is followed only for simple things and for the big and important government questions 'its all about money' and law is not venerated.

For that reason many people that are in the High Stages in the Church, for the lack of proper spiritual elders in the Church and the activities of Bulgarian Secret Services SS (DS) operations, as well as Mafia sponsorship  has installed even from communism times till now, the pseudo spiritual pastors, who are ex or even current informers to SS / Mafia as well as because of lack of normal high church authorities, many of whom were governed by the communist party has been filled with many people unworthy due to their sinful life and thinking and unfollowing the Christ Highest standard of Love God and the Neighbor but only considering their own corrupted interests and interests of their masters to whom they seem to be simple a puppets who receive benefits for following the orders of the masters …

You would say everywhere is the same and that would be true in more a or less for each country Local / Public / Government institution.
But when the unwafulness becomes a standard and public unwalfulness is tolerated that is a indicator for either a lack of country or dictatorship in it.
If such unwafullness as unfollowing the norms of Public Law are happening in the Country every now and then that is normal, but what becomes abnormal if such anomalities has become a standard also for not only how things happen in Government Parliaments but how things happen in the Church, then this is a tragedy.
The Church has always been the Highest standard and example for people and even today for many it is still a barrometer for whereto things are going.

For those who don't know the Church's governence Authorities The Metropolitans (a High Powered Monks Bishops who give a vows for unaffection to money posetions and worldy goods that promised God to work only and mainly for the Good of the Church members the people assembly Ecclasia) has the holy duty to not only persevere for their own salvation but has taken the responsibility to lead the people following the Highest Standards of The Christ Gospel in their way to salvation. Those people in the Bulgarian Church who govern it are callet the Holy Synod (or Assembly of Metropolitans) and as of today's article writting are 28.02.2024 are numbered of 13 'elders / starci (as called in Bulgarian) who should take the important decisions for the Church, those 13 are being exchanged with others that should be selected once one passes over using a special procedure for choice that is written in the so-called 'Church institution' the Church statuses regulations, that are written and approved together with Priests ,Monks, and Laymen and has been selected to be followed as a legal internal way on how the Church takes decision of the seclection of new Metropolitans once one passes away. To this date this law has been followed and this kind of selection procedure, where the Church members the people choose on the new Metropolitan together with Priests in a special selection day that is set by the Holy Synod elders and with one Elder (A Metropolitan from the Holy Synod) who will be observer on how the people and clergy vote for their new Hierarch and as currently we had this Eparchy of Sliven His Holiness Joanichius metropolitan of Slived – Died  passing to Christ just 49 days ago and a decision was taken by the Holy Synod to organize the selection procedure for new Metropolitan. 

The procedures of selection of new Metropolitan has been followed closely up to the smallest details, and two candidates has been selected just like the Church accepted rules prescribes those was

On the first circle of selections (which by the way  were publicly translated in Facebook !!!) 3 bishops were selected

1. Ierotey of Agathopolski (received most votes)
2. Arsenij Znepolsky (second in votes)
3. Mihail Konstantijski (third in votes)

A second circle up to the official selection rules was done on which Arsenij has been put out of the list as he received only 17 votes for the people will.


1. Bishop Ierotey of Agatopolos spiritual district (received 26 votes by Sliven's Monks, Priests and Laymen that are part of Eparchal assembly as to the Church rules)
2. Bishop Mihail of Konstant  spiritual district (received 22 votes by Sliven's Monks, Priests and Laymen that are part of Eparchal assembly as to the Church rules)



Bishop Ierotey


(note both spiritual districts are no longer existing in Bulgarian Orthodox Church due to territorial change of the country and this titles are given usually to non metropolitan Bihops in the Bulgarian Church).


The selection process was leaded by Metropolitan Ioan (John) of eparchy Varna and Veliko Preslav. 
After the selection his Holiness John of Varna and Velikopreslav has been very happy and told publicly to the news the first part of selection of new Metropolitan for Sliven has been sucessfully finished and no any irregularities on the votes process has been seen.

The official process and practice in that case in the Bulgarian Orthodox Church so far has always been to ratify the Choice of People and select one of the two that seems for the 14 Metropolitan Eldersas the most suitable for the Eparchy to lead and teach the people on the Gospel and Christs Words and lead them in their path to Salvation and to protect the flock against heresies etc. etc.

