Re: [Efw-user] syn-flood prevention?
I've been testing opnsense (opnsense.org) a pfsense fork.. really like it. On Wed, Feb 11, 2015 at 11:10 AM, Jason phibro...@gmail.com wrote: I've heard pfSense was a good Alternative to Endian... as I still run this for my school/church. I am looking for alteratives as well... I also run a UBNT EdgeRouter Lite (which like he said below - is based on Juniper / Barocade CLI... (its not Cisco or HP CLI...) and with the latest firmware update - there is a bunch that you can do now from the GUI on the last tab is is in a tree format. Jason On 2/11/15 3:18 AM, Andre Mueller wrote: Yes I can recommend Ubiquiti's EdgeRouters as hardware based alternative. I deployed serveral units of EdgeRouter lite and also some EdgeRouter Pro. The GUI does not allow to configure all details, but this can be accomplished with the CLI, which is very intuitive. The OS is based on the opensource OS of Vyatta (now part of Brocade). Unfortunately the free version offered by Brocade is missing a GUI. For our own purposes I will try the free version of Sophos, in order to replace our virtualized Endian firewall and router. best regards, Am 10.02.2015 um 14:31 schrieb AJ Weber: I was a long-time user of EFW and liked the product, but I'm not telling you anything you don't already know when I say that they've completely ignored the distro and there's virtually no development or support any longer. Someone here mentioned Ubiquiti's EdgeRouters a while back, so I bought an EdgeRouter Lite. It has been very stable, fast and secure. It doesn't have all of the appliance features, because it's designed as a router/fw first. But you can add debian packages to tweak it -- provided you keep in mind that it has finite cpu and memory. Would be nice if their OS was ready to run on any intel-based box, but their prices are more-than-fair for the hardware. And their forums are very responsive from other users AND the developers. In my case, I replaced a EFW PC and a load-balancer with the one EdgeRouter Lite for way-lower electric consumption and faster throughput. -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- The unauthorized disclosure or interception of e-mail is a federal crime. See 18 U.S.C. Sec. 2517(4). This message is confidential and intended for the identified recipient only. It may contain privileged or confidential information. This e-mail and any files transmitted with it are the property of the sender, are confidential and may be privileged, and are intended solely for the use of the individuals or parties to whom this e-mail is addressed. If you are not one of the named recipients or have received this message in error, please notify the sender immediately and delete this message. You are also hereby notified that any unauthorized dissemination, distribution, or copying of this information is strictly prohibited. The sender shall not be liable for any unauthorized use of, or inaccuracies resulting from additions to or deletions from, information originally contained in this transmission -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] syn-flood prevention?
I'm testing opnsense right now, really like it. Fork of pfsense. On Tue, Feb 10, 2015 at 8:31 AM, AJ Weber awe...@comcast.net wrote: I was a long-time user of EFW and liked the product, but I'm not telling you anything you don't already know when I say that they've completely ignored the distro and there's virtually no development or support any longer. Someone here mentioned Ubiquiti's EdgeRouters a while back, so I bought an EdgeRouter Lite. It has been very stable, fast and secure. It doesn't have all of the appliance features, because it's designed as a router/fw first. But you can add debian packages to tweak it -- provided you keep in mind that it has finite cpu and memory. Would be nice if their OS was ready to run on any intel-based box, but their prices are more-than-fair for the hardware. And their forums are very responsive from other users AND the developers. In my case, I replaced a EFW PC and a load-balancer with the one EdgeRouter Lite for way-lower electric consumption and faster throughput. On 2/10/2015 3:35 AM, Andre Mueller wrote: Hello Matt Thank you very much for your answer. This night I found, that our router was not afflicted by an syn-flood attack, but was hacked and was used as an syn-flood server itself. There was no way to save it, as the bad files where distributed over the system and reloaded themself permanently and so I had to set-up the router from fresh. Yes your are right about the future development of the community version and it is wise to move to an other firewall. best regards Am 09.02.2015 um 17:02 schrieb Matt Hayes: I'm only responding as most likely you will not get a response from Endian themselves, I'm not sure why it is not working if you have syn flood protection enabled already. I myself am slowly moving from Endian Firewall Community as I'm not able to get any answers from Endian or their developers at all. There are numerous security issues with the distribution specifically with SSH and openssl. I'm moving to a more up to date and maintained firewall for my needs. Good luck. -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] syn-flood prevention?
I'm only responding as most likely you will not get a response from Endian themselves, I'm not sure why it is not working if you have syn flood protection enabled already. I myself am slowly moving from Endian Firewall Community as I'm not able to get any answers from Endian or their developers at all. There are numerous security issues with the distribution specifically with SSH and openssl. I'm moving to a more up to date and maintained firewall for my needs. Good luck. On Mon, Feb 9, 2015 at 9:41 AM, Andre Mueller andre.muel...@himmel-blau.com wrote: Endian 3.0.devel : Community Version Hello I have the problem that our Endian installation configured as a router (public subnet on the orange zone) is attacked on the routers WAN-interface (Red uplink) by massive syn-flood requests. As we have checked on our Endian syn_cookies are activated, so the first perquisite for protection against syn-flood attacks is active. But the problem is that our router does respond to every syn-flood request (SYN_SENT) and by doing so it saturates our WAN-/upload-Line. Is there any possibility that we can prevent our router to send out any SYN-packet, whenever a certain amount of not acknowledged SYN-packets have sent out to the very same IP-destination (but on different ports)? I would be grateful for any hint. Thanks in advance, Andre -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Query on status of Endian Firewall Community
This is yet ANOTHER query into the status of Endian Firewall Community. I've been using it for a long time, submitted bug reports, etc. Would someone from Endian please give us some kind of freakin' answer as to what is happening with this project? Thank you, -Matt -- Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] hi
Hate to agree here, but I am. I'm in the process of moving away from Endian Firewall Community as the support for it, this mailing list, and almost everything else appears to be dead. Sick of waiting even though they state it's still alive. -Matt On Wed, Jan 14, 2015 at 2:09 PM, Davide Cottignoli davidecottign...@racine.ra.it wrote: Forget Endian Community Edition with large scale network, move to pFsense and you will be happy. Davide. Il 14/01/15 13:36, mohsen Abbaspour ha scritto: hi every body i want to use endian noncomercial version in large scale network these service are in my favorite to use in the network and i need them VPN , IDPS , Firewall , Monitoring and log traffic i dont know possible problems aboutusing endian on large scale network there are 1500 users on my network -- mob :09359535689 Check out my professional profile and connect with me on LinkedIn. http://lnkd.in/RqFEqH -- New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Endian Firewall Community - Is it dead/dying?
So, This has been asked quite a bit and now I'm curious. IS this project dead? Should I start looking for something else at this time to accommodate my needs? Thank you, -Matt -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Firewall Community - Is it dead/dying?
I hate to look at doing that, looking for something new. The Endian Software does everything I need it to do and it is quite easy to configure and deploy. On Tue, Oct 14, 2014 at 12:09 PM, Davide Cottignoli davidecottign...@racine.ra.it wrote: The project is not dead but for the second part of your mind, I think you're right. Davide. Il 14/10/14 17:01, Matt Hayes ha scritto: So, This has been asked quite a bit and now I'm curious. IS this project dead? Should I start looking for something else at this time to accommodate my needs? Thank you, -Matt -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Firewall Community - Is it dead/dying?
