Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Re: Freeing up disk space
« on: July 02, 2010, 01:33:45 pm »
I pulled my squid cache size down to 100 and ebox has been running well for a day. Then I ran out of space again. I have a lot of free space on /dev/sda1, but none on /. Here is a listing of the files, what is safe to remove?
Code: [Select]
10488 usr/share/hplip
10512 var/lib/postgrey
10516 var/lib/collectd/rrd/ebox.16E/interface
10956 usr/lib/perl/5.8.8
10960 usr/lib/perl
11240 var/lib/collectd/rrd/ebox
11356 var/lib/ldap
11848 usr/share/perl/5.8.8
11852 usr/share/perl
11904 lib/modules/2.6.24-24-server/ubuntu
11912 lib/modules/2.6.24-28-server/ubuntu
12132 usr/share/openssl-blacklist
12148 usr/share/foomatic/db/source/printer
12284 lib/firmware
13104 usr/share/cups
13828 var/lib/postgresql/8.3/main/base/16958
14380 usr/lib/xorg/modules
14384 usr/lib/xorg
14412 usr/lib/perl5
14984 usr/share/locale
16076 usr/lib/locale
16664 usr/share/egroupware/phpgwapi
17180 etc
17352 usr/share/asterisk/moh
18612 var/lib/ebox/gconf
18920 usr/share/fonts/X11
19456 usr/share/man
20372 var/lib/ebox
20528 usr/share/foomatic/db/source
20556 usr/share/foomatic/db
20580 usr/share/foomatic
20596 var/spool/squid/00/03
20768 usr/lib/xulrunner-1.9.0.19
21412 usr/share/asterisk
22132 var/lib/dpkg/info
23264 usr/share/doc/clamav-base/examples
23548 usr/share/doc/clamav-base
25384 usr/sbin
25480 var/lib/dpkg
26312 usr/lib/python2.5
26608 var/lib/postgresql/8.3/main/base/16384
27568 usr/share/perl5
29212 usr/lib/vmware-tools/lib32
29216 usr/lib/firefox-3.6.6
31200 usr/share/fonts
32816 var/lib/postgresql/8.3/main/pg_xlog
33020 usr/lib/vmware-tools/lib64
41020 lib/modules/2.6.24-28-server/kernel/drivers
41032 lib/modules/2.6.24-24-server/kernel/drivers
41068 lib/modules/2.6.24-27-ebox/kernel/drivers
46708 usr/share/egroupware
47728 var/lib/apt/lists
47792 var/lib/apt
55536 lib/modules/2.6.24-28-server/kernel
55544 lib/modules/2.6.24-24-server/kernel
55636 lib/modules/2.6.24-27-ebox/kernel
56214 boot
60272 usr/lib/vmware-tools/modules/binary
61332 var/lib/clamav
62192 var/lib/postgresql/8.3/main/base
62492 usr/bin
63760 usr/lib/vmware-tools/modules
66924 lib/modules/2.6.24-27-ebox
69332 lib/modules/2.6.24-24-server
69332 lib/modules/2.6.24-28-server
79180 usr/share/doc
81620 var/log/ebox
86468 var/cache/apt/archives
93924 var/spool/squid/00
94200 var/lib/collectd/rrd/ebox.16E
95508 var/lib/postgresql/8.3/main
95512 var/lib/postgresql/8.3
95516 var/lib/postgresql
105444 var/lib/collectd/rrd
105448 var/lib/collectd
112796 var/cache/apt
113104 var/spool/squid
113600 var/spool
118128 var/cache
152404 usr/lib/vmware-tools
205592 lib/modules
228488 lib
374200 var/log
382940 var/lib
391664 usr/share
435316 usr/lib
916012 usr
991416 var
2
Installation and Upgrades / Re: Freeing up disk space
« on: June 30, 2010, 11:41:53 pm »@ ascorbic & Sten Root, correct me if i'm wrong, but don't you think that 1.5TB or even 1GB are too much of cache for *typical* environments? what is your clients count?
I honestly have no anchor point for what a typical environment's cache size should be. A gig sounds like a nice nound number. 100megs seems pretty small to me.
3
Installation and Upgrades / Re: Freeing up disk space
« on: June 30, 2010, 10:21:45 pm »
I have also hit my partitions max size on /, I think it was mainly because I set my quid cache to 1000 megs.
Does anyone have a handy clean up script which will delete old, temporary and otherwise uneeded files?
Does anyone have a handy clean up script which will delete old, temporary and otherwise uneeded files?
4
Installation and Upgrades / Re: How do you clean up revoked Certificates and extra VPN settings?
« on: June 30, 2010, 10:19:57 pm »
Thanks for the response. When version 2.0 is read I will be more careful so I don't have a bunch of useless old certs.