The practice up to this date was to ratify one of the two chosen Bishops as favourites and Entrone him as the Official Governor and local Church Spiritual Leader of the Eparchy of the Holy Orthodox Church and the person who will take the important decisions for the Eparchy and by the Public head official representative of the Priests, Monks and Layman of those eparchy.

A date was set on which the Synod should come up with an information on his selection of the new Bishop of Sliven between the pre-selected ones Ierotey or Mihail.
Everyone was expecting the choice and the clirics and people of Sliven Bulgas and the many black sea Black Sea tourist famous destinations cities such as  Ahtopol, Chernomoretz, Pomorie, Rezovo as well as people from villages and everyone was waiting to celebrate and congrat their new Metropolitan and accept him in the Synodal Palace in Sliven. 

But guess what happens, the official set process of selection is cancelled in a very unwalful way out of the Sudden the Sinodal elders makes a paradoxal decision without any official explanation to cancel the prior vote selection of Metropolitan Ierotey or Mihail !!! 

During that strange behaviors there even more oddities, the Patriarch is in Hospital and unconscios and not part of the decision of the Synod, which makes the important decision out of Quorum of 14 + 1 (patriarch), moreover the strange unlogical and unargumented decision however is not approved by 3 of of the Synodal Elders

+ Gavriil
+ Seraphim 
+ Danijl

Who has the fame of the few only truthful uncorrupted or unkept by compromats or sex or other public scandals and who are serving Holy Liturgies, serving, working steadily for the goodness of church temples, the people and the interest of the Bulgarian nation.
Besides that the Patriarch did not take any decision as his health situation is unclear (some people in the Church even doubt whether he is still alive?? as no laymen or clergy man is allowed to enter the Hospital where officially he is said to be health with a severe deadly disease a cancer on the white lungs). 
Besides that the Metropolitan of America His Beautitude Yosif Metropolitan of America did not took part of the discussions in the Synodal Palace.
Meaning out of 12 present Sinodal Elders during the decision assembly in Synodal palace  only 8 do vote for and 5 vote against. Strange enough the observer of the whole voting process that took place 2 weeks ago in Sliven Sinodal Palace Joan of Veliko Preslav has also voted for the cassation of the choice??

Now Suddenly John starts suddenly talking the vote was not really done in a proper way even though he himself has been part of the vote and has confirmed after the vote that everything was flawless actual and honest and there was no corruption during the vote and again (The vote has been shown on facebook LIVE !!!).
That of course leads to the fact that someone has pushed him to make those strange choice of cassation from somewhere and to publicly claim the voting process has been compromised controrary to what he claimed earlier. 

But the strangeness here in Metropolitan voting does not end. On those same day where the Synod has chosen to cassase (cancel) the voting by sliven's eparchy people and priests, there is an offer made that the Official way of how a selection of new metropolitan is made is changed immediately !!!
The Church is immediately voted by those same 8 of Elders that has voted for the cassation and those "Elders". What a coincidence HUH


And this offer to cancel the current Rules that are provided by officially Church legal binding document on the process of Choice of Metropolitan that has been used until today and whose latest revision was from 2009 and has been accepted on a Church National Assembly ratified by Layman, Deacons, Priests, Monks, Ipodeacons, Layman to be the official guide for how the voting of new metropolitan should be made as well as how to solve different complex situations that could emerge in the Church realms.

For over 150 years of the existing of new Bulgarian history, after liberation (The Church Statues state rules has been the leading guide for the Highest authorities like a help manual so things in the Church are done in lawful way and everything as transparent as possible, now without the allowness of people and clergy except the synod they want to cancel those Church Statuses not caring about the people opinion.

Sorry guys but this is the 21 century and in realms of 21 century this kind of behavior is called Dictatorship !!! Every normal member of the Bulgarian Church recognized those and now a great set of discussions in facebook and on many Bulgarian websites and informational websites are explaining a lot of hidden details on the real reasons for those scandal which in short are:

1. The Patriarch of the Church Neofit is near his deadbed or has passed away and this is kept in secret until new Metropolitan is installed
according to the Plans and in that way the group of Nikolay even prankly called Nikolayts (for their dedication to Nicolay) will be complete
enough in order for him to succeed to be Enthroned as next Patriarch ?

