>Monitoring runs on localhost You should have a look in to the assp-monitor.pl script. This script emulates a SYSLOG server. If syslog is configured in assp to send the log to ths assp-monitor SYSLOG server, the script will watch permanently if assp is running or not. You have to modify the script for your local needs, like: IP, Port, timing values, restart command and so on. But this is easy to see. The advantage of this script is, that assp is monitored even the instance is idle for hours.
>Some of our configuration files are generated externally, such as localdomains In this case assp rereads the file every 5 minutes (per default). Here we have the five minutes - and the reload is normal. Make sure your external collection script makes no mistake! >I just set up different users so we could stop using root, clicked logout and got the login prompt. You have to click cancel in the login prompt - this should be shown in the login prompt window. The sequence in maillog.txt is like this: Mar-11-15 07:59:52 [Main_Thread] Admin connection from user root on host *******; page:/logout; session-ID:31d32662563be88bd596b72bb20bcb3c; Mar-11-15 07:59:52 [Main_Thread] Logout from admin interface requested for user 'root' at '******' Mar-11-15 07:59:52 [Main_Thread] Terminated WEB session 31d32662563be88bd596b72bb20bcb3c for user 'root' at '****' Mar-11-15 07:59:52 [Main_Thread] Terminated WEB session 6eb2b017b825cd3defc7c48c441ab01b for user 'root' at '****' Mar-11-15 07:59:52 [Main_Thread] Terminated WEB session 3e8252de5c6b289718e69c86a8b68ad1 for user 'root' at '****' > Would there be a preferred way to have any updates sent to ASSP rather than overwriting the file? I prefer using LDAP and the Groups feature for registering and classifying domains, IP's and users. The concept of assp allows to have a central LDAP server where all domains, groups, IP's and users are registered. As a result, the usage of the assp GUI is only required for major configuration changes - all other domain , IP and user based changes have to be only done in the LDAP directory. Thomas Von: Colin Waring <co...@dolphinict.co.uk> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 10.03.2015 20:21 Betreff: Re: [Assp-test] Localdomains stopping working Actually this raises a few other questions (sorry!). Monitoring runs on localhost and the script basically calls the telnet command then searches the output for "Connected". The web admin is configured to use https so the monitoring command should never actually set up a session with ASSP. I'll need to do a bit more with the script to change it to look for a particular response on port 55553. Some of our configuration files are generated externally, such as localdomains which comes from a combination of different systems. Would there be a preferred way to have any updates sent to ASSP rather than overwriting the file? I know this isn't causing the problem as the first thing I did was stop the scripts involved. I just set up different users so we could stop using root, clicked logout and got the login prompt. When I tried to log back in I got "user root is currently logged on from host 10.0.5.51 - no new sessions will be accepted until root has logged off". So it looks like even though I clicked logout the session didn't get cleaned up properly. All the best, Colin Waring. -----Original Message----- From: Thomas Eckardt [mailto:thomas.ecka...@thockar.com] Sent: 10 March 2015 16:04 To: ASSP development mailing list Subject: Re: [Assp-test] Localdomains stopping working >It doesn't authenticate and doesn't attempt to do anything with the connection. >I wouldn't have thought that an unauthenticated connection would be >able to have any impact The reason is the root login without an logout. assp caches the complete web communication for the root account. Because it is doing this, no other login is allowed while root has an active login. Now for example - if the monitor (55555) runs on the same system or is connected from the same IP (NAT) like a root-web session it may possible (should not, but who knows) that the monitor connection is misinterpreted. There is simply no web connection code in assp, that expects a non-browser session. The web code of assp is written for browsers and it is not perfect in terms of security if http is used. For this reason https should be used and if anyhow possible a Client-SSL-certificate authentication should be configured mandatory. >You're a star as always. No, I'm a gyp artist. Call me "Betelgeuse" :):) Colin, do a telnet to assp port 55553 (webStatPort) and press two times enter - you'll get the right answer - 'healthy' or the bad one - 'not healthy'. Both answers are configurable. I think your monitor don't need to know more. Thomas Von: Colin Waring <co...@dolphinict.co.uk> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 10.03.2015 13:30 Betreff: Re: [Assp-test] Localdomains stopping working Hi Thomas, Thank you for the very in depth responses. You're a star as always. I'll give them a proper review later. My first thought is that the monitoring script that I use only checks that it can open a connection. It doesn't authenticate and doesn't attempt to do anything with the connection. I wouldn't have thought that an unauthenticated connection would be able to have any impact on the configuration as that seems like a significant security issue. The monitoring script runs every 60s not five minutes, I did previously look at SNMP but couldn't get any results so I'll add that to the high priority list. I use that script as it has other monitors in such as queue length, MTA monitoring and some system admin tasks. We will definitely stop using the root login though. Strange how we haven't seen any issues at all until last week. All the best, Colin Waring On 10 Mar 2015 10:38, Thomas Eckardt <thomas.ecka...