I haven't really tried any other alternatives lately, but I'm always looking for something that has the same features as Endian or more. If it doesn't meet the criteria that Endian provides, I ignore it. On Tue, Oct 14, 2014 at 12:58 PM, ANIS El Achèche elache...@ubuntu.com wrote: Hey! As we start a such discussion, let's talk about alternatives.. We ca nuse pFsense, ClearOS, Zentyal... what else?? What would you use ?? *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche* *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Oct 14, 2014 at 5:54 PM, Matt Hayes domin...@slackadelic.com wrote: I hate to look at doing that, looking for something new. The Endian Software does everything I need it to do and it is quite easy to configure and deploy. On Tue, Oct 14, 2014 at 12:09 PM, Davide Cottignoli davidecottign...@racine.ra.it wrote: The project is not dead but for the second part of your mind, I think you're right. Davide. Il 14/10/14 17:01, Matt Hayes ha scritto: So, This has been asked quite a bit and now I'm curious. IS this project dead? Should I start looking for something else at this time to accommodate my needs? Thank you, -Matt -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Combine many WANs like as they are one
You're talking about 'trunking' of providers, which isn't possible unless the provider is configured to accept a trunked connection. On Mon, May 12, 2014 at 4:48 PM, ANIS El Achèche elache...@ubuntu.comwrote: Hey! Any one here know a way to combine many WANs like if I have just one?? Not talking about LB or Fail Over.. I mean if I have 20MB/s ADSL on eth0 and 4MB/s SDSL on eth1 why can't combine them to have 24MB/s ? Even if this feature isn't present en efw, am interested to know more about it.. And maybe we can create a community script to add this feature to efw.. Regards, *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* -- Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free. http://p.sf.net/sfu/SauceLabs ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free. http://p.sf.net/sfu/SauceLabs___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Browsing slow timeout
What makes you think it's a DNS problem? Does it happen on more than one web page or does it seem to happen on the same web pages all the time or is it just random? On Tue, Apr 22, 2014 at 6:29 AM, ANIS El Achèche elachechea...@gmail.comwrote: Hey Guys! I have some navigation problems, and can't find out if it's a DNS problem from my ISP or it's a problem caused by EFW. So I'm running efw as my GW, the Internet is stable and every thing is OK, there is just one problem, during the navigation I have RANDOM load slow.. The web page stay loading and loading until I have This web page is not available.. I thinked that it is a DNS problem so I changed my DNS servers to use new ones.. But I have the same issue.. I'm running efw 2.5.1 community version. Thx in advance. -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Browsing slow timeout
You've confirmed that you have internet access at that time? Tried pinging out to a public server and confirmed it would answer back via IP? If so, did you try the same via domain name? On Tue, Apr 22, 2014 at 9:13 AM, ANIS El Achèche elache...@ubuntu.comwrote: Hey! The problem happened randomly, many time a day.. But when it happened all the web pages that I'm trying to open are just loaded until timed out. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 1:35 PM, Matt Hayes domin...@slackadelic.comwrote: What makes you think it's a DNS problem? Does it happen on more than one web page or does it seem to happen on the same web pages all the time or is it just random? On Tue, Apr 22, 2014 at 6:29 AM, ANIS El Achèche elachechea...@gmail.com wrote: Hey Guys! I have some navigation problems, and can't find out if it's a DNSproblem from my ISP or it's a problem caused by EFW. So I'm running efw as my GW, the Internet is stable and every thing is OK, there is just one problem, during the navigation I have RANDOM load slow.. The web page stay loading and loading until I have This web page is not available.. I thinked that it is a DNS problem so I changed my DNS servers to use new ones.. But I have the same issue.. I'm running efw 2.5.1 community version. Thx in advance. -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Browsing slow timeout
Very odd... I've not had this issue myself. Then again, I'm on the bleeding edge 3.x release right now.. On Tue, Apr 22, 2014 at 10:33 AM, ANIS El Achèche elache...@ubuntu.comwrote: I'm not.. But the status page show me that the DNs proxy is running :/ *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 3:26 PM, Matt Hayes domin...@slackadelic.comwrote: Are you using the DNS Proxy service on Endian? On Tue, Apr 22, 2014 at 10:17 AM, ANIS El Achèche elache...@ubuntu.comwrote: So for the 1st 2 weeks I used OpenDNS.. then my ISP told me that I have the problems because we don't have openDNS servers in Tunisia, so It will increase the time to reach a domain. I switched to use our ISP DNs and I have the same thing.. This morning I configured a new DNS ip from my ISP and still get the same problem.. → That's why I'm asking on this ML, because it can be something else in endian. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 3:05 PM, Matt Hayes domin...@slackadelic.comwrote: That's interesting... so are you using your ISPs DNS or public DNS? On Tue, Apr 22, 2014 at 10:02 AM, ANIS El Achèche elache...@ubuntu.com wrote: Yep.. I confirme that.. I was testing that for more then a month right now.. The IP ping works, but not the dns ping.. I tryed it using 8.8.8.8 and google.com and other domains and ips. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 2:51 PM, Matt Hayes domin...@slackadelic.comwrote: You've confirmed that you have internet access at that time? Tried pinging out to a public server and confirmed it would answer back via IP? If so, did you try the same via domain name? On Tue, Apr 22, 2014 at 9:13 AM, ANIS El Achèche elache...@ubuntu.com wrote: Hey! The problem happened randomly, many time a day.. But when it happened all the web pages that I'm trying to open are just loaded until timed out. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 1:35 PM, Matt Hayes domin...@slackadelic.com wrote: What makes you think it's a DNS problem? Does it happen on more than one web page or does it seem to happen on the same web pages all the time or is it just random? On Tue, Apr 22, 2014 at 6:29 AM, ANIS El Achèche elachechea...@gmail.com wrote: Hey Guys! I have some navigation problems, and can't find out if it's a DNSproblem from my ISP or it's a problem caused by EFW. So I'm running efw as my GW, the Internet is stable and every thing is OK, there is just one problem, during the navigation I have RANDOM load slow.. The web page stay loading and loading until I have This web page is not available.. I thinked that it is a DNS problem so I changed my DNS servers to use new ones.. But I have the same issue.. I'm running efw 2.5.1 community version. Thx in advance. -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Browsing slow timeout