2. There is Metropolitan Nikolay who is well known by at least 10+ years that has appetite to become patriarch or to command over the whole Church Synod and Bishops and those same person has forced his protegees to make that unlogical choice as he has helped him somewhere in their career development, by installing his new protegee Arsenij or someone else under his dominance power group who he is dictating pretty much like Hitler his Gestopo (just to name one scandal person who is a famous part of his group this is Sionij who by some proven sources has been claimed to have been involved with things that does not fit to his high position in society such as pedophilia sex, alcoholism and other criminal deeds that has connection to the Secret Servies and the Mafia of Bulgaria.

3. Sliven Metropoly (Eparchy) has a lot of Public Business interest for businessman involved as the Eparchy is a common tourist destinations and a lot of investors wants to buy a cheap Church land and such a dead could be easily helped with installing the right new Metropolitan on the Eparchy Ship steering wheel. Rumors are ongoing that this two priests are receiving money to act as they did for quite some time within different circuits of the Church.

4. Both pepople and Clergy preselected Bishops Ierotey and Mihail does not have compromats and are not easily blackmailed as a consequence as many others have, and are known in the public and common people in the Church to have a good Spiritual life in Christ and are famous for their good deeds and has already helped a lot of people in need both materially and spiritually and continue to do so as their faith for Christ is real and not nominal dictated only by public and material interests and that does not fit the overall agenda.

Ierotey has been part of Sliven's eparchy for 21 years and has been next to Metropolitan Joanikij (Yoanikius) for the last 10 years and has been his Vicar Bishop and has taken care about the Graceful elder Metropolitan Joanikij while he was on a deadbed, was his spiritual Childrean of him and knows pretty well the things in the Eparchy.

While Mihail who is also serious monk and has lived a secluded life in Greek monastery and a notorious Greek Elder near Athens and has been proven to also a Quality good and Highly spiritual person and monk. 

Even though it is logical and expected by people for Ierotey to be the selected candidate as he is already known with the people for 21 years and people know them and love him.
Mihail is also a good suit because he has a good spiritual base, even though being ordered as bishop much later than Ierotey and having much less experience as such.

After the cassation the Elders did not come with an official explanation on why really the cassation was made. Secondly they had come up with a later news on which is the Bulgarian Orthodox Church, with a very cloudy message that the voting is cancelled with no explanations.

Just recently after 3 of the other Metropolitans who has been against the cassation came with a very thoroughful and clearly explained position, on why changing the rules for a Metropolitan selection while the selection is ongoing is anti-Church deed which is not accepted and they throughfully explained why chaing the Church statue rules, to be legal should be made on an official Church National Assembly gathering as it was used to accept the Church statue rules after all.
In the same Church statue rules, it has been pointed that the Church rules are most important Church Organ after, Holy Bible, Holy Tradition and Canons. Church canonists of the Bulgarian Orthodox Church specialist on the topic has been already explained why a dead of changing the Church statue rules without taking in consideration the members of the church the layman and the low clergy priests, monks is totally unchurch and evil.

Intesrestingly enough two brother priests (or better say fake priests as their deeds are not worthy for priesthood) Silvestar and Evgeni ( Yanakievi ) of the Sliven Eparchy who created a lot of scandals historically in the Bulgarian Church and has pressed and harmed many normal people, has preached a lot of ultras ideas and neven stick to their right hierarchical place (presenting themselves as saints and truthful lovers of Bulgarian faiths and traditions, often rioting the people are the main people who have been 'sceaming' and attacking about venerating the legal choice of Sliven's eparchy people and priest.

In a very unscrupulous way they spread lies about people in facebook and everywhere and are presenting themselves as the protectors of truth and Christianity and people who care about the 'clearness of faith' etc. Those scandal personalities continue to put more and more disturbance in facebook and the media preaching open lies that are against the Authority and personal dignity of Bishop Ierotey who.

They publicly claim Bishop Ierotey has been making money, by selling Church lands belonging to Pomorie Monastery who he has been a bishop of, those false claims that Ierotey has stole and sold land of monastery has been publicly shown as false by official documents and are available to be seen here.

Many Church important figures such as Profesor Ivan Zhelev (who has for 25 years has been official translator of the Bulgarian Orthodox Church) and many other has given already his opinion that the situation within the Church is absurd some, can see behind the strange coincident and indeaquate reactions of most of Synodal Elders a conspiracy with some specific aims such as creating a planned Schism within the Church or complete take over of the Church highest government bodies by the Mafia in Bulgaria Underground world or / and the Secret Services (DS) who after communist are well known to have a very good connections.

