This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Directory and Authentication / Sync samba machine account between diffent samba versions - 4.1 to 4.15
« on: May 17, 2024, 05:44:33 pm »
Hi there.
I have two samba servers, let's say srv01 and srv02. For that matter, both are Zentyal Server 4 and 8, respectively.
In the srv01 there is samba version 4.1, which is in the network 182.168.200.0/24, and which is by the way also the gateway to both network.
In the srv02 there is samba version 4.15, which is in the DMZ network 10.10.100.0/24
The first is an additional controller for the second.
Everything is working fine, except for machine sync.
Let me explain:
- Between these two samba servers, I have a Windows 2022 server. I was able to put Windows 2022 in the samba domain without any problems, which was a bit of surprise to me, since I always used to install SMB1v and SMB2v, first and then add the Windows server into the samba domain.
- I can log in into the Windows 2022 server using the domain account created in the server with samba 4.15
- In fact users created in both samba servers appear on both servers.
- With pdbedit --list I can see the following:
srv01:
pdbedit --list
...
...
SRV01$:4294967295:SRV01$
SRV02$:4294967295:
WINSRV01$:4294967295:
srv02:
pdbedit --list
...
...
SRV01$:3000020:SRV01$
SRV02$:3000022:
As you can see, the windows 2022 server was added in the srv01, which has samba 4.1.17 and does not appear in srv02, which has samba 4.15.13.
Based on that, I wonder if this is something to do with these different versions, before I seek some help with the Zentyal guys.
And I wonder if there is any way to force a sync between the two samba servers, in regard to the samba machines account.
Thanks in advance.
---
Gilbert
I have two samba servers, let's say srv01 and srv02. For that matter, both are Zentyal Server 4 and 8, respectively.
In the srv01 there is samba version 4.1, which is in the network 182.168.200.0/24, and which is by the way also the gateway to both network.
In the srv02 there is samba version 4.15, which is in the DMZ network 10.10.100.0/24
The first is an additional controller for the second.
Everything is working fine, except for machine sync.
Let me explain:
- Between these two samba servers, I have a Windows 2022 server. I was able to put Windows 2022 in the samba domain without any problems, which was a bit of surprise to me, since I always used to install SMB1v and SMB2v, first and then add the Windows server into the samba domain.
- I can log in into the Windows 2022 server using the domain account created in the server with samba 4.15
- In fact users created in both samba servers appear on both servers.
- With pdbedit --list I can see the following:
srv01:
pdbedit --list
...
...
SRV01$:4294967295:SRV01$
SRV02$:4294967295:
WINSRV01$:4294967295:
srv02:
pdbedit --list
...
...
SRV01$:3000020:SRV01$
SRV02$:3000022:
As you can see, the windows 2022 server was added in the srv01, which has samba 4.1.17 and does not appear in srv02, which has samba 4.15.13.
Based on that, I wonder if this is something to do with these different versions, before I seek some help with the Zentyal guys.
And I wonder if there is any way to force a sync between the two samba servers, in regard to the samba machines account.
Thanks in advance.
---
Gilbert
2
Portuguese / Problema com Openvpn site2site
« on: October 27, 2021, 09:04:14 pm »
Olá pessoal
Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:
vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24
zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.
Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.
Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet
+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:
vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24
zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.
Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.
Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet
+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
3
Installation and Upgrades / Openvpn site2site in Virtualbox (LABHOME)
« on: October 21, 2021, 07:19:57 pm »
Hi there
I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.
I also have create two host network, like:
vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0
Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1
After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.
Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN
I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2
Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2
But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.
What I missing??
I appreciated for any help!
Thank you.
I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.
I also have create two host network, like:
vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0
Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1
After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.
Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN
I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2
Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2
But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.
What I missing??
I appreciated for any help!
Thank you.
4
Installation and Upgrades / Problem when install Sogo [ Zentyal 7 Comercial Edition ]
« on: August 09, 2021, 07:11:33 pm »
Hi there
I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======
SOGo database schemas are _not_ automatically upgraded by
the packaging system.
Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.
More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading
apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
Loaded: loaded (/etc/init.d/sogo; generated)
Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
Docs: man:systemd-sysv-generator(
Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)
ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]: * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
zentyal-sogo depende de sogo (>= 5.0.1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-sogo (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
zentyal-groupware depende de zentyal-sogo; porém:
Pacote zentyal-sogo não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-groupware (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote sogo-activesync (--configure):
problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
sogo:amd64
zentyal-sogo
zentyal-groupware
sogo-activesync
And Yes! My Linux box is in PT-BR.
But after some strogle I figure out that need to trigger two steps:
Step 1 - touch /var/run/sogo/sogo.pid
After this I was to apply apt -f install but Apache2 configuration was in error.
Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:
a2enmod proxy
Then, after this apache2conf configtest ran smootlhy.
Just wanna report this problem.
Thanks.
I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======
SOGo database schemas are _not_ automatically upgraded by
the packaging system.
Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.
More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading
apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
Loaded: loaded (/etc/init.d/sogo; generated)
Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
Docs: man:systemd-sysv-generator(
Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)
ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]: * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
zentyal-sogo depende de sogo (>= 5.0.1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-sogo (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
zentyal-groupware depende de zentyal-sogo; porém:
Pacote zentyal-sogo não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-groupware (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote sogo-activesync (--configure):
problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
sogo:amd64
zentyal-sogo
zentyal-groupware
sogo-activesync
And Yes! My Linux box is in PT-BR.
But after some strogle I figure out that need to trigger two steps:
Step 1 - touch /var/run/sogo/sogo.pid
After this I was to apply apt -f install but Apache2 configuration was in error.
Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:
a2enmod proxy
Then, after this apache2conf configtest ran smootlhy.
Just wanna report this problem.
Thanks.
5
Other modules / I need an internal host go out through another external IP.
« on: April 02, 2021, 04:04:27 pm »
Hello guys.
I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
The end ddd is standard.
The end eee would be the secondary.
It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.
I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee
But without success!
Thanks to anyone who can help me.
I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
The end ddd is standard.
The end eee would be the secondary.
It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.
I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee
But without success!
Thanks to anyone who can help me.
6
Portuguese / Fazer máquina interna sair por outro IP externo.
« on: April 02, 2021, 04:01:32 pm »
Olá amigos
Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
O final ddd é padrão.
O final eee seria o secundário.
Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.
Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee
Mas sem sucesso!
Obrigado a quem puder me ajudar.
Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
O final ddd é padrão.
O final eee seria o secundário.
Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.
Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee
Mas sem sucesso!
Obrigado a quem puder me ajudar.
7
Installation and Upgrades / zentyal.squid3-external killed by KILL signal
« on: November 13, 2019, 06:12:23 pm »
Hi there friends...
I have zentyal 4 works fine, but sometimes I see this message is syslog
Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal
And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...
Any body get this error too???
Thanks
I have zentyal 4 works fine, but sometimes I see this message is syslog
Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal
And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...
Any body get this error too???
Thanks
8
Installation and Upgrades / Zentyal 4 HA
« on: November 06, 2019, 12:53:35 pm »
Hi there
I have set two servers, working with HA and so far so good... I have tested powered off one server and the secondary server got the IP and DHCP services... But, when secondary server assume this services, I needed to restart samba manually, in order to get backup folders shares work properly. So my question is, how can I set samba into HA service like ip or dhcp does, in order to samba restart automatic when primary server gone away?
I also tryied to use hooks scripts but when do so, the DHCP return fail status in crm_mon 1
Thanks for any kind of help!
I have set two servers, working with HA and so far so good... I have tested powered off one server and the secondary server got the IP and DHCP services... But, when secondary server assume this services, I needed to restart samba manually, in order to get backup folders shares work properly. So my question is, how can I set samba into HA service like ip or dhcp does, in order to samba restart automatic when primary server gone away?
I also tryied to use hooks scripts but when do so, the DHCP return fail status in crm_mon 1
Thanks for any kind of help!
9
Installation and Upgrades / Zentyal HA - Error in dhcp
« on: September 24, 2019, 08:34:14 pm »
Hi
I have this error in zentyal ha running version 4.0
ipha150 (ocf::heartbeat:IPaddr2): Started srv01
dhcp (ocf::zentyal:Zentyal): Started (unmanaged) FAILED [ srv01 srv02 ]
Failed actions:
dhcp_stop_0 (node=srv01, call=78, rc=1, status=Timed Out, last-rc-change=Tue Sep 24 15:27:58 2019
, queued=20002ms, exec=0ms
): unknown error
I have this error in zentyal ha running version 4.0
ipha150 (ocf::heartbeat:IPaddr2): Started srv01
dhcp (ocf::zentyal:Zentyal): Started (unmanaged) FAILED [ srv01 srv02 ]
Failed actions:
dhcp_stop_0 (node=srv01, call=78, rc=1, status=Timed Out, last-rc-change=Tue Sep 24 15:27:58 2019
, queued=20002ms, exec=0ms
): unknown error
10
Installation and Upgrades / Add resource in HA - Zentyal 4.0
« on: September 23, 2019, 07:08:45 pm »
Hi there
I am playing aroud HA setup in Zentyal 4.0, and I wonder if there is something way to add ohters resources into cluster
How can I do this?