I've not had many issues with it since I upgraded to it. Seems to be bit more stable. On Tue, Apr 22, 2014 at 11:33 AM, ANIS El Achèche elache...@ubuntu.comwrote: Emmm.. I see, thinks for trying to help me :) Can you tell us your feedback about the Bleeding Edge?! *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 4:19 PM, Matt Hayes domin...@slackadelic.comwrote: Very odd... I've not had this issue myself. Then again, I'm on the bleeding edge 3.x release right now.. On Tue, Apr 22, 2014 at 10:33 AM, ANIS El Achèche elache...@ubuntu.comwrote: I'm not.. But the status page show me that the DNs proxy is running :/ *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 3:26 PM, Matt Hayes domin...@slackadelic.comwrote: Are you using the DNS Proxy service on Endian? On Tue, Apr 22, 2014 at 10:17 AM, ANIS El Achèche elache...@ubuntu.com wrote: So for the 1st 2 weeks I used OpenDNS.. then my ISP told me that I have the problems because we don't have openDNS servers in Tunisia, so It will increase the time to reach a domain. I switched to use our ISP DNs and I have the same thing.. This morning I configured a new DNS ip from my ISP and still get the same problem.. → That's why I'm asking on this ML, because it can be something else in endian. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 3:05 PM, Matt Hayes domin...@slackadelic.comwrote: That's interesting... so are you using your ISPs DNS or public DNS? On Tue, Apr 22, 2014 at 10:02 AM, ANIS El Achèche elache...@ubuntu.com wrote: Yep.. I confirme that.. I was testing that for more then a month right now.. The IP ping works, but not the dns ping.. I tryed it using 8.8.8.8 and google.com and other domains and ips. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 2:51 PM, Matt Hayes domin...@slackadelic.com wrote: You've confirmed that you have internet access at that time? Tried pinging out to a public server and confirmed it would answer back via IP? If so, did you try the same via domain name? On Tue, Apr 22, 2014 at 9:13 AM, ANIS El Achèche elache...@ubuntu.com wrote: Hey! The problem happened randomly, many time a day.. But when it happened all the web pages that I'm trying to open are just loaded until timed out. *El Achèche ANIS* *An Ubuntu-tn Member Events Team Coordinator* *Official Ubuntu Member **|** Member @CLibre.tn | Junior SysAdmin @ApptivIT* *elache...@ubuntu.com elache...@ubuntu.com | # whoami http://wiki.ubuntu.com/elacheche * *I am what I am because of who we all are - The Ubuntu Philosophy* On Tue, Apr 22, 2014 at 1:35 PM, Matt Hayes domin...@slackadelic.com wrote: What makes you think it's a DNS problem? Does it happen on more than one web page or does it seem to happen on the same web pages all the time or is it just random? On Tue, Apr 22, 2014 at 6:29 AM, ANIS El Achèche elachechea...@gmail.com wrote: Hey Guys! I have some navigation problems, and can't find out if it's a DNS problem from my ISP or it's a problem caused by EFW. So I'm running efw as my GW, the Internet is stable and every thing is OK, there is just one problem, during the navigation I have RANDOM load slow.. The web page stay loading and loading until I have This web page is not available.. I thinked that it is a DNS problem so I changed my DNS servers to use new ones.. But I have the same issue.. I'm running efw 2.5.1 community version. Thx in advance. -- Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform
Re: [Efw-user] Block HTTP traffic:
Ok, I think I understand now. There is a way to do this, and probably more ways, but you can possibly do it with a DHCP option or if you run Windows Server, you can use group policy to deploy proxy settings to all machines to force them to utilize the proxy for internet browsing. On Tue, Dec 24, 2013 at 12:07 AM, danillo F. danill...@hotmail.com wrote: Well let me try to be more objective. I want to block all http and https traffic and only allow them to use the internet using proxy, I leave the proxy and non-transparent. -- Date: Mon, 23 Dec 2013 23:39:24 -0500 From: domin...@slackadelic.com To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: What do you mean by the 'navigation proxy'? That's the confusing party. You either use the proxy or you don't. You have a few ways to do this. one is to configure the proxy as transparent so that it filters all HTTP traffic or you turn it on and point specifically to it. But, I've never heard of someone wanting to use an HTTP proxy but block HTTP proxy. If you want to block HTTP, don't use the proxy. Turn it off and utilize the outbound firewall rules to block outbound port 80. By default the outbound firewall allows for outbound port 80. On Mon, Dec 23, 2013 at 6:19 PM, danillo F. danill...@hotmail.com wrote: I did the default installation endian, do not set any rules, only those that come by default. The Endian is configured in gateway mode and the stations that set the IP endian as default gateway. With the default settings of the Endian all stations can browse normally, I would like to disable this option, only releasing the navigation proxy. att Date: Mon, 23 Dec 2013 22:23:14 +0100 From: davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Should you post a detailed config? On 23/12/2013 15:45, danillo F. wrote: But I do not want to use transparent proxy, want to allow only navigation using proxy. Date: Mon, 23 Dec 2013 09:07:14 -0500 From: domin...@slackadelic.com To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Set the proxy to be transparent... no need to remove any rules. On Mon, Dec 23, 2013 at 5:57 AM, danillo F. danill...@hotmail.com mailto:danill...@hotmail.com wrote: I did that, but just disabling the rules is still possible to navigate, even without setting the proxy in navigated. att danillo Date: Mon, 23 Dec 2013 11:33:40 +0100 From: davidecottign...@racine.ra.it mailto:davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net mailto:efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto: Efw-user@lists.sourceforge.net
Re: [Efw-user] Block HTTP traffic:
Set the proxy to be transparent... no need to remove any rules. On Mon, Dec 23, 2013 at 5:57 AM, danillo F. danill...@hotmail.com wrote: I did that, but just disabling the rules is still possible to navigate, even without setting the proxy in navigated. att danillo Date: Mon, 23 Dec 2013 11:33:40 +0100 From: davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Block HTTP traffic:
What do you mean by the 'navigation proxy'? That's the confusing party. You either use the proxy or you don't. You have a few ways to do this. one is to configure the proxy as transparent so that it filters all HTTP traffic or you turn it on and point specifically to it. But, I've never heard of someone wanting to use an HTTP proxy but block HTTP proxy. If you want to block HTTP, don't use the proxy. Turn it off and utilize the outbound firewall rules to block outbound port 80. By default the outbound firewall allows for outbound port 80. On Mon, Dec 23, 2013 at 6:19 PM, danillo F. danill...@hotmail.com wrote: I did the default installation endian, do not set any rules, only those that come by default. The Endian is configured in gateway mode and the stations that set the IP endian as default gateway. With the default settings of the Endian all stations can browse normally, I would like to disable this option, only releasing the navigation proxy. att Date: Mon, 23 Dec 2013 22:23:14 +0100 From: davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Should you post a detailed config? On 23/12/2013 15:45, danillo F. wrote: But I do not want to use transparent proxy, want to allow only navigation using proxy. Date: Mon, 23 Dec 2013 09:07:14 -0500 From: domin...@slackadelic.com To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Set the proxy to be transparent... no need to remove any rules. On Mon, Dec 23, 2013 at 5:57 AM, danillo F. danill...@hotmail.com mailto:danill...@hotmail.com wrote: I did that, but just disabling the rules is still possible to navigate, even without setting the proxy in navigated. att danillo Date: Mon, 23 Dec 2013 11:33:40 +0100 From: davidecottign...@racine.ra.it mailto:davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net mailto:efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto: Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian with /32 subnet