Nomatter what is the reason behind the Synod activies, one thing is clear people in the Bulgarian Church are not so stupid as they thought and such an unwalfulness is not going to be tolarated by people in the mask of humility as they want to convince her!
Protests in front of Slivent's synodal palace has taken place already, and such protests are about to continue as a follow up in front of Synod especially as people want their voice to be heard and not be commanded as a dumb flock as some people seems to want, breaking all democratic norms !!!

Unfortunately the Bulgarian Orthodox Church Synod with those last indeaquate and inadequate decisions puts another spot on the reputation of the Church which anyways is not so high as of today, because of certain Metropolitans indeate talks, decisions and acts, pretty much like it happened in official govenment.
That is sad and anti-people as obviously now the recent unwalfulness was tried to be shown as absolutely canonical and good and for the good of people that decisions on who should be governing an eparchy of Bulgarian Church has to be only taken by the so called 'Elders', many of whom as today in difference with the past their ancestors has neven been a serious monks not succeeded in any spiritual deeds and has been made bihops and monks with breaking church canons or rules.

The best one could do in that terrible situation to help resolve is to sign up a petition against the unwalful decision of the Synod to cancel the vote decision made for new Sliven Metropolitan.

Lord have mercy over the Bulgarian Holy Church and keep her out of those wolves in sheeps cloting, who try to destroy your Church and flock !!!

How to do a port redirect to localhost service with socat or ncat commands to open temporary access to service not seen on the network

Friday, February 23rd, 2024


You know sometimes it is necessery to easily and temporary redirect network TCP ports to be able to be accessible from Internal DMZ-ed Network via some Local Network IP connection or if the computer system is Internet based and has an external "'real" Internet Class A / B address to be reachable directly from the internet via lets say a modern Internet browser such as Mozilla Firefox / Google Chrome Browser etc.

Such things are easy to be done with iptables if you need to do the IP redirect permanent with Firewall rule changes on Linux router with iptables.
One way to create a TCP port redirect using firewall would include few iptable rules  like for example:

1. Redirect port traffic from external TCP port source to internal one

# iptables -t nat -I PREROUTING -p tcp –dport 10000 -j REDIRECT –to-ports 80
# iptables -t nat -I OUTPUT -p tcp -o lo –dport 10000 -j REDIRECT –to-ports 80
# iptables -t nat -A OUTPUT -o lo -d -p tcp –dport 80 -j DNAT  –to-destination
# iptables -t nat -I OUTPUT –source 0/0 –destination 0/0 -p tcp –dport 80 -j REDIRECT –to-ports 10000

Then you will have listener (assuming that the IP is already configured on some of the host network interface, plugged in to the network).

 But as messing up with the firewall is not the best thing to do especially, if you need to just temporary redirect external listener port to a service configured on the server to only run on TCP port on loopback address, you can do it instead with another script or command for simplicy.

One simple way to do a port redirect on the fly on GNU / Linux or FreeBSD / OpenBSD is with socat command.

Lets say you have a running statistics of a web server Apache / Nginx / Haproxy frontend / backend statistics or whatever kind of web TCP service on port 80 on your server and this interface is on purpose configured to be reachable only on localhost interface port 80, so you can either access it by creating an ssh tunnel towards the service on or by accessing it by redirecting the traffic towards another external TCP port, lets say 10000.

Here is how you can achieve

2. Redirect Local network accessible IP on all configured Server network interfaces port 10000 to TCP 80 with socat

# socat tcp-l:10000,fork,reuseaddr tcp:

If you need to access later the redirected port in a Browser, pick up the machine first configured IP and open it in a browser (assuming there is no firewall filter prohibiting access to redirected port).

root@pcfreak:~# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast
        ether 91:f8:51:03:75:e5  txqueuelen 1000  (Ethernet)
        RX packets 652945510  bytes 598369753019 (557.2 GiB)
        RX errors 0  dropped 10541  overruns 0  frame 0
        TX packets 619726615  bytes 630209829226 (586.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Then in a browser open or (depending on if remote service has SSL encryption enabled or not) and you're done, the configured listener Server service should pop-up on the screen.