Thanks
I am playing aroud HA setup in Zentyal 4.0, and I wonder if there is something way to add ohters resources into cluster
How can I do this?
Thanks
11
Installation and Upgrades / Backup took to long to list files...
« on: August 03, 2019, 01:56:26 am »
Hi there!
I have Zentyal 3.5 here and install ebackup (duplicity) and for my mistake, I set to view all the files (or itens) into restore files tab...
There's thousands files and took too long list them...
The problem occur when I try to display this page:
https://189.115.89.18:50443/SysInfo/EBackup#RemoteFileList
I have seen that uwsgi process took 100% of CPU:
14917 ebox 20 0 757780 394492 54992 R 100,0 4,9 3:50.59 uwsgi
And I also notice that when I kill the process uwsgi, I am able to return to the dashboard after a while...
How can I reset the view to just 10 itens??
Thanks
https://photos.app.goo.gl/dzT53gAUa8ChLEhi9
I have Zentyal 3.5 here and install ebackup (duplicity) and for my mistake, I set to view all the files (or itens) into restore files tab...
There's thousands files and took too long list them...
The problem occur when I try to display this page:
https://189.115.89.18:50443/SysInfo/EBackup#RemoteFileList
I have seen that uwsgi process took 100% of CPU:
14917 ebox 20 0 757780 394492 54992 R 100,0 4,9 3:50.59 uwsgi
And I also notice that when I kill the process uwsgi, I am able to return to the dashboard after a while...
How can I reset the view to just 10 itens??
Thanks
https://photos.app.goo.gl/dzT53gAUa8ChLEhi9
12
Installation and Upgrades / DHCP Module - Strange issue [ More or Less SOLVED ]
« on: November 12, 2018, 05:59:19 pm »
Hi there!
I am using Zentyal 6 and notice this warn in zentyal.log, after restart DHCP module:
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $dir_path in concatenation (.) or string at /usr/share/perl5/HTML/Mason/Tools.pm line 114.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - readdir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 17.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - closedir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 21.
What should cause this issue?
Sometimes, the module showing in dashboard as stopped.
So I click in restart module, get the information above and the module still show as stopped.
However, the services dhcpd remain in running state...
Any clue??
Thanks
I am using Zentyal 6 and notice this warn in zentyal.log, after restart DHCP module:
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $dir_path in concatenation (.) or string at /usr/share/perl5/HTML/Mason/Tools.pm line 114.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - readdir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 17.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - closedir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 21.
What should cause this issue?
Sometimes, the module showing in dashboard as stopped.
So I click in restart module, get the information above and the module still show as stopped.
However, the services dhcpd remain in running state...
Any clue??
Thanks
13
Installation and Upgrades / Issue with Zentyal 3.2...
« on: October 17, 2016, 06:44:00 pm »
Hi folks...
I have an issue with Captive Portal in Zentyal 3.2, which doesn't now show any user or groups.
My Zentyal box are sync with MS Windows AD 2012, and I am able to use groups to make the Proxy HTTP profiles and rules....
But in Captive I see no users or groups.
Can anybody help me, please?
Thanks a lot!
I have an issue with Captive Portal in Zentyal 3.2, which doesn't now show any user or groups.
My Zentyal box are sync with MS Windows AD 2012, and I am able to use groups to make the Proxy HTTP profiles and rules....
But in Captive I see no users or groups.
Can anybody help me, please?
Thanks a lot!
14
Portuguese / Captive Portal no Zentyal 3.2
« on: October 17, 2016, 05:22:46 pm »
Olá amigos.
Integrei um Zentyal 3.2 no AD do Windows 2012 R2, porém não como AD Adicional.
O Zentyal enxerga os usuários e grupos normalmente, tanto é que estou usando eles nas restrições de proxy.
Mas quero usar o Captive Portal e, depois de instalado, não aparece os usuários nem os grupos. Tenho que fazer alguma coisa diferente???
Obrigado se puderem ajudar!
Integrei um Zentyal 3.2 no AD do Windows 2012 R2, porém não como AD Adicional.
O Zentyal enxerga os usuários e grupos normalmente, tanto é que estou usando eles nas restrições de proxy.
Mas quero usar o Captive Portal e, depois de instalado, não aparece os usuários nem os grupos. Tenho que fazer alguma coisa diferente???
Obrigado se puderem ajudar!
15
Portuguese / Zentyal 4 e módulo de monitoramento.
« on: August 18, 2016, 06:25:40 pm »
Olá amigos...
Alguém sabe se há possibilidade de instalar o módulo de monitoramento no Zentyal 4??
Obrigado
Alguém sabe se há possibilidade de instalar o módulo de monitoramento no Zentyal 4??
Obrigado