Are you sure they aren't issuing that through PPPoE? I've only seen that used in PPPoE setups, but trying to statically set it probably won't work as the system would see it as unroutable as it would be in it's 'own' subnet basically. On Tue, Jul 23, 2013 at 3:27 AM, Cultrure cultr...@gmail.com wrote: Dear all, I've posted this issue to http://www.efwsupport.com/index.php/topic,3745.0.html with no replys so I'm someone could help me. How can I setup /32 subnet(255.255.255.255) to my RED interface. When using web-ui I get error The RED IP address or network mask 188.165.136.196/255.255.255.255 is not correct.. Highest possible subnet is /28 that I can setup. I also need this subnet to be set on IPAliases also. I'm not able to find the config file when using SSH-connection. /32 subnet is *required* by our hosting provider. Thank you. Timo -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW crash
In my experience, when the box is powering itself off, you probably have a cooling issue. When this happened in my Endian box, it turned out the heatsync and fan assembly needed to be replaced. Once I did that, no more issues! Good luck! -Matt On Tue, Jul 9, 2013 at 8:56 AM, Andres Gonzalez tuc...@gmail.com wrote: Hi Matt! We can discard that it's specifically power off. Today happened again at the same time. I thinks that there's a hardware issue or there's a process that makes this happens. Regards. On Mon, Jul 8, 2013 at 10:53 AM, Matt Hayes domin...@slackadelic.comwrote: Don't think I've ever seen ntop crash the box, specifically power it off. I'd say someone powered it off or you had a brown out causing the server to power itself off if it isn't on UPS. -Matt On Mon, Jul 8, 2013 at 9:10 AM, Andres Gonzalez tuc...@gmail.com wrote: Hello: I have a problem with the EFW box, today the system was turned off. Look like a hardware issue (it's a new Supermicro server), the only thing that I found on the logs is an ntop error: [ 784.341579] ntop[10292]: segfault at 58 ip b7127069 sp 9d4fcb00 error 4 in libntopreport-3.3[b707e000+e8000] Could that cause the system crash ? Thanks. -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- AGD -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW crash
Don't think I've ever seen ntop crash the box, specifically power it off. I'd say someone powered it off or you had a brown out causing the server to power itself off if it isn't on UPS. -Matt On Mon, Jul 8, 2013 at 9:10 AM, Andres Gonzalez tuc...@gmail.com wrote: Hello: I have a problem with the EFW box, today the system was turned off. Look like a hardware issue (it's a new Supermicro server), the only thing that I found on the logs is an ntop error: [ 784.341579] ntop[10292]: segfault at 58 ip b7127069 sp 9d4fcb00 error 4 in libntopreport-3.3[b707e000+e8000] Could that cause the system crash ? Thanks. -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] IPSec failing after some time
Look at time out values within the DSL modem, it's possible that it's renewing ports or something for forwarding. Hard to say how the modem is doing forwarding though. On Wed, Jun 12, 2013 at 10:40 AM, Lorenzo Milesi lorenzo.mil...@yetopen.itwrote: When you say NAT'd IP, you mean that the IP address on your Endian isn't the public? If so, the VPN probably won't work properly. IPSec isn't meant to be NAT'd... and isn't NAT-traversal the solution to natted vpn? -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it D.Lgs. 196/2003 Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Can ping dns server in Green, but cannot dig it from endian 2.5.1 box
Is your internal DNS server authoritative for myserver.mydomain.org? What is the error that dig returns? On Fri, Jun 7, 2013 at 1:10 PM, Steve Owley sow...@westervillelibrary.orgwrote: Hello and thank you for your help, ** ** I have an endian machine set up RGB for evaluation. There is no special routing or NATing applied yet, just separate networks on the three NICs. After I ssh into it using the Green address, I can ping the local DNS server (in the Green network) but I cannot dig it. Dig reports that it cannot reach the server. So it is as if TCP were working but not UDP, or at least not UDP port 53 to Green’s network. ** ** I had thought that dnsmasq was grabbing the request and somehow failing to resolve the request—but if I set that to use the local DNS server for this domain it fails, just like dig did from the command prompt. ** ** The setup should not cause confusion: Green: 1.0.0.47 (network is 10.0.0.0/16) Blue: 192.168.70.1 (network is 192.168.70.0/23) Red: a fixed public address ** ** This works: ping 10.0.1.159 This fails: dig @10.0.1.159 myserver.mydomain.org But this works: dig @208.67.222.222 myserver.mydomain.org (which I assume is going out through Red) ** ** Thanks again if you have any advice for me. If I can get this simple test working I will be in a good spot to continue the test. Steve -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Can ping dns server in Green, but cannot dig it from endian 2.5.1 box
Very strange.. what about looking up other domains through the same method? On Fri, Jun 7, 2013 at 2:03 PM, Steve Owley sow...@westervillelibrary.orgwrote: Hi Matt and thank you, ** ** The server is authoritative for this domain within its network—our ISP can resolve the same domain for external clients, but the internal DNS server does not know about that. ( I look forward to the day when we are no longer doing things in this manner.) ** ** Other linux computers within the network have no problem reaching this server and getting a response using dig. Here is the error from endian:** ** ** ** ; DiG 9.2.4 @10.0.1.159 myserver.mydomain.org ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached ** ** Steve ** ** *From:* Matt Hayes [mailto:domin...@slackadelic.com] *Sent:* Friday, June 07, 2013 1:27 PM *To:* efw-user@lists.sourceforge.net *Subject:* Re: [Efw-user] Can ping dns server in Green, but cannot dig it from endian 2.5.1 box ** ** Is your internal DNS server authoritative for myserver.mydomain.org? What is the error that dig returns? ** ** On Fri, Jun 7, 2013 at 1:10 PM, Steve Owley sow...@westervillelibrary.org wrote: Hello and thank you for your help, I have an endian machine set up RGB for evaluation. There is no special routing or NATing applied yet, just separate networks on the three NICs. After I ssh into it using the Green address, I can ping the local DNS server (in the Green network) but I cannot dig it. Dig reports that it cannot reach the server. So it is as if TCP were working but not UDP, or at least not UDP port 53 to Green’s network. I had thought that dnsmasq was grabbing the request and somehow failing to resolve the request—but if I set that to use the local DNS server for this domain it fails, just like dig did from the command prompt. The setup should not cause confusion: Green: 1.0.0.47 (network is 10.0.0.0/16) Blue: 192.168.70.1 (network is 192.168.70.0/23) Red: a fixed public address This works: ping 10.0.1.159 This fails: dig @10.0.1.159 myserver.mydomain.org ** ** But this works: dig @208.67.222.222 myserver.mydomain.org (which I assume is going out through Red) Thanks again if you have any advice for me. If I can get this simple test working I will be in a good spot to continue the test. Steve -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user ** ** -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] IPSec failing after some time
When you say NAT'd IP, you mean that the IP address on your Endian isn't the public? If so, the VPN probably won't work properly. IPSec isn't meant to be NAT'd... On Fri, May 31, 2013 at 12:04 PM, Lorenzo Milesi lorenzo.mil...@yetopen.itwrote: Hi. I have a 2.5.1 installation which works fine. Last week we moved from a public IP to a NATted one, and since then the IPSec VPN isn't working anymore! Not really: it works for one hour or so, and after that time it drops and I find the following error in messages: pluto (25362) initial Main Mode message received on EFW_WAN_IP:500 but no connection has been authorized with policy=PSK this is weird because as I said for one hour or so it works great. What can cause this? So strange, it has been working great before the DSL change... thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it D.Lgs. 196/2003 Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Modifying Packet!
