This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...
« on: August 09, 2010, 01:45:38 pm »Yes, it is a current limitation that we plan to fix some day.
OK, but why in the ebox features say this: "Multi-WAN support for DHCP and PPPoE", its not true? or its true but without any rule? can you explain the issue?
thks
2
Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...
« on: August 06, 2010, 03:04:37 pm »
OK, first trouble:
I have 2 wans gateways(one is ppoe, and the other dhcp), that i have no to add like gateways manually because ebox add them in automatic way because they are not statics. When i want to setup the Wan Failover, i cant add any rule because an error message appear "WAN Failover is only available for static interfaces"
So, its a limitation of ebox? the wans ip have to be static? but in the ebox features say this: "Multi-WAN support for DHCP and PPPoE"
tkns, and sorry about my english again.
bye
I have 2 wans gateways(one is ppoe, and the other dhcp), that i have no to add like gateways manually because ebox add them in automatic way because they are not statics. When i want to setup the Wan Failover, i cant add any rule because an error message appear "WAN Failover is only available for static interfaces"
So, its a limitation of ebox? the wans ip have to be static? but in the ebox features say this: "Multi-WAN support for DHCP and PPPoE"
tkns, and sorry about my english again.
bye
3
Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...
« on: August 05, 2010, 07:56:56 pm »No, it isn't the same, not exactly. And none of the eBox GUI components are installed—Firefox, etc.—unless you ask for them separately.
OK, i have installed ubuntu server 8.04.4, and then add the ebox repositories. Then i type this:
Code: [Select]
sudo apt-get install ebox-network ebox-trafficshaping ebox-firewall ebox-l7-protocols
And i get postgresql installed, and other unneeded packages like jabber client, but not firefox , the thing is better than with the ebox image, so i will try these way to build a gateway and then comment here my experience.
thks
bye
4
Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...
« on: August 04, 2010, 01:25:30 pm »You may find things more to your liking if you install the Ubuntu server base and then install from the packages, just those things you want, rather than using the eBox ISO.
OK, i will try but is not the same that select advance mode (in ebox iso) and choose for example only network?
thks
5
Installation and Upgrades / EBox like a gateway - firewall - traffic shaping, etc...
« on: August 03, 2010, 10:06:40 pm »
I read this link "http://www.howtoforge.com/using-ebox-as-a-gateway-firewall-traffic-shaping-http-proxy-and-more"
AND
I like ebox but for do a gateway i think that it have a huge memory footprint, and in other hand you cannt install it without "x" and "firefox", and a lot of more software, if you choose gateway ( or just "network" in advance mode) you get x, firefox, users, etc... and for a gateway-firewall nobody needs all this things, and like i say before it consume a lot of memory in packages that you donnt will to use. If i am wrong and anybody knows how to install ebox just like a gateway, please let me know.
thks, and sorry about my english.
bye
AND
I like ebox but for do a gateway i think that it have a huge memory footprint, and in other hand you cannt install it without "x" and "firefox", and a lot of more software, if you choose gateway ( or just "network" in advance mode) you get x, firefox, users, etc... and for a gateway-firewall nobody needs all this things, and like i say before it consume a lot of memory in packages that you donnt will to use. If i am wrong and anybody knows how to install ebox just like a gateway, please let me know.
thks, and sorry about my english.
bye
6
Installation and Upgrades / Re: ebox as virtual machine vs. virtualization server; 32-bit vs 64-bit
« on: December 13, 2009, 04:16:36 pm »It doesn't matter if you choose eBox installer or Ubuntu installer + eBox packages. But you should choose always Ubuntu 8.04 that is the officially supported distribution. It doesn't mather either 32 or 64 bits.
For creating ubuntu virtual machines for KVM you can use ubuntu-vm-builder, that way you won't need to use a CD image.
I dont understand you ebox image is 32bits or 64bits? or both?
In 64bits all the features are available?
thanks
7
Installation and Upgrades / Re: ebox memory footprint
« on: October 15, 2009, 05:53:38 pm »QuoteOK, but why squid use clamav? i think that if i dont select antivirus is because i dont want that squid
scan virus in webs. Ebox have a serius problem with dependencies
ebox-squid was depending on clamav-daemon. That was a mistake, as ebox-squid can detect if the ebox-antivirus module is installed or not to enble/disable the antivirus feature.
I've just uploaded a new package (ebox-squid 1.2.5) that fixes this.
Now you can do this:Code: [Select]sudo apt-get update
sudo apt-get install ebox-squid
sudo apt-get remove clamav-daemon
You will get rid of clamd with that.
OK i did that, but iam still installed "clamav" "clamav-base" "clamav-freshclam" "libclamav5" and i cant remove them because they want to remove dansguardian and ebox-squid. So ?
thanks
8
Installation and Upgrades / Re: howto change ssh port or disable ssh?
« on: October 09, 2009, 02:08:59 pm »Hello Lucho,
SSH service is not managed at all by eBox in order to have, at least, a fallback solution if eBox administration UI is not working at all. SSH service is allowed by default from internal networks to eBox and its configuration must be done manually.
I hope this clarifies the question a little.
Cheers,
Ok but why in "Services" i cant modify or eliminate the "ssh service"?
thanks
9
Installation and Upgrades / Re: ebox memory footprint
« on: October 09, 2009, 02:03:04 pm »Code: [Select]ii samba-vscan 0.3.6cbeta5ebox1-2 Samba virus scanning VFS module
well you do seem to have the samba virus scanner installed. Don't know why that should be, but clam is used by squid to virus scan your web traffic (IIRC).
What filters are you using with IPCOP? URLFilter is pretty light (depending on the size of your lists!) but COPFilter (which does the additional stuff like virus scanning is a bit heavier)
The thing is that ebox isn't just a firewall/gateway system so it has lots of fat compared to the more targeted distros out there.
If you're looking for just a gateway/proxy setup without wanting to integrate all the other services that ebox has you might want to look at pfsense http://www.pfsense.com/
It's got all the load balancing fail-over stuff you want (as well as a ton of other stuff that ipcop can't do) and should use a lot less ram.
OK, but why squid use clamav? i think that if i dont select antivirus is because i dont want that squid scan virus