5
Installation and Upgrades / [SOLVED] How do you clean up revoked Certificates and extra VPN settings?
« on: June 30, 2010, 05:18:46 pm »
After a lot, a lot, of back and forth trying to get my VPN working it is a success! But all the trail and error I went through I created a ton of certificates. I also created a bunch of VPN servers.
I have revoked all of my server certificates that aren't needed. How can I delete these from the UI?
I have also deleted (using the trashcan icon) all the other VPN servers, but I still see files on the disk for configuration. How do I delete all of these?
Also, in the VPN video, the narrator says to make a certificate for the server and every user. But when you create a VPN server, it automatically creates a certificate in the form of "vpn-{vpnname}"
What is the purpose of that certificate? Is the certificate created from the certificate screen needed?
I have revoked all of my server certificates that aren't needed. How can I delete these from the UI?
I have also deleted (using the trashcan icon) all the other VPN servers, but I still see files on the disk for configuration. How do I delete all of these?
Also, in the VPN video, the narrator says to make a certificate for the server and every user. But when you create a VPN server, it automatically creates a certificate in the form of "vpn-{vpnname}"
What is the purpose of that certificate? Is the certificate created from the certificate screen needed?
6
Installation and Upgrades / Re: HTTP Proxy and Youtube
« on: June 25, 2010, 12:22:05 pm »
Awesome, thanks!
7
Installation and Upgrades / HTTP Proxy and Youtube
« on: June 25, 2010, 05:03:19 am »
I am running eBox 1.4.8, seems like it just updated itself. I am experimenting with the HTTP Proxy. I have noticed on my client machines when trying to play youtube videos streaming doesn't work. From the clients machine the video will show blank with a loading animation spinning until the video has fully downloaded. Once it is downloaded it will start playing. For longer videos it takes longer for this to happen. So far the only configuration I have done is enabled the proxy as a transparent one.
I have no idea how to troubleshoot this. What log and configuration files can I post to help figure this one out?
I have no idea how to troubleshoot this. What log and configuration files can I post to help figure this one out?
8
Installation and Upgrades / Re: Cant configure DHCP
« on: June 23, 2010, 08:22:29 pm »
Have you enabled eth1 as a static device? Once this is done you can configure DHCP for eth1.
9
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 19, 2010, 01:17:13 am »
UdoB, you are great! This solved my problem.
My ideal setup is as follows
eth0 - WAN
eth1 - Internal, shared with eth2 and eth3
eth2 - Internal, shared with eth1 and eth3
eth3 - Internal, shared with eth1 and eth2
eth4 - Isolated and Connected to Wireless Switch (or wireless NIC if this works but that isn't important)
So basically I have three machines I want to connect to eBox so they can communicate with each other. Then eth4 will be for wireless and it will be isolated from eth1, 2 & 3 so it cannot communicate with those machines (unless over VPN).
It looks like all interfaces are shared by default. It with the following configuration everything can talk to everything
eth0 - WAN
eth1 - 192.168.100.1 /24
eth2 - 192.168.200.1 /24
eth3 - 192.168.300.1 /24
eth4 - 192.168.400.1 /24
I was hoping to have eth1, 2, & 3 all on 192.168.2.x, is that possible? If not no big deal. I just need to isolate eth4 in that case. How do I do that?
My ideal setup is as follows
eth0 - WAN
eth1 - Internal, shared with eth2 and eth3
eth2 - Internal, shared with eth1 and eth3
eth3 - Internal, shared with eth1 and eth2
eth4 - Isolated and Connected to Wireless Switch (or wireless NIC if this works but that isn't important)
So basically I have three machines I want to connect to eBox so they can communicate with each other. Then eth4 will be for wireless and it will be isolated from eth1, 2 & 3 so it cannot communicate with those machines (unless over VPN).
It looks like all interfaces are shared by default. It with the following configuration everything can talk to everything
eth0 - WAN
eth1 - 192.168.100.1 /24
eth2 - 192.168.200.1 /24
eth3 - 192.168.300.1 /24
eth4 - 192.168.400.1 /24
I was hoping to have eth1, 2, & 3 all on 192.168.2.x, is that possible? If not no big deal. I just need to isolate eth4 in that case. How do I do that?
10
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 18, 2010, 02:48:11 pm »
Hi UdoB, Thanks for the response and explanation. Interesting.
So to test this should I disable eth2, 3 & 4? Then only test from eth1 to see if I get access?
If this does work then I will enable eth2, 3 & 4 on different networks. How would I allow access from machines connected to those interfaces to the machine connected on eth1?
So to test this should I disable eth2, 3 & 4? Then only test from eth1 to see if I get access?
If this does work then I will enable eth2, 3 & 4 on different networks. How would I allow access from machines connected to those interfaces to the machine connected on eth1?