This cuts off, but I just ssh'd into my Endian and did lsmod | grep sip and here's my results: nf_nat_sip 3710 0 nf_conntrack_sip 10485 1 nf_nat_sip nf_nat 10267 9 iptable_nat,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_tftp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda nf_conntrack 38475 23 xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_conntrack_netbios_ns,nf_nat_snmp_basic,nf_nat_sip,nf_conntrack_sip,nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_nat_tftp,nf_conntrack_tftp,nf_nat_irc,nf_conntrack_irc,nf_nat_h323,nf_conntrack_h323,nf_nat_ftp,nf_conntrack_ftp,nf_nat_amanda,nf_nat,nf_conntrack_amanda,nf_conntrack_ipv4 The reason that the sip proxy was removed is that now there's a sip conntrack module in iptables. Unfortunately, I have yet to setup a true IP PBX behind Endian. I know others have, however, as you can tell, this mailing list and any other support medium for the community edition of Endian is shit anymore. -Matt On Thu, May 30, 2013 at 8:46 AM, Scott Howell scott.howel...@gmail.comwrote: Absolutely, pretty much everything works except for one type of call. Either way, it is somewhat irrelevant. In this scenario I did the two capture simultaneously at eth1 (WAN) in the Endian and on the IP-PBX. I compared the two captures side by side and here is the difference . . . This is the identical packet on each of the interfaces which is going out to the ITSP. You can see in the second capture (External on Endian) how the (c) has changed. I am completely lost . . It is my understanding there is no SIP Helper/Proxy in this release and I'm not a linux expert, but this seems to be the case best I can tell. I can think of no other reason why the Endian would change this, or why it would change to this bogus IP even if there was a proxy? Internal Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 69.61.101.90 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 69.61.xx.xx Session Name (s): 3cxPS Audio call Connection Information (c): IN IP4 69.61.xx.xx Connection Network Type: IN Connection Address Type: IP4 Connection Address: 69.61.xx.xx External Endian Interface Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 134.2.0.0 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 134.2.0.0 Session Name (s): 3cxPS Audio call Connection Information (c): IN IP4 134.2.0.0 Connection Network Type: IN Connection Address Type: IP4 Connection Address: 134.2.0.0 Sincerely, Scott Howell Mobile : 404-735-5273 On Thu, May 30, 2013 at 12:41 AM, Matt Hayes domin...@slackadelic.comwrote: Just a question, but do you have port 5060 port forwarding or a 1-to-1 NAT or anything? On Wed, May 29, 2013 at 4:23 PM, Scott Howell scott.howel...@gmail.comwrote: I can't think of any reason this is happening but it is. I have a 3CX IP-PBX behind Community 2.5.1. I ran a Wireshark on my PBX and at the same time did a tcpdump within the Endian at the same time. When looking at the two captures side by side the Endian is modifying the (c) Connection information during Session Description. On the PBX I see it going out as my WAN IP, but the same packet in the Endian has a bogus IP of 134.2.0.0 in this part of the Message Body. What the heck is going on?? Any help is greatly appreciated. Sincerely, Scott -- Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with 2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics
Re: [Efw-user] Endian Modifying Packet!
I completely agree. I love the product, just wish the community edition had more attention. In the past few years the support in the community has just gone way down hill. It used to be quite active. On Thu, May 30, 2013 at 11:54 AM, Scott Howell scott.howel...@gmail.comwrote: Thank a lot Matt for the info. At least this gives me something else to look into before I yank the Endian. I will begin some research now and see if this is where the problem lies. As far as this mailing list and the forums you are correct it it garbage. I don't really understand why though. I have tried just about every open source UTM on the market and all their communities are vibrant. The Endian stacks up well against all of them yet the community is non-existent. It's a shame for such a well polished product in so many ways. Sincerely, Scott Howell Mobile : 404-735-5273 On Thu, May 30, 2013 at 9:57 AM, Matt Hayes domin...@slackadelic.comwrote: This cuts off, but I just ssh'd into my Endian and did lsmod | grep sip and here's my results: nf_nat_sip 3710 0 nf_conntrack_sip 10485 1 nf_nat_sip nf_nat 10267 9 iptable_nat,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_tftp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda nf_conntrack 38475 23 xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_conntrack_netbios_ns,nf_nat_snmp_basic,nf_nat_sip,nf_conntrack_sip,nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_nat_tftp,nf_conntrack_tftp,nf_nat_irc,nf_conntrack_irc,nf_nat_h323,nf_conntrack_h323,nf_nat_ftp,nf_conntrack_ftp,nf_nat_amanda,nf_nat,nf_conntrack_amanda,nf_conntrack_ipv4 The reason that the sip proxy was removed is that now there's a sip conntrack module in iptables. Unfortunately, I have yet to setup a true IP PBX behind Endian. I know others have, however, as you can tell, this mailing list and any other support medium for the community edition of Endian is shit anymore. -Matt On Thu, May 30, 2013 at 8:46 AM, Scott Howell scott.howel...@gmail.comwrote: Absolutely, pretty much everything works except for one type of call. Either way, it is somewhat irrelevant. In this scenario I did the two capture simultaneously at eth1 (WAN) in the Endian and on the IP-PBX. I compared the two captures side by side and here is the difference . . . This is the identical packet on each of the interfaces which is going out to the ITSP. You can see in the second capture (External on Endian) how the (c) has changed. I am completely lost . . It is my understanding there is no SIP Helper/Proxy in this release and I'm not a linux expert, but this seems to be the case best I can tell. I can think of no other reason why the Endian would change this, or why it would change to this bogus IP even if there was a proxy? Internal Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 69.61.101.90 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 69.61.xx.xx Session Name (s): 3cxPS Audio call Connection Information (c): IN IP4 69.61.xx.xx Connection Network Type: IN Connection Address Type: IP4 Connection Address: 69.61.xx.xx External Endian Interface Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 134.2.0.0 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 134.2.0.0 Session Name (s): 3cxPS Audio call Connection Information (c): IN IP4 134.2.0.0 Connection Network Type: IN Connection Address Type: IP4 Connection Address: 134.2.0.0 Sincerely, Scott Howell Mobile : 404-735-5273 On Thu, May 30, 2013 at 12:41 AM, Matt Hayes domin...@slackadelic.comwrote: Just a question, but do you have port 5060 port forwarding or a 1-to-1 NAT or anything? On Wed, May 29, 2013 at 4:23 PM, Scott Howell scott.howel...@gmail.com wrote: I can't think of any reason this is happening but it is. I have a 3CX IP-PBX behind Community 2.5.1. I ran a Wireshark on my PBX and at the same time did a tcpdump within the Endian at the same time. When looking at the two captures side by side the Endian is modifying the (c) Connection information during Session Description. On the PBX I see it going out as my WAN IP
Re: [Efw-user] Endian Modifying Packet!