3. Redirect IP Traffic from External IP to Localhost loopback interface with netcat ( ncat ) swiss army knife hackers and sysadmins tool

If you need to redirect lets say TCP / IP port 8000 to Port a server local binded service on TCP 80 with ncat, instead of socat (if lets say socat is not pre-installed on the machine), you can do it by simply running those two commands:

[root@server ~]# mkfifo svr1_to_svr2
[root@server ~]# ncat -vk -l 8000 < svr1_to_svr2 | ncat 80 > svr1_to_svr2
Ncat: Version 7.92 ( )
Ncat: Listening on
Ncat: Connection from
Ncat: Connection from
Ncat: Connection from
Ncat: Connection from


I you don't care to log what is going on the background of connection and you simply want to background the process with a one liner command you can achive that with:

[root@server /tmp]# cd tmp; mkfifo svr1_to_svr2; (ncat -vk -l 8000 < svr1_to_svr2 | ncat 80 > svr1_to_svr2 &)

Then you can open the Internal Machine Port 80 TCP service on 8000 in a browser as usual.

For those who want a bit of more sophisticated proxy like script I would suggest you take a look at using netcat and a few lines of shell script loop, that can simulate a raw and very primitive proxy with netcat this is exampled in my previous article Create simple proxy server with netcat ( nc ) based utility.

Hope this article is helpful to anyone, there is plenty of other ways to do a port redirect with lets say perl, python and perhaps other micro tools. If you know of one liners or small scripts, that do it please share in comments, so we can learn from each other ! 

Enjoy ! 🙂

Create Haproxy Loadbalancer Access Control Lists and forward incoming frontend traffics based on simple logic

Friday, February 16th, 2024


Haproxy Load Balancers could do pretty much to load balance traffic between application servers. The most straight forward way to use is to balance traffic for incoming Frontends towards a Backend configuration with predefined Application machines and ports to send the traffic, where one can be the leading one and others be set as backup or we can alternatively send the traffic towards a number of machines incoming to a Frontend port bind IP listener and number of backend machine.

Besides this the more interesting capabilities of Haproxy comes with using Access Control Lists (ACLs) to forward Incoming Frontend (FT) traffic towards specific backends and ports based on logic, power ACLs gives to Haproxy to do a sophisticated load balancing are enormous. 
In this post I'll give you a very simple example on how you can save some time, if you have already a present Frontend listening to a Range of TCP Ports and it happens you want to redirect some of the traffic towards a spefic predefined Backend.

This is not the best way to it as Access Control Lists will put some extra efforts on the server CPU, but as today machines are quite powerful, it doesn't really matter. By using a simple ACLs as given in below example, one can save much of a time of writting multiple frontends for a complete sequential port range, if lets say only two of the ports in the port range and distinguish and redirect traffic incoming to Haproxy frontend listener in the port range of 61000-61230 towards a certain Ports that are supposed to go to a Common Backends to a separate ones, lets say ports 61115 and 61215.

Here is a short description on the overall screnarios. We have an haproxy with 3 VIP (Virtual Private IPs) with a Single Frontend with 3 binded IPs and 3 Backends, there is a configured ACL rule to redirect traffic for certain ports, the overall Load Balancing config is like so:

Frontend (ft):

listen IPs:

On TCP port range: 61000-61299

Backends (bk): 


Config Access Control Liststo seperate incoming haproxy traffic for CUSTOM_APP1 and CUSTOM_APP2

By default send all incoming FT traffic to: bk_PROD_ROUNDROBIN

With exception for frontend configured ports on:
APP1 port 61115 
APP2 port 61215

If custom APP1 send to bk:
If custom APP2 send to bk:

Config on frontends traffic send operation: 

bk_PROD_ROUNDROBIN (roundrobin) traffic send to App machines all in parallel
traffic routing mode (roundrobin)

bk_APP1 and bk_APP2

traffic routing mode: (balance source)
Appl1 default serving host

If configured check port 61888, 61887 is down, traffic will be resend to configured pre-configured backup hosts: 


/etc/haproxy/haproxy.cfg that does what is described with ACL LB capabilities looks like so:

# Global settings
    log local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/
    maxconn     4000
    user        haproxy
    group       haproxy

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
    mode                    tcp
    log                     global
    option                  tcplog
    #option                  dontlognull
    #option http-server-close
    #option forwardfor       except
    option                  redispatch
    retries                 7
    #timeout http-request    10s
    timeout queue           10m
    timeout connect         30s
    timeout client          20m
    timeout server          10m
    #timeout http-keep-alive 10s
    timeout check           30s
    maxconn                 3000

