Re: [Efw-user] Ping problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oups, made some mistakes, sorry (wrote in a hurry without testing it). On 11/12/2013 07:09 PM, Alexandru Gheorghe wrote: [...] You can dump them with this: for table in filter nat mangle security; do echo -e \n\n[--$table--] ; iptables -t $table -nvL | curl -F sprunge=- http://sprunge.us; echo ; echo ; done should be for table in filter nat mangle security; do echo -e \n\n[--$table--] ; iptables -t $table -nvL | curl -F sprunge=- http://sprunge.us; echo ; echo ; done in one line On 11/12/2013 11:41 AM, ANIS El Achèche wrote: [...] - -- :: P u r p l e s r l :: security and network :: edificio 16 - viale Sarca 336 :: i-20126 - Milano :: web: www.purplesrl.com :: Alexandru Gheorghe :: a.gheorghe [at] purplesrl [dot] com :: PGP key id DA10B322 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJSgmHfAAoJELu53YDaELMitmgH/1hntXB/y60DU8dcTF5pQFuJ 1ZV/wnKp2eOJLAg+OIx4bG0wsi7Pq3+V2kN4+AVch/Ob2AWxzpXrYddkKpG1pIyh eehLiNihkg5rzkkdAUbv0gIFDOkhbw+XPVx4EjIUE/Vhwl7fK3g1jcA0jYKpQgK7 ITnInKfCG30bnT/rdq9OAbnguZ5lf6s+VpL2nGYrXpO+ASitGx3n8gadQ2QO3Yc6 SvVfE3u412bU+2EDvqYfHojFFrmAthuf5U9yhRJislA00K+cF1uNw6jzqcAppY4r VqIhbWtcOdJttwvt8vgd6UZ+5IokyXCHvDllh83CoUUxYZIzwZj850Qwr110++8= =rcpY -END PGP SIGNATURE- -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Ping problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Can you provide more insights in what is your configuration? This seems like a network issue. Do you have IDS (snort) turned on? Is it virtualized or installed on a bare metal? Please try to provide captured traffic using the next syntax: tcpdump -s0 -nnvv -i br0 -w GREEN_capture.pcap Choose `-i' for the interface you are experiencing downtimes. Check also /var/log/endian/uplinks and see if the main uplink goes offline/online from time to time. Make sure that also your ISP is not causing problems. Also some dumps of your Firewall rules would be interesting since you mentioned you can't ping it. You can dump them with this: for table in filter nat mangle security; do echo -e \n\n[--$table--] ; iptables -t $table -nvL | curl -F sprunge=- http://sprunge.us; echo ; echo ; done Return the links you get, they will expire in a while. Is this issue 'felt' from your LAN (just asking that maybe you're a mobile user connected to it via VPN and trying to ping it over a public network like the Internet)? Cheers, Alex On 11/12/2013 11:41 AM, ANIS El Achèche wrote: Up!! On Mon, Nov 11, 2013 at 5:40 PM, ANIS El Achèche elachechea...@gmail.com mailto:elachechea...@gmail.com wrote: Hey, I'm a new member in the ML, I was using Endian for a while now and I like it :) But I have a problem with it since last week.. Actually I'm using Endian as my *GW*, the problem is I have minutes or seconds of *downtime* in my Endian so can't ping it and of course can't access/ping to the internet.. I have no idea why this is happens.. *How can I trace the problem??* *If* I upgrade to the next version that will solve the problem?? *And the most important question is the upgrade from 2.5.1 to 2.5.2 safe??* Thx for you help *Endian informations: * ApplianceCommunity Version2.5.1 Kernel2.6.32.43-57 tel:2.6.32.43-57.e43.i586 CPU 13% CPU 25% Memory14%1010 MB Swap0%511 MB Main disk11%7.6G Temp0%505.1M Data disk15%23.4G /var/efw9%98.4M /var/log9%15.2G -- Best Regards, El Achèche ANIS Linux user /#486664 / Ubuntu user /#32379 / ubuntiste-msakni http://ubuntiste-msakni.legtux.org -- Best Regards, El Achèche ANIS Linux user /#486664 / Ubuntu user /#32379 / ubuntiste-msakni http://ubuntiste-msakni.legtux.org -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user - -- :: P u r p l e s r l :: security and network :: edificio 16 - viale Sarca 336 :: i-20126 - Milano :: web: www.purplesrl.com :: Alexandru Gheorghe :: a.gheorghe [at] purplesrl [dot] com :: PGP key id DA10B322 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJSgmDVAAoJELu53YDaELMiR+AH/1eFdKak3zWyheJs/LBEckmO sfJhNOLA79BLDM2JeInTpCcZNKcWKj/JVXQ8xfH0IlmWhnu0bLpF7iYz6LsmRm4e 