You are most welcome. On Thu, May 30, 2013 at 1:56 PM, Scott Howell scott.howel...@gmail.comwrote: BTW, thanks for the info. I researched this a bit and think it may be my culprit. I am going to manually unload the nf_conntrack_sip and nf_nat_sip modules tonight and reboot to see if this fixes the issue but I suspect it will. I'll update this thread if it does. Concerning the product there is always a tradeoff with features. I am a big supporter of pfSense and still am, but there are a handful of features on Endian that just work and are so much easier to configure. I have had some strange behavior with the IPSEC VPN however on a this rollout of 9 locations that I may start a new thread on it's just low on my list right now. Sincerely, Scott Howell Mobile : 404-735-5273 On Thu, May 30, 2013 at 12:52 PM, Matt Hayes domin...@slackadelic.comwrote: I completely agree. I love the product, just wish the community edition had more attention. In the past few years the support in the community has just gone way down hill. It used to be quite active. On Thu, May 30, 2013 at 11:54 AM, Scott Howell scott.howel...@gmail.comwrote: Thank a lot Matt for the info. At least this gives me something else to look into before I yank the Endian. I will begin some research now and see if this is where the problem lies. As far as this mailing list and the forums you are correct it it garbage. I don't really understand why though. I have tried just about every open source UTM on the market and all their communities are vibrant. The Endian stacks up well against all of them yet the community is non-existent. It's a shame for such a well polished product in so many ways. Sincerely, Scott Howell Mobile : 404-735-5273 On Thu, May 30, 2013 at 9:57 AM, Matt Hayes domin...@slackadelic.comwrote: This cuts off, but I just ssh'd into my Endian and did lsmod | grep sip and here's my results: nf_nat_sip 3710 0 nf_conntrack_sip 10485 1 nf_nat_sip nf_nat 10267 9 iptable_nat,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_tftp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda nf_conntrack 38475 23 xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_conntrack_netbios_ns,nf_nat_snmp_basic,nf_nat_sip,nf_conntrack_sip,nf_nat_pptp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_nat_tftp,nf_conntrack_tftp,nf_nat_irc,nf_conntrack_irc,nf_nat_h323,nf_conntrack_h323,nf_nat_ftp,nf_conntrack_ftp,nf_nat_amanda,nf_nat,nf_conntrack_amanda,nf_conntrack_ipv4 The reason that the sip proxy was removed is that now there's a sip conntrack module in iptables. Unfortunately, I have yet to setup a true IP PBX behind Endian. I know others have, however, as you can tell, this mailing list and any other support medium for the community edition of Endian is shit anymore. -Matt On Thu, May 30, 2013 at 8:46 AM, Scott Howell scott.howel...@gmail.com wrote: Absolutely, pretty much everything works except for one type of call. Either way, it is somewhat irrelevant. In this scenario I did the two capture simultaneously at eth1 (WAN) in the Endian and on the IP-PBX. I compared the two captures side by side and here is the difference . . . This is the identical packet on each of the interfaces which is going out to the ITSP. You can see in the second capture (External on Endian) how the (c) has changed. I am completely lost . . It is my understanding there is no SIP Helper/Proxy in this release and I'm not a linux expert, but this seems to be the case best I can tell. I can think of no other reason why the Endian would change this, or why it would change to this bogus IP even if there was a proxy? Internal Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 69.61.101.90 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 69.61.xx.xx Session Name (s): 3cxPS Audio call Connection Information (c): IN IP4 69.61.xx.xx Connection Network Type: IN Connection Address Type: IP4 Connection Address: 69.61.xx.xx External Endian Interface Code: Message Body Session Description Protocol Session Description Protocol Version (v): 0 Owner/Creator, Session Id (o): 3cxPS 275414777856 414900551682 IN IP4 134.2.0.0 Owner Username: 3cxPS Session ID: 275414777856 Session Version: 414900551682 Owner Network Type: IN Owner Address Type: IP4 Owner Address: 134.2.0.0 Session Name (s): 3cxPS
Re: [Efw-user] Endian Modifying Packet!
Just a question, but do you have port 5060 port forwarding or a 1-to-1 NAT or anything? On Wed, May 29, 2013 at 4:23 PM, Scott Howell scott.howel...@gmail.comwrote: I can't think of any reason this is happening but it is. I have a 3CX IP-PBX behind Community 2.5.1. I ran a Wireshark on my PBX and at the same time did a tcpdump within the Endian at the same time. When looking at the two captures side by side the Endian is modifying the (c) Connection information during Session Description. On the PBX I see it going out as my WAN IP, but the same packet in the Endian has a bogus IP of 134.2.0.0 in this part of the Message Body. What the heck is going on?? Any help is greatly appreciated. Sincerely, Scott -- Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with 2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with 2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] endian firewall + Wireshark
As far as I'm aware, tcpdump is usable from the command line already On Tue, Feb 19, 2013 at 5:36 PM, luis felipe picó herrero lfph...@hotmail.com wrote: Hello, I would like to know if anybody knows how to install Wireshark on Endian 2.3. I want to run it on the shell but I have not been able. Thank you very much in advance! -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Mail from iPad
If you're on a mini you should have a support contract with Endian. Did you try calling their paid support line? This mailing list is mainly aimed at the Endian Open Source edition On Tue, Dec 11, 2012 at 10:01 AM, Herbert Appel postmas...@nx-networx.dewrote: Hi guys, I´m sitting behind an ENDIAN-MINI. Mails from my iMAC with pictures inside go to the outgoing mailserver mail.hosting-agency.de SMTP port 25 or 587 and come from IMAP Server mail.hosting-agency.de but sent from my iPAD there is no connection with the SMTP-Server - so I was told from my mail-hoster. Has anybody heard about such a behavior? What can be wrong? thanks a lot for any hint Herbert -- LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] endian firewall + SIP
If you are forwarding the ports, the proxy is pretty much moot. On Thu, Nov 29, 2012 at 3:51 PM, luis felipe picó herrero lfph...@hotmail.com wrote: Hello, I am new with endian firewall and I have a doubt regarding its operation with SIP. I am using Asterisk as proxy server behind the firewall and I have made portforwarding of the corresponding SIP and RTP ports. However I do not know if I should disable the endian SIP proxy feature or not? What do you think? Thank you very much in advance! -- Keep yourself connected to Go Parallel: VERIFY Test and improve your parallel project with help from experts and peers. http://goparallel.sourceforge.net ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Keep yourself connected to Go Parallel: VERIFY Test and improve your parallel project with help from experts and peers. http://goparallel.sourceforge.net___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW 2.4.1 - dyndns not updating
On 4/4/2011 1:29 PM, Andres Gonzalez wrote: Hello, I have installed EFW 2.4.1 and I need to setup a dyndns account but it's not working. I found that there's a bug (http://bugs.endian.com/view.php?id=3307), but is still not working. Any idea ? Regards. -- AGD Did you run through the procedure towards the end of that bug to make changes to the .pl script and see if that helped? -Matt -- Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] RES: Help! SIP proxy issue