# Synchronize server entries in sticky tables

peers hapeers

# HAProxy Monitoring Config
listen stats                #Haproxy Monitoring run on port 8080
    mode http
    option httplog
    option http-server-close
    stats enable
    stats show-legends
    stats refresh 5s
    stats uri /stats                            #URL for HAProxy monitoring
    stats realm Haproxy\ Statistics
    stats auth hauser:secretpass4321         #User and Password for login to the monitoring dashboard
    stats admin if TRUE
    #default_backend bk_Prod1         #This is optionally for monitoring backend
# HAProxy Monitoring Config
#listen stats                #Haproxy Monitoring run on port 8080
#    mode http
#    option httplog
#    option http-server-close
#    stats enable
#    stats show-legends
#    stats refresh 5s
#    stats uri /stats                            #URL for HAProxy monitoring
#    stats realm Haproxy\ Statistics
#    stats auth hauser:secretpass321          #User and Password for login to the monitoring dashboard
#    stats admin if TRUE
#    #default_backend bk_Prod1           #This is optionally for monitoring backend

# HAProxy Monitoring Config
# listen stats                #Haproxy Monitoring run on port 8080
#    mode http
#    option httplog
#    option http-server-close
#    stats enable
#    stats show-legends
#    stats refresh 5s
#    stats uri /stats                            #URL for HAProxy monitoring
#    stats realm Haproxy\ Statistics
#    stats auth hauser:secretpass123          #User and Password for login to the monitoring dashboard
#    stats admin if TRUE
#    #default_backend bk_DKV_PROD_WLPFO          #This is optionally for monitoring backend

# frontend which proxys to the backends
frontend ft_PROD
    mode tcp
    option tcplog
        # (4) Peer Sync: a sticky session is a session maintained by persistence
        stick-table type ip size 1m peers hapeers expire 60m
# Commented for change CHG0292890
#   stick on src
    log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tw/%Tc/%Tt\ %B\ %ts\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq
        acl RULE1 dst_port 61115
        acl RULE2 dst_port 61215
        use_backend APP1 if app1
        use_backend APP2 if app2
    default_backend bk_PROD_ROUNDROBIN

# round robin balancing between the various backends
    mode tcp
    # (0) Load Balancing Method.
    balance roundrobin
    # (4) Peer Sync: a sticky session is a session maintained by persistence
    stick-table type ip size 1m peers hapeers expire 60m
    # (5) Server List
    # (5.1) Backend
    server appl1 check port 31232
    server appl2 check port 31232 
    server appl2 check port 31232 
    server appl3 check port 31232 

# source balancing for the GUI
backend bk_APP2
    mode tcp
    # (0) Load Balancing Method.
    balance source
    # (4) Peer Sync: a sticky session is a session maintained by persistence
    stick-table type ip size 1m peers hapeers expire 60m
        stick on src
    # (5) Server List
    # (5.1) Backend
    server appl1 check port 55232
    server appl2 check port 55232 backup
    server appl3 check port 55232 backup
    server appl4 check port 55232 backup

# source balancing for the OLW
backend bk_APP1
    mode tcp
    # (0) Load Balancing Method.
    balance source
    # (4) Peer Sync: a sticky session is a session maintained by persistence
    stick-table type ip size 1m peers hapeers expire 60m
        stick on src
    # (5) Server List
    # (5.1) Backend
    server appl1 check port 53119
    server appl2 check port 53119 backup
    server appl3 check port 53119 backup
    server appl4 check port 53119 backup


You can also check and download the haproxy.cfg here.
Enjjoy !

Create Bootable Windows installer USB from a MAC PC, MacBook host or Linux Desktop computer

Thursday, February 8th, 2024

Creating Windows bootable installer with Windows Media Creation tool is easy, but sometimes if you're a geek like me you don't have a Windows personal PC at home and your Work PC is so paranoidly restricted by its administrator through paranoid Domain Controller Policies, that you can only copy from a USB drive towards the Win PC but you cannot write to the USB. 

1. Preparing Linux installer USB via Mac's Boot Camp Assistant

If you're lucky you might have a MAC Book Air or some kind of other mac PC, if that is the case you can burn the Windows Installer iso, with the Native Mac tool called BootCamp Assistant, by simply downloading the Win Boot ISO, launching the app and burning it:

Finder > Applications > Utilities and open Boot Camp Assistant.