7tygmUTFXV558kbQfsoMlhR/e5GbvkKGRt2hGQfqeOeKk7Gk0KasHJAstQIPXfO2 gpxpON5jBT/Fs0lPstCw6ZiW78fUxpWqbRW0+tezmOCHPP+a2yXpEQyimc4yCwDw /F/AxM+pZSWDa3AQ3HBxWTWMqn33RZUkErApYefQrQlXg/BVG/l6AgRfy6HdxTXt cFIu7xEdTimNu+s4AHn0kT+srqdBtxUZRb5P5ZcgbpJ2EZl9VzAPHikYCuUZ1yo= =+9+h -END PGP SIGNATURE- -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian 3 beta 2 and virtIO drivers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I think is better to open a bug on Jira tracker ( http://jira.endian.com ) adding the tests you've made. It would be useful to write any additional information that might speed up the process of analysis. With some occurences I've seen this behavior as well but never had time to dig deeper. I would happily go further on this if I get the chance and also will let you know. By the way, changing the driver to VirtIO after an installation with SCSI or HD worked for me with KVM and virt-manager (Ubuntu 12.10 64-bit 3.5.0-44-generic); have you tried it in this fashion? Alex On 12/21/2013 12:26 AM, Ziemowit Pierzycki wrote: Does Endian finally support virtIO drivers? It appears they load fine during the installation until the installer claims there is not enough space which I assume is because somewhere it doesn't recognize /dev/vd* device. The prompt asking whether it's okay to erase the data on the drive mentions /dev/vda. The failure happens right after that. Why use virtIO? Lets say you loose storage connection, the IO to the storage will be blocked until a reconnect happens while with other drivers such as SCSI or HD, you'll most likely see lots of errors which lead to all kinds of nasty OS issues. Ziemowit Pierzycki -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user - -- :: P u r p l e s r l :: security and network :: edificio 16 - viale Sarca 336 :: i-20126 - Milano :: web: www.purplesrl.com :: Alexandru Gheorghe :: a.gheorghe [at] purplesrl [dot] com :: PGP key id DA10B322 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJStWMCAAoJELu53YDaELMi0Z4H/R5hhA/r+mv7k29pXstLo2P8 KENS+rE2uayhThPPnTbYfF65oXqqTYq7fAD6KcKD7GAjIs6VvaCPjOStJ3PzJx2I VSfGghaGCqhpIfEj5sabHuIulPFpzv2cSCifHyOByEXybiObAaFBqHk2mAYlyUYf czTu4w7i6MwBz0kynTI2TcL4u/6KqyinCfj0EbGOC8uBMZ8/RgxuUzjLXS1qH4ut yoIe7h57aBWgzPWc0e3Jr//NNY8ulOV0mNetaRWHTxO3P/JIY0HacHHw/4kc5/Kb R7uVJTgn2wKpwVYrPEi16gmTjZuKdn4QE17wDUlKjneemP9yAjsQv7bmeyc1OjI= =mqUd -END PGP SIGNATURE- -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] QoS for equally distirbuting bandwidth among users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Lorenzo, If you have HTTP Proxy enabled, you could add an access policy to destination domains and restrict the updates based on time if is possible (e.g. only on Friday after working hours, for 30 minutes you are allowed to have Windows Updates). If not and you still need QoS then you could set it up on the ZONE you need (e.g. GREEN for the clients) and limit to the destination domains of Windows updates (IPs) and the according port (80/443 I presume?). So for your configuration (assuming an SDSL setup as an example) would be 16384 kbps up and down. You can then assign High priority for normal traffic and Low prio for updates (the Low you can update it yourself to fit accordingly). The only problem here is to have the IPs constantly updated so they match the domains and subdomains for updates. Hope it helps! Alexander On 02/09/2014 04:48 PM, ANIS El Ach│che wrote: Any ideas?? On Fri, Feb 7, 2014 at 1:07 PM, Lorenzo Milesi lorenzo.mil...@yetopen.it mailto:lorenzo.mil...@yetopen.it wrote: thanks Forgot to say, I'm using EFW 2.5.1 -- Lorenzo Milesi - lorenzo.mil...@yetopen.it mailto:lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Best Regards, El Ach│che ANIS Linux user /#486664 / Ubuntu user /#32379 / ubuntiste-msakni http://ubuntiste-msakni.legtux.org -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user - -- :: P u r p l e s r l :: security and network :: edificio 16 - viale Sarca 336 :: i-20126 - Milano :: web: www.purplesrl.com :: Alexandru Gheorghe :: a.gheorghe [at] purplesrl [dot] com :: PGP key id DA10B322 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJS97rbAAoJELu53YDaELMi4qEH/jtTvBorHWFAm/OIB3I1QI1+ PztoJSS2++iA34NPkpXX79bxivNROeY1vOJH9v/XnKk0+6LfBG+DWbTmtg2JMl+E 3CclVTHhlTMSX+4LSTjhqJxpAKgHU2k4gxlFJAgzWsRDL6JMLnAXqn1diHN2kBT7 q0mHTi+yW81aPkD9Wio+AGkFSukUiJuzuxpe3TMYJXSmdLRdjE9JrU4xZKhxtncR GdvAOqxSAb5KF5s+/gZk9Epcr4BL/n2W2OaenZMCfrvYqgMimkBBep2uGK/YuI5l 8KIHYzW32dt0XiAD0ovfawjbJL/GprxoTNLh13Wyc1/HYC5xShkemMVeA+7+49U= =k2aq -END PGP SIGNATURE- -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Upgrade from 252 stable to 3.0 bleeding edge