On 03/17/2011 05:51 PM, Kevin Murphy wrote: SIP proxy has been removed from version 2.4.1 so if he is using the sip proxy I don't see how that will help! Sent from my HTC Desire HD -Original Message- From: Nelson (Hotmail) [nelsonfi...@hotmail.com] Received: 17/03/2011 21:48 To: efw-user@lists.sourceforge.net Subject: [Efw-user] RES: Help! SIP proxy issue UPGRADE TO 2.4.1 VERSION... Nelson... São Paulo/Brasil -Mensagem original- De: gkent [mailto:gk...@rossdesignservices.com] Enviada em: quinta-feira, 17 de março de 2011 18:08 Para: efw-user@lists.sourceforge.net Assunto: [Efw-user] Help! SIP proxy issue Hi, I'm pretty new to VoIP, and have set up a great working system that has an Endian firewall version 2.3.0 (Community). It works great, but about 3 times a day, my IP telephones will start blinking a message that it cannot find the SIP Server...Connecting. Also, upon a reboot of the firewall, I often have to go to each IP phone and give it a new IP address. Whew, I have spent hours trying to find out what the problem is here, with no success. I've done Wireshark captures that are being submitted to NEC for analysis. Can anyone pitch in and offer helpful options or adviceI'd be very grateful for anything at this point. Thanks much, -g 2.4.1 has no need for siproxd as it uses the nf_conntrack_sip modules from the kernel. -Matt -- Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] ClamAV malformed database on Endian.. again
On 03/01/2011 08:20 AM, Vassilis V. wrote: Hi all! A couple of weeks ago I had a major issue on all Endian boxes as the ClamAV database was corrupted and had to manually be reseted. It was reported here by some users along with a fix. Did you all experience the same problem again yesterday? If you are wondering why you arent getting any POP3 mails through, check your SMTP logs! In case you have the HTTP Proxy on, you would already have noticed the Read Error when trying to load a website. Why is that happening? I did not manage to find any information on ClamAV or any other major Open Source firewall distribution about a general problem with a specific update. It seems to me that its only happening to Endian. Vassilis There was an issue with the clamav database again. They corrected it shortly after the issue was discovered. I do suggest anyone using Endian and utilizing clamav scanning with it to subscribe to the clamav-users list as it was a buzz with the information on it. -Matt -- Free Software Download: Index, Search Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Error on Endian FW
On 2/11/2011 11:16 AM, Claudio Roberti wrote: This morning I started receiving bad messages from the proxy server, like */(104) Connection reset by peer/* or zero length reply from server for every site I try to browse. Thinked of possible error with DNS but even changing it did not solved, any idea? Everything worked fine till yesterday. Thanks, Claudio. An update from clamav screwed up havp scanning in the proxy. I had to manually remove the database and then run freshclam.. Some I had to redownload the database that was corrupted manually before it would come back up. -Matt -- The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Error on Endian FW
On 2/11/2011 12:05 PM, Claudio Roberti wrote: I have done the same but the antivirus service HTTP antivirus (havp) does not restart and I had to remove the virus check from the contentfilter to browse again, can you tell me why the service does not start. When I run the freshclam -v command it said it could notify clamd (because it was not running I think). Thanks, Claudio. What I found on some clients, running freshclam worked just fine for them, then re-enabling virus scanning and it worked. With some running freshclam revealed corrupted files in the database. Removing the databases manually and then re-running freshclam worked for some. Others I had to manually download the one file, bytecode in this example, and then re-run freshclam and it worked. -Matt -- The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Port 3131
On 1/31/2011 11:59 AM, Matt Hayes wrote: Noticed this port in the firewall logs. Lots of connects to it from 127.0.0.1 (Endian firewall itself). What in the heck is this? More of a curious question than anything.. its listening on a port.. only on localhost, but connecting to itself. Just odd. Thanks, Matt So, does this list even get looked at anymore? :) -Matt -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Port 3131
On 2/3/2011 11:00 AM, Daniel Moree wrote: It may be the update port. I'll look into it further for ya. Sorry, just joined this list a few days ago. Daniel Moree Systems Analyst [re]defining ready 300 East College Avenue | Hartsville, SC 29550 phone: (843) 383-8186 | help desk: (843) 383-8323 Become a Fan! - http://www.facebook.com/cokercollege http://www.coker.edu | http://support.coker.edu On 02/03/2011 10:02 AM, Matt Hayes wrote: On 1/31/2011 11:59 AM, Matt Hayes wrote: Noticed this port in the firewall logs. Lots of connects to it from 127.0.0.1 (Endian firewall itself). What in the heck is this? More of a curious question than anything.. its listening on a port.. only on localhost, but connecting to itself. Just odd. Thanks, Matt So, does this list even get looked at anymore? :) -Matt No its fine! Just wanted to make sure my messages were getting through. That port is odd.. and I do think it is the update port, but it must be something new in the 2.4.x series as I don't recall seeing it in 2.2 and couldn't find documentation on it. -Matt -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Port 3131
Noticed this port in the firewall logs. Lots of connects to it from 127.0.0.1 (Endian firewall itself). What in the heck is this? More of a curious question than anything.. its listening on a port.. only on localhost, but connecting to itself. Just odd. Thanks, Matt -- Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] google apps
On 09/15/2010 05:03 PM, Mallela Anil Kumar wrote: Hello Sir, i Installed Endian Firewall In My Origination.while i was trying to block mail.Google.com http://mail.Google.com at the same time my google apps company mails accounts also blocking the firewall. With Regards, Mallela AnilKumar. -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user well, that kind of makes sense considering they all use the same inbound/outbound servers. -Matt -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] firewall rules are hard to use
On 1/4/2010 3:33 PM, oneforall immortal wrote: well I'll have to go back to 2.2 I guess , I was going to paste my domainanmme/blah/snapshot.jpg to some one and I could even check if it works first . all I want is it to work locally also (using the www.mydomain.com) but it refuses times out etc all because the simple way has become so darn complicated I'm stuck with out it . Also the other things that are only half a@@ working or stuck with them not. It terrible when some did and was easy to do and now its not .:( Well, redirecting a www.mydomain.com internally is not the endian's fault. That would be internal DNS issues. You would probably want to set up an internal DNS entry in Endian's dnsmasq configuration (available in the web interface) to tie that DNS name to a particular IP internally. Optionally, you would have to run internal DNS off of another machine internally. The Endian has no idea what your internal DNS infrastructure is, it only knows that www.mydomain.com is an external address and will route you as such. -Matt -- This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] How to add physical interface ??
On 12/23/2009 12:25 PM, John Marotta wrote: Jonas, You have to run thru the Network Wizard and select the 2 ETH interfaces you want to use. You must add the IP address in the “Add additional addresses” box including the CIDR. Ahh cool that's something I didn't even know :) -Matt -- This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Endian 2.3 - 500 Internal error when going to QoS management
500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Anyone else getting this? I've also noticed snortd eating up nearly 100% of the cpu -Matt -- Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Congratulation to endian team!