2. Preparing Bootable Windows installer on Linux host machine

On DEBIAN / UBUNTU and other Deb based Linuxes

# apt install gddrescue 


# dnf install ddrescue

To install the Windows Image to the right USB drive, first find it out with fdisk and list it:

# fdisk -l

Disk /dev/sdb: 14.41 GiB, 15472047104 bytes, 30218842 sectors
Disk model: DataTraveler 3.0
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc23dc587

Device     Boot    Start      End  Sectors  Size Id Type
/dev/sdb1           8192 30216793 30208602 14.4G  7 HPFS/NTFS/exFAT
/dev/sdb2       30216794 30218841     2048    1M  e W95 FAT16 (LBA)

Then Use ddrescue to create the bootable MS windows Installer USB disk.

# ddrescue windows10.iso /dev/sd1 –force -D

3. Using GUI Linux tool WoeUSB-ng to prepare Microsoft Windows start up USB drive

If you're a lazy Linux user and you plan to prepare up to date Windows image files regularly, perhaps the WoeUSB-ng Graphical tool will suit you better, to use it you will have to install a bunch of python libraries.

On Ubuntu Linux:

# apt install git p7zip-full python3-pip python3-wxgtk4.0 grub2-common grub-pc-bin
# pip3 install WoeUSB-ng

On Fedora Linux:

dnf install git p7zip p7zip-plugins python3-pip python3-wxpython4
# sudo pip3 install WoeUSB-ng

Launch the WoeUSB-ng program :


$ python3 /usr/local/bin/woeusbgui


Download, the latest Version of Windows Installer .ISO IMAGE file, plug in your USB flash disk and let the program burn the ISO and create the GRUB boot loader, that will make WIndows installer bootable on your PC.


With WoeUSB-ng you have to be patient, it will take some time to prepare and copy the Windows installer content and will take about 15 to 20 minutes from my experience to finalize the GRUB records required, that will make the new burnt ISO bootable.

Then just plug it in to your Desktop PC or laptop, virtual machine, whatever where you would like to install the Windows from its latest installation Source image and Go on with doing the necessery evil to have Microsoft Spy on you permanently.

P.S. I just learned, from colleagues from Kvant Serviz (a famous hardware second hand, shop and repair shop here in Bulgaria, that nowadays Windows has evolved to the points, they can and they actually do overwrite the PC BIOS / UEFI as part of updates without any asking the end user !!!
At first I disbelived that, but after a short investigation online it turned out this is true, 
there are discussions online from people complaining, that WIndows updates has ovewritten their current BIOS settings and people complaining BIOS versions are ovewritten.

Enjoy your new personal Spy OS ! 🙂

How to run SSH server Mac OS X and set it to auto boot on Mac Book system start

Monday, February 5th, 2024

mac os X

How to run SSH Server on Mac OS X to administrate remotely your MAC OS to access remote MacBook Air or Mac OS 

Linux / UNIX users know it is pretty easy to run OpenSSH server on old Linux SystemV releases

it is done with cmd:

# /etc/init.d/sshd start

On newer Linux distros where systemd is the standard it is done wtih:

# systemctl start ssh.service

To enable ssh service on boot on systemd distros

# systemctl enable ssh.service

To enable SSH access on Mac OS X this is done wtih a simple command

To check the status of SSH server being on or OFF, either connect with netcat to TCP port 22, which is usually installed by default on most MAC OS-es or run:

# systemsetup -getremotelogin

To start and enable SSH service on Mac OS X run:

# systemsetup -setremotelogin on 

If you later need to turn off the SSH service

# systemsetup -setremotelogin off

Actually systemsetup command can do pretty much on MAC OS X and it is worthy to take a look at it, if you're running a MAC PC or Mac Book laptop.

systemsetup can set the current date, change time server host, set computer name (hostname) and much more.

sh-3.2# systemsetup -help

systemsetup Help Information
Usage: systemsetup -getdate
        Display current date.

Usage: systemsetup -setdate <mm:dd:yy>
        Set current date to <mm:dd:yy>.

Usage: systemsetup -gettime
        Display current time.

Usage: systemsetup -settime <hh:mm:ss>
        Set current time to <hh:mm:ss>.

Usage: systemsetup -gettimezone
        Display current time zone.

Usage: systemsetup -settimezone <timezone>
        Set current time zone to <timezone>. Use "-listtimezones" to list time zones.

Usage: systemsetup -listtimezones
        List time zones supported by this machine.