@thockar.com> wrote: Colin - I find it hard to believe. You brought home the bacon. :):):) NEVER EVER use the web listerner 55555 to monitor assp - this can lead in to unexpected config changes or config reloads - in worth case you can lose parts or the complete configuration. These are very BASIC IT rules - and they also applies to assp: Don't login to assp as 'root'. Use 'root' only, if you need to access restricted configuration parameters. NEVER forget to use the 'logout' button in the GUI - especially NOT if root is logged on! >2015-03-09 09:38:34 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 106 records >2015-03-09 09:43:33 [Main_Thread] Adminupdate: [root 192.168.11.13] >file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' >2015-03-09 21:37:10 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records >2015-03-09 21:42:11 [Main_Thread] Adminupdate: [root 192.168.11.13] >file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' exactly 5 minutes difference - Colin, can you remember about this 5 minutes - is it an accidental circumstance, that the monitor to port 55555 is running every 5 minutes ?? But - it is NOT a accidental circumstance, that the last root web-session was not logged out! all has been said >2015-03-09 00:04:33 [Main_Thread] Info: added schedule : BlockReport - for : *@domain.tld=>*=>1=> - at : 0 0,4,8,12,16,20 * * * - next run is at : 2015-03-09 04:00:00 this is normal - the MaintThread has changed the file after the blockreport is done >2015-03-09 02:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/droplist.txt' reloaded (droplist) with 658 records this is normal - the MaintThread has download the file >This is a huge problem, as localdomains errors cause mail to be incorrectly rejected and leads to serious complaints. If I can't resolve this within the next few days I'm likely to have to switch to a different product which I really don't want to do. good luck Thomas Von: Colin Waring <co...@dolphinict.co.uk> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 10.03.2015 10:05 Betreff: Re: [Assp-test] Localdomains stopping working Hi again, This looks to be a more serious issue now affecting other config files. It appears that ASSP reloads the flat files and gets the entries wrong. 192.168.11.X is my home office subnet that is allowed access to the admin interface via VPN. This brings up two things. 1) At first glance it looks like ASSP is incorrectly and sometimes partially reloading the localdomains file whenever a setting is changed via the admin interface. Localdomains.txt did not change at all yesterday yet we have differing numbers of entries indicating the file was only partially loaded. 2) The first entry at 00:34:50 is impossible. The router for 192.168.11.X was turned off at approximately 22:30 and not turned back on until 07:00 therefore there could not have been any admin update from the 192.168.11.X subnet. 3) None of these coincide with actual connections to the admin interface. There are no logs preceding that say "IP 192.168.11.X matches allAdminConnectionsFrom". The only admin connections to this instance were at 2015-03-08 14:42:01 from .11 and 2015-03-09 08:02:14 from .13 2015-03-09 00:34:50 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 00:34:50 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 09:38:34 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 09:38:34 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 106 records 2015-03-09 09:43:33 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 09:43:33 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 16:04:02 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 16:04:02 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 21:37:10 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 21:37:10 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records 2015-03-09 21:42:11 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 21:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records Digging more into the first entry I get: 2015-03-09 00:34:50 [Main_Thread] Saving config 2015-03-09 00:34:50 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 00:34:50 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 00:34:50 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records I also see the following indicating that the same problem may be affecting other config files. The block report file, like the localdomains file has not changed at all for days (and certainly wouldn't have been changed at midnight) yet there is an entry indicating the addition of a line that has been there for years. 2015-03-09 00:04:33 [Main_Thread] Saving config 2015-03-09 00:04:33 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 00:04:33 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/blockreportuser.txt' for config 'BlockReportFile' was changed 2015-03-09 00:04:33 [Main_Thread] Info: added schedule : BlockReport - for : *@domain.tld=>*=>1=> - at : 0 0,4,8,12,16,20 * * * - next run is at : 2015-03-09 04:00:00 2015-03-09 02:42:11 [Main_Thread] Saving config 2015-03-09 02:42:11 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 02:42:11 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/droplist.txt' for config 'droplist' was changed 2015-03-09 02:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/droplist.txt' reloaded (droplist) with 658 records I can only presume that the IP address being listed is simply the last address logged as connecting to the web admin interface rather than the real reason that triggered the reload. This is a huge problem, as localdomains errors cause mail to be incorrectly rejected and leads to serious complaints. If I can't resolve this within the next few days I'm likely to have to switch to a different product which I really don't want to do. All the best, Colin Waring. -----Original Message----- From: Colin [mailto:colin.war...@gmail.com] Sent: 03 March 2015 17:44 To: ASSP development mailing list Subject: [Assp-test] Localdomains stopping working Howdy, We've had this a couple of times in the last week or so: 2015-03-03 15:17:15 [Main_Thread] Saving config 2015-03-03 15:17:15 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-03 15:17:15 [Main_Thread] Adminupdate: [root ] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-03 15:17:15 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records On the face of it, looks fine as it loads all the entries but after this point ASSP acts as though the file is empty. All inbound mail gets bounced with: [SMTP Error] 530 Relaying not allowed (enable smtp authentication on your email client) I've verified with the MTA that this isn't an MTA error, ASSP is generating this before passing the connection on to it. The localdomains.txt file is updated automatically by a script so that could be the trigger for the reload. Any thoughts? ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