11
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 18, 2010, 01:23:25 pm »
Everything is set to the default.
Is there a rule I need to enable like "Allow Internet Access From Gateway"? It looks like this is enabled because there is a Source Any Destination Any which is enabled.
Would the firewall block ping to the gateway?
Is there a rule I need to enable like "Allow Internet Access From Gateway"? It looks like this is enabled because there is a Source Any Destination Any which is enabled.
Would the firewall block ping to the gateway?
12
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 18, 2010, 04:23:23 am »
I have done a complete reinstall from the iso installer listed on this site and I still have the same problem.
Does anyone have any ideas? Any? Maybe an extra log file to look at?
Does anyone have any ideas? Any? Maybe an extra log file to look at?
13
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 17, 2010, 12:54:02 am »
Here is the last few entries from /var/log/syslog, I don't know what to make of it, please help!
Just to confirm, eBox is getting updates and the eBox machine can ping, I am actually writting this from the eBox firefox browser so that machine has internet access, it just isn't sharing this with the clients connected (and those clients can't ping eBox, even though eBox is giving them an IP)
Code: [Select]
Jun 16 18:47:37 ebox dhcpd: DHCPDISCOVER from 00:23:54:30:a5:c4 via eth1
Jun 16 18:47:37 ebox dhcpd: DHCPDISCOVER from 00:23:54:30:a5:c4 via eth1
Jun 16 18:47:38 ebox dhcpd: DHCPOFFER on 192.168.2.199 to 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:47:38 ebox dhcpd: DHCPOFFER on 192.168.2.199 to 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:47:38 ebox dhcpd: Wrote 3 leases to leases file.
Jun 16 18:47:38 ebox dhcpd: DHCPREQUEST for 192.168.2.199 (192.168.2.1) from 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:47:38 ebox dhcpd: DHCPACK on 192.168.2.199 to 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:47:38 ebox dhcpd: Wrote 3 leases to leases file.
Jun 16 18:47:38 ebox dhcpd: Can't install new lease database /var/lib/dhcp3/dhcpd.leases.1276728458 to /var/lib/dhcp3/dhcpd.leases: No such file or directory
Jun 16 18:47:38 ebox dhcpd: DHCPREQUEST for 192.168.2.199 (192.168.2.1) from 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:47:38 ebox dhcpd: DHCPACK on 192.168.2.199 to 00:23:54:30:a5:c4 (EEEpc) via eth1
Jun 16 18:49:07 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:49:07 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Jun 16 18:49:07 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:49:07 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Jun 16 18:50:01 ebox /USR/SBIN/CRON[3399]: (root) CMD (/usr/share/ebox-usersandgroups/slave-sync)
Jun 16 18:50:01 ebox /USR/SBIN/CRON[3402]: (root) CMD (/usr/share/ebox/ebox-cronjob-runner >> /dev/null 2>&1)
Jun 16 18:50:01 ebox slapd[5464]: connection_read(26): no connection!
Jun 16 18:50:01 ebox slapd[5464]: connection_read(26): no connection!
Jun 16 18:50:01 ebox slapd[5464]: connection_read(31): no connection!
Jun 16 18:50:01 ebox slapd[5464]: connection_read(31): no connection!
Jun 16 18:50:02 ebox slapd[5464]: connection_read(26): no connection!
Jun 16 18:50:02 ebox slapd[5464]: connection_read(26): no connection!
Jun 16 18:50:11 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:50:11 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Jun 16 18:50:11 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:50:11 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Jun 16 18:51:16 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:51:16 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Jun 16 18:51:16 ebox dhcpd: DHCPINFORM from 192.168.2.199 via eth1
Jun 16 18:51:16 ebox dhcpd: DHCPACK to 192.168.2.199 (00:23:54:30:a5:c4) via eth1
Just to confirm, eBox is getting updates and the eBox machine can ping, I am actually writting this from the eBox firefox browser so that machine has internet access, it just isn't sharing this with the clients connected (and those clients can't ping eBox, even though eBox is giving them an IP)
14
Installation and Upgrades / Re: First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 15, 2010, 03:40:14 am »
Does anyone have any ideas? Here is some more information about my configuration +
Ping from a windows client here is the eBox tcpdump output, ping times out on client
Any help would be appreciated.