Usage: systemsetup -getusingnetworktime
        Display whether network time is on or off.

Usage: systemsetup -setusingnetworktime <on off>
        Set using network time to either <on> or <off>.

Usage: systemsetup -getnetworktimeserver
        Display network time server.

Usage: systemsetup -setnetworktimeserver <timeserver>
        Set network time server to <timeserver>.

Usage: systemsetup -getsleep
        Display amount of idle time until computer, display and hard disk sleep.

Usage: systemsetup -setsleep <minutes>
        Set amount of idle time until computer, display and hard disk sleep to <minutes>.
        Specify "Never" or "Off" for never.

Usage: systemsetup -getcomputersleep
        Display amount of idle time until computer sleeps.

Usage: systemsetup -setcomputersleep <minutes>
        Set amount of idle time until compputer sleeps to <minutes>.
        Specify "Never" or "Off" for never.

Usage: systemsetup -getdisplaysleep
        Display amount of idle time until display sleeps.

Usage: systemsetup -setdisplaysleep <minutes>
        Set amount of idle time until display sleeps to <minutes>.
        Specify "Never" or "Off" for never.

Usage: systemsetup -getharddisksleep
        Display amount of idle time until hard disk sleeps.

Usage: systemsetup -setharddisksleep <minutes>
        Set amount of idle time until hard disk sleeps to <minutes>.
        Specify "Never" or "Off" for never.

Usage: systemsetup -getwakeonmodem
        Display whether wake on modem is on or off.

Usage: systemsetup -setwakeonmodem <on off>
        Set wake on modem to either <on> or <off>.

Usage: systemsetup -getwakeonnetworkaccess
        Display whether wake on network access is on or off.

Usage: systemsetup -setwakeonnetworkaccess <on off>
        Set wake on network access to either <on> or <off>.

Usage: systemsetup -getrestartpowerfailure
        Display whether restart on power failure is on or off.

Usage: systemsetup -setrestartpowerfailure <on off>
        Set restart on power failure to either <on> or <off>.

Usage: systemsetup -getrestartfreeze
        Display whether restart on freeze is on or off.

Usage: systemsetup -setrestartfreeze <on off>
        Set restart on freeze to either <on> or <off>.

Usage: systemsetup -getallowpowerbuttontosleepcomputer
        Display whether the power button is able to sleep the computer.

Usage: systemsetup -setallowpowerbuttontosleepcomputer <on off>
        Enable or disable whether the power button can sleep the computer.

Usage: systemsetup -getremotelogin
        Display whether remote login is on or off.

Usage: systemsetup -setremotelogin <on off>
        Set remote login to either <on> or <off>. Use "systemsetup -f -setremotelogin off" to suppress prompting when turning remote login off.

Usage: systemsetup -getremoteappleevents
        Display whether remote apple events are on or off.

Usage: systemsetup -setremoteappleevents <on off>
        Set remote apple events to either <on> or <off>.

Usage: systemsetup -getcomputername
        Display computer name.

Usage: systemsetup -setcomputername <computername>
        Set computer name to <computername>.

Usage: systemsetup -getlocalsubnetname
        Display local subnet name.

Usage: systemsetup -setlocalsubnetname <name>
        Set local subnet name to <name>.

Usage: systemsetup -getstartupdisk
        Display current startup disk.

Usage: systemsetup -setstartupdisk <disk>
        Set current startup disk to <disk>.

Usage: systemsetup -liststartupdisks
        List startup disks on this machine.

Usage: systemsetup -getwaitforstartupafterpowerfailure
        Get the number of seconds after which the computer will start up after a power failure.

Usage: systemsetup -setwaitforstartupafterpowerfailure <seconds>
        Set the number of seconds after which the computer will start up after a power failure. The <seconds> value must be a multiple of 30 seconds.

Usage: systemsetup -getdisablekeyboardwhenenclosurelockisengaged
        Get whether or not the keyboard should be disabled when the X Serve enclosure lock is engaged.

Usage: systemsetup -setdisablekeyboardwhenenclosurelockisengaged <yes no>
        Set whether or not the keyboard should be disabled when the X Serve enclosure lock is engaged.

Usage: systemsetup -version
        Display version of systemsetup tool.

Usage: systemsetup -help
        Display help.

Usage: systemsetup -printCommands
        Display commands.


Enabling SSH in Mac OS X computers can be done also from Graphical interface for the lazy ones.