Send Efw-user mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/efw-user
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Efw-user digest..."
Today's Topics:
1. EFW on an compact flash disc? (Diederik Lascaris)
2. Re: EFW on an compact flash disc? (Mike Tremaine)
3. Re: EFW on an compact flash disc? (Diederik Lascaris)
4. No Buffer Space Available Error (Dan O. Steinbach)
5. openvpn set up, mobile clients can only reach firewall's
internal green NIC address, no other machines on LAN are
reachable (Ron E.)
6. Re: openvpn set up, mobile clients can only reach firewall's
internal green NIC address, no other machines on LAN are
reachable (Igor Mikolic-Torreira)
7. Clamav-0.91.1 update for Endian 2.1.2 ??? (wheflin)
8. Re: Clamav-0.91.1 update for Endian 2.1.2 ??? (Thomas Heimann)
----------------------------------------------------------------------
Message: 1
Date: Tue, 14 Aug 2007 23:01:23 +0200
From: "Diederik Lascaris" <[EMAIL PROTECTED]>
Subject: [Efw-user] EFW on an compact flash disc?
To: <[email protected]>
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
Hi all,
I was just wondering if it is wise to install EFW on a CF card instead
of a normal (or 2.5") harddrive. The major disadvantage of CF must be
the limited write cycles it can handle before failure. I'm no *nux
expert so I don't know how much writing is done under normal operating
conditions. I would imagine removing the swap partition is a big 'write
saver', but there is a risk of getting out of memory.
I'm not expecting this would support all the great features EFW has to
offer like transparent http proxy, and so on, my goal is more to build
a silent router for my home situation. Al I rely want to do is use it as
an email proxy (virus and spam) and openvpn so I can login easely from
everywere. I have bought a Via C3 533 MHz mini ITX board with a case
that supports an extra pci device.
If this works good enough for me at home I'm planning of distributing
similar 'routers' to my clients , although with newer Via boards
ofcourse, with the intention of running more features of EFW.
So my question realy is if there is anyone out there who had tried this
on a CF card? Or do you have other suggestions for me?
Thanks,
Diederik.
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
Message: 2
Date: Tue, 14 Aug 2007 14:11:39 -0700
From: Mike Tremaine <[EMAIL PROTECTED]>
Subject: Re: [Efw-user] EFW on an compact flash disc?
To: [email protected]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Diederik Lascaris wrote:
So my question realy is if there is anyone out there who had tried this
on a CF card? Or do you have other suggestions for me?
The logs would be the hardest part. The squid logs alone would kill your
CF card in a few months I'm sure. If you could mount /var on something
else it might work but hard drives are cheap and if you are looking for
reliability go for RAID 1 mirroring.
-Mike
------------------------------
Message: 3
Date: Wed, 15 Aug 2007 00:15:22 +0200
From: "Diederik Lascaris" <[EMAIL PROTECTED]>
Subject: Re: [Efw-user] EFW on an compact flash disc?
To: <[email protected]>
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset="US-ASCII"
Hi Mike,
Thanks for your reply, I think I could mount a networkshare on my server
as /var, that would save a lot of write action on the CF I guess.
Personaly I'm not going to run squid on http, but if it writes a couple
of files for each email that is being processed that alone could kill
the CF in time...
The problem is that in the thinclient I have bought there is no room for
an hd, not even a 2.5".
I really do appreciate your input here, it got me thinking a bit more.
Thanks again.
Diederik.
-----Oorspronkelijk bericht-----
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Mike Tremaine
Verzonden: dinsdag 14 augustus 2007 23:12
Aan: [email protected]
Onderwerp: Re: [Efw-user] EFW on an compact flash disc?
Diederik Lascaris wrote:
So my question realy is if there is anyone out there who had tried
this
on a CF card? Or do you have other suggestions for me?
The logs would be the hardest part. The squid logs alone would kill your
CF card in a few months I'm sure. If you could mount /var on something
else it might work but hard drives are cheap and if you are looking for
reliability go for RAID 1 mirroring.