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi guys. On 03/14/2014 01:13 PM, St←phane Parenton wrote: Every service is ok, except the VPN... _**BUT*__***_ we've had some problem with the VPN and i can't tell that the connection problem are there because of the 3.0 migration or because there was already some troubles in the 2.5.2. the VPN has worked in 2.5.2, so it's something that should be unrelated to the 3.0 upgrade... but as i haven't solved it yet, i cannot say more about it. for VPN please check the Bug tracker: http://jira.endian.com especially for IPsec. we've dealt with some issues lately regarding several parameters like leftsourceip and leftnexthop that were breaking some vpn tunnels with devices like cisco and such. [ http://jira.endian.com/browse/{UTM-875,UTM-801,UTM-862,UTM-770} ] please update there any issues you encounter so we can track them (all of us). Some GUI details have been changed, but no revolution though, so no problem i can say it's ok for the 3.0 upgrade sure, some new stuff was introduced, probably the most influential change is that strongSwan was updated to 5.x, so no longer pluto but say hello to charon. mainly now there should be reloads on connections and only restart when the service's settings change. if you encounter any issues with this (and crypto settings for your connections and such) don't hesitate to open a bug or write to ml alexander - -- :: P u r p l e s r l :: security and network :: edificio 16 - viale Sarca 336 :: i-20126 - Milano :: web: www.purplesrl.com :: Alexandru Gheorghe :: a.gheorghe [at] purplesrl [dot] com :: PGP key id DA10B322 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTIuxIAAoJELu53YDaELMiLjMIAJ+kdZ89P8w+1cc0+zHuEZ/j Xl9E/fz/PXwU/o20UV77r1iX1+A8Nlg0y9F9VUvxjeySDqWla9oTa8mitygFBTic JmfqfNwA6vrBuhBVJEbLgggxzSomf0MB0s2Q0WrB+c2UoRdEAMc6GFWndUMG/b6O A4DeC0Fx33pF/NhCUBnAUp6dXEjwnCME4KgHPbR6Lfc0/F6bWK6TKNdHbVRNqaWY VRvrFpGqzTRIL7o7d3Kz2gtDSPFTk+YB4pYDhr2HqG7H1XB7hIhOtr7+v+3HpmUT HNnFLrllBWqVHo9EfahsBW20b1HfbrHBc+a2YzNeoC+d1s+tXm+XIOGK1Kh6AfY= =HOV7 -END PGP SIGNATURE- -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Use Public IP from LAN
On 09/24/2014 01:24 PM, ANIS El Achèche wrote: Now I want that the traffic between my local IP and Red IP will be allowed, the FW log shows me this INPUTFW:DROP TCP 192.168.1.xx:port - RED IP: port You don't need NAT if you want a GREEN client to go out in WAN on some non standard (meaning, not defined by default in Firewall) port/service. Just allow it in Outgoing firewall. More info at [1]. REFERENCE: [1] How To [KB]: http://help.endian.com/entries/21231431-Applications-fail-to-connect-from-behind-an-Endian-UTM-Appliance -- :: e n d i a n :: security with passion :: Alexandru Gheorghe :: http://www.endian.com signature.asc Description: OpenPGP digital signature -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Use Public IP from LAN
On 09/24/2014 02:00 PM, ANIS El Achèche wrote: I know that, but when I use my REDIP from my LAN the FW block that request! Then you need to specify to allow in Firewall System access (specify the source ip to be safe). System access must match INPUTFW chain which is defined in INPUT (filter table) of netfilter (see with iptables). -- :: e n d i a n :: security with passion :: Alexandru Gheorghe :: http://www.endian.com signature.asc Description: OpenPGP digital signature -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user