Code: [Select]
ip route show
10.5.8.0/24 dev eth0 proto kernel scope link src 10.5.8.109
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1
192.168.2.0/24 dev eth3 proto kernel scope link src 192.168.2.3
192.168.2.0/24 dev eth4 proto kernel scope link src 192.168.2.4
192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.2
Code: [Select]
cat /proc/sys/net/ipv4/ip_forward
1
Ping from a windows client here is the eBox tcpdump output, ping times out on client
Code: [Select]
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
21:34:32.627653 IP (tos 0x0, ttl 128, id 58459, offset 0, flags [none], proto IC
MP (1), length 60) 192.168.2.199 > 192.168.2.1: ICMP echo request, id 512, seq 3
0464, length 40
21:34:32.781458 IP (tos 0x0, ttl 1, id 0, offset 0, flags [none], proto IGMP (2)
, length 36, options (RA)) 10.0.0.0 > ALL-SYSTEMS.MCAST.NET: igmp query v3 [max
resp time 1s]
21:34:37.995372 IP (tos 0x0, ttl 128, id 58460, offset 0, flags [none], proto IC
MP (1), length 60) 192.168.2.199 > 192.168.2.1: ICMP echo request, id 512, seq 3
0720, length 40
21:34:39.781535 IP (tos 0x0, ttl 1, id 0, offset 0, flags [none], proto IGMP (2)
, length 36, options (RA)) 10.0.0.0 > ALL-SYSTEMS.MCAST.NET: igmp query v3 [max
resp time 1s]
21:34:43.495232 IP (tos 0x0, ttl 128, id 58461, offset 0, flags [none], proto IC
MP (1), length 60) 192.168.2.199 > 192.168.2.1: ICMP echo request, id 512, seq 3
0976, length 40
21:34:48.995359 IP (tos 0x0, ttl 128, id 58462, offset 0, flags [none], proto IC
MP (1), length 60) 192.168.2.199 > 192.168.2.1: ICMP echo request, id 512, seq 3
1232, length 40
6 packets captured
6 packets received by filter
0 packets dropped by kernel
Any help would be appreciated.
15
Installation and Upgrades / First time setting up eBox, DHCP is working but traffic isn't being routed
« on: June 12, 2010, 01:59:11 am »
I have eBox running on a VM. eth0 is my WAN interface. eth1, 2, 3, 4 are all configured as static interfaces for my internal network.
DHCP is enabled to hand out IP address on eth1 and eth4 (eventually 2 and 3 will be in there too). When a client is plugged into eth1 it picks up an IP address in the correct range which is specified in the eBox configuration. The IP address also shows up under eBox's DHCP lease listing.
When I try to ping everything is failing
From Client to eBox, Client gets "Network is unreachable"
-tcpdump on eBox shows an ICMP echo request from client with correct IP address
From Client to google.com, Client gets "unknown host google.com"
-tcpdump on eBox shows an ICMP echo request from client with correct IP address
From eBox to Client, eBox gets "Destination host unreachable"
-tcpdump on Client shows nothing
I have a feeling it might be firewall related. I tried disabling the firewall but that didn't help. Please give me detailed instructions to help troubleshoot or resolve, I am brand new to eBox.
Here is my dhcpd.conf file. Something interesting is happening, eth4 is configured to hand out address in the 192.168.2.200-240 range. When I plug a client into eth4 it gets an IP of 192.168.2.198
DHCP is enabled to hand out IP address on eth1 and eth4 (eventually 2 and 3 will be in there too). When a client is plugged into eth1 it picks up an IP address in the correct range which is specified in the eBox configuration. The IP address also shows up under eBox's DHCP lease listing.
When I try to ping everything is failing
From Client to eBox, Client gets "Network is unreachable"
-tcpdump on eBox shows an ICMP echo request from client with correct IP address
From Client to google.com, Client gets "unknown host google.com"
-tcpdump on eBox shows an ICMP echo request from client with correct IP address
From eBox to Client, eBox gets "Destination host unreachable"
-tcpdump on Client shows nothing
I have a feeling it might be firewall related. I tried disabling the firewall but that didn't help. Please give me detailed instructions to help troubleshoot or resolve, I am brand new to eBox.
Here is my dhcpd.conf file. Something interesting is happening, eth4 is configured to hand out address in the 192.168.2.200-240 range. When I plug a client into eth4 it gets an IP of 192.168.2.198
Code: [Select]
# DHCP server is authoritative for all networks
authoritative;
# extra options
# RFC3442 routes
option rfc3442-classless-static-routes code 121 = array of integer 8;
# MS routes
option ms-classless-static-routes code 249 = array of integer 8;
ddns-update-style none;
option domain-name-servers 127.0.0.1;
default-lease-time 1800;
max-lease-time 7200;
shared-network eth4 {
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.4;
option domain-name-servers 192.168.2.4;
default-lease-time 1800;
max-lease-time 7200;
range 192.168.2.200 192.168.2.240;
}
}
shared-network eth1 {
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.1;
option domain-name-servers 192.168.2.1;
default-lease-time 1800;
max-lease-time 7200;
range 192.168.2.100 192.168.2.199;
}
}
Pages: [1]