-Mike
------------------------------------------------------------------------
-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.476 / Virus Database: 269.11.13/947 - Release Date:
11-8-2007 14:29
------------------------------
Message: 4
Date: Wed, 15 Aug 2007 15:46:23 -0500
From: "Dan O. Steinbach" <[EMAIL PROTECTED]>
Subject: [Efw-user] No Buffer Space Available Error
To: [email protected]
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1
Hi Everyone,
I am a new user to Endian Firewall and I hoping someone could help point
me to the right direction to solve the following problem. Thanks in
advance for any help and/or suggestions.
We are getting the following error with Endian Firewall 2.1.2 and the
error is somewhat random, at least I haven't found a pattern.
The requested URL could not be retrieved
While trying to retrieve the URL: http://cal.platteville.k12.wi.us/
The following error was encountered:
Connection Failed
The system returned:
(105) No buffer space available
The remote host or network may be down. Please try the request again.
Your cache administrator is [EMAIL PROTECTED]
This 'No buffer space available' error seems to be limited to internal web
access and not to web access which is outside the firewall. I have a
number of internal web services that users access and those web services
are also available to the outside world. The
'http://cal.platteville.k12.wi.us/' server is used by both the internal
and external users.
I am not sure what other information is needed to solve the problem, but I
would be happy to provide more details as needed. Again thanks for any
assistances you may offer.
Dan Steinbach
------------------------------
Message: 5
Date: Wed, 15 Aug 2007 18:11:09 -0700
From: "Ron E." <[EMAIL PROTECTED]>
Subject: [Efw-user] openvpn set up, mobile clients can only reach
firewall's internal green NIC address, no other machines on LAN are
reachable
To: [email protected]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Dear All,
Hopefully someone has an idea about this. I manage several Endian
firewall systems with openvpn configured and enabled. The one with this
issue is running version 2.1.1 (the most recent version any of the
various systems are running).
Recently I configured openvpn on this particular system and while
clients can connect successfully, only the firewalls green NIC is
accessible, no other LAN machines are despite being reachable from
inside the network normally.
I have reproduced this problem on multiple systems connected to the
Internet in multiple ways, with a public IP on the client side, via a
NAT gateway, etc., etc.
Looked through the openvpn logs and searched this mailing list but
haven't found any clues.
Would appreciate any input, thanks.
------------------------------
Message: 6
Date: Wed, 15 Aug 2007 21:43:15 -0400
From: Igor Mikolic-Torreira <[EMAIL PROTECTED]>
Subject: Re: [Efw-user] openvpn set up, mobile clients can only reach
firewall's internal green NIC address, no other machines on LAN are
reachable
To: [email protected]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I believe this is the OpenVPN routing bug. This has been
discuss previously on this list (a search of the arives
should find it). A solution also appears at
http://alumnus.caltech.edu/~igormt/endian/bugs.html
Igor
Ron E. wrote:
Dear All,
Hopefully someone has an idea about this. I manage several Endian
firewall systems with openvpn configured and enabled. The one with this
issue is running version 2.1.1 (the most recent version any of the
various systems are running).
Recently I configured openvpn on this particular system and while
clients can connect successfully, only the firewalls green NIC is
accessible, no other LAN machines are despite being reachable from
inside the network normally.
I have reproduced this problem on multiple systems connected to the
Internet in multiple ways, with a public IP on the client side, via a
NAT gateway, etc., etc.
Looked through the openvpn logs and searched this mailing list but
haven't found any clues.
Would appreciate any input, thanks.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------
Message: 7
Date: Wed, 15 Aug 2007 20:30:08 -0700 (PDT)
From: wheflin <[EMAIL PROTECTED]>
Subject: [Efw-user] Clamav-0.91.1 update for Endian 2.1.2 ???
To: [email protected]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
Is anyone working on a community update of Clamav-0.91.1 for version 2.1.2? I
know that Mike from Stellarcore.net (Thanks for all you contributions) made
one for version 2.0, but, this does not appear to work on the latest (2.1.2)
release when installed from scratch. The default version (90.3) Is a little
slow, especially when making changes. It can take 2 - 3 minutes for the
service to come back up. I read on the Clamav mailing list that this was
fixed in the new version.