Pedro M. S. Oliveira wrote: I just did a fresh install and recovered from a backup I previously did. Cheers, Pedro www.linux-geex.com http://www.linux-geex.com/ Pedro, When you say you 'recovered' from a backup, you did a fresh install and a restore from a 2.2 backup you did? Reason I'm asking as I'll be doing an upgrade to 2.3 as well. Did you see any issues going from 2.2 to 2.3 at all? -Matt -- Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Upgrade from 2.3 rc1 to 2.3 final
Luca Giovenzana wrote: Best option is to backup, reinstall and restore, that's because of a bug in 2.3 rc1 which assigns a very small size to /var/log partition. http://bugs.endian.it/view.php?id=2288 Have fun with your 2.3 Luca What about an upgrade from 2.2 to 2.3 using efw-upgrade :) Anyone try this yet? -Matt -- Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Event Notifications
Ignore this... I rebooted the firewall after making some changes and everything appears to be working :) -matt Matt Hayes wrote: Rafael Fonseca wrote: Maybe your Spam folder got something? Gmail is known for marking messages from unknown boxes as Spam. I had to manually add rules to my Inbox to prevent messages coming from my home server to be sent to Spam. Regards, -- Rafael Fonseca www.nunca.com.br http://www.nunca.com.br Well, I run my own mail server and my logs don't even show a connection attempt. -Matt -- Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] upgrade to 2.2 will I loose my settings
Steven Sher wrote: Hi Thanks for the upgrade option very nice feature! What versions can be upgraded to 2.2? i.e what is the oldest version that can be upgraded? Also will I loos my settings? Thanks Steve I too love this feature! Steve: I did this the other night and did not lose any settings at all. It went very very smoothly. I went from 2.2rc3 to 2.2 final. -Matt -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://p.sf.net/sfu/creativitycat-com ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Install IPtraf
ed...@brbyte.com.br wrote: Use the efw-toolbox. http://sourceforge.net/projects/efw-toolbox Download it, copy it to the efw (scp) and install using rpm --install. Very nice! Didn't even know that existed.. Bookmarked. -Matt -- Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, Big Spaceship. http://p.sf.net/sfu/creativitycat-com ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Any word on the EFW 2.3?
More than likely, just as the last release, there won't be a true upgrade path for those of us on 2.2RC3 going to 2.3. It'll more than likely be a backup config install from scratch restore config process. -Matt Marco Aurélio wrote: Hi, Is there any word on the release version of Endian Community 2.3? Or some way to perform the updates in 2.2 rc3, as it is with various problems and saw that a lot has been repaired. Regards, Marco -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Register Now Save for Velocity, the Web Performance Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] VOIP phone behind endian firewall
Steven Sher wrote: I currently have one Snom phone using VOIP working fine behind my Endian Firewall v2.2 Beta3, but having endless hassles trying to get a 2^nd phone to work behind the firewall. The 2^nd phone can register with the hosted PABX but cant receive any calls. I have got as far as being able to make a call but then there is no sound, you can’t hear anything. Any advice? Does anybody recommend using the SIP Proxy is it more reliable to use the SIP proxy or NOT? Thanks Steve If you're using more than one phone, I would recommend at least trying the SIP Proxy in transparent mode. -Matt -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] VOIP phone behind endian firewall
Lee Marzke wrote: Matt Hayes wrote: Steven Sher wrote: I currently have one Snom phone using VOIP working fine behind my Endian Firewall v2.2 Beta3, but having endless hassles trying to get a 2^nd phone to work behind the firewall. The 2^nd phone can register with the hosted PABX but cant receive any calls. I have got as far as being able to make a call but then there is no sound, you can’t hear anything. Any advice? Does anybody recommend using the SIP Proxy is it more reliable to use the SIP proxy or NOT? Thanks Steve If you're using more than one phone, I would recommend at least trying the SIP Proxy in transparent mode. -Matt Have you actually used the proxy ? I have both 2.2RC2 community and 2.2 Enterprise and the SIP proxy doesn't seem to work ( at least with Asterisk ) The documentation doesn't say much. Do the RTP ports used by Asterisk (rtp.conf) have to agree with the ports used by the proxy? With the proxy on I was able to make outbound calls, but inbound calls ( which were working ) have stopped working. The only think I could get to work was turning the proxy off and port forwarding 5060 and 1 thru 10021 to Asterisk, and restricting Asterisk to those rtp ports. Lee Sadly, no, I've never been able to get the SIP Proxy to work as I wanted it. Very frustrating. I was just making a suggestion as I was in the same boat as you at one point, I finally just forwarded ports. -Matt -- Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Traffic shaping bug in EFW 2.2
mbleiweiss wrote: Per the Endian bug tracker, there was a bug with ID#0001444 http://bugs.endian.it/view.php?id=1444 which (if I understand it correctly) basically means that if you set up traffic shaping in the web interface, it doesn't get enabled. Or, per the bug description: traffic shaping configuration will never be applied. If you check the changelog for Endian, it looks as if the fix for this bug will not be applied until v2.3. SO. does anyone know the story with this? I am currently running 2.2rc1 and looking at /var/efw/shaping/settings shows that there is nothing in there. Is this really fixed in 2.2rc3? If not, is there a way to manually fix this problem until 2.3 is available? I really need the traffic shaping feature working. Thanks in advance for your help. I just checked that on my firewall running 2.2rc3 and /var/efw/shaping/settings is empty for me as well. I'm curious if this is still abug as well. -Matt -- ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] siproxd
Just one quick question: When enabling a proxy, the firewall will create the proper rules. I've noticed on 2.2 that the rules for SIPROXDPORTFW have nothing at all in them. Could this be because the outgoing firewall is disabled at this time? If not, is anyone else using 2.2 with siproxd and have it actually logging connections/calls/etc. Thanks, Matt - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] /var/log/firewall
I'm on 2.2RC3 and I've noticed that the firewall log doesn't seem to exist. I checked the bugs site and I don't see this bug mentioned yet, but i wanted to check here first before I filed anything to see if anyone else has this issue or if a fix is already in place etc. Thanks! -Matt - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] siproxd 2.2rc3
I'm curious if anyone else is utilizing the sip proxy in endian 2.2rc3 If so, and have gotten it to work, can you give me an insight as to are you using as transparent or did you actually configure and outbound server etc? I have it configured, but not sure if my vonage adapter is actually being intercepted by it. Just curious. Thanks, Matt - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] 2.2 RC3 upgrade path?
Does anyone know if with the release of 2.2 RC3 how safe it is to backup a current 2.1.2 config and then upgrade and restore? Is there any type of upgrade path at this time? Thanks, Matt - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian 2.2 release date.
Pedro M. S. Oliveira wrote: Hi does anyone know the roadmap for the final release of EFW 2.2? Thanks Pedro http://bugs.endian.it/roadmap_page.php -Matt - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Community Version
Mariano Sokal wrote: Hello from Buenos Aires... Any idea when the 2.2 version will be released to the community? I am waiting to try it :) Best regards, Mariano Sokal If you look at bugs.endian.it and look at the Roadmap link.. it will give you a clue as to where they are in the process. -Matt - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Upgrade path from 2.1.2 to the new 2.2 beta4
Raphael Vallazza wrote: There is no upgrade path for beta versions, you'll have to reinstall it an restore a backup from 2.1.2 (maybe you could try with vmware before your wife kills you :). An upgrade path will be available for the final release. Raphael Am 23.04.2008 um 16:39 schrieb Matt Hayes: I'm curious if upgrading from 2.1.2 to the new beta is going to cause any major issues. The reason I want to clarify as this is that Endian is my main firewall/router at home and if I break it, my wife will surely kill me :) -Matt AHA! Well, I'm not too worried about it crapping out.. however, the biggest reason i want to go to the latest beta is the SIProxy... want vonage to start using that so I don't have to keep forwarding ports through the firewall ;) So it looks like, backup.. reinstall.. restore.. pray is in order! -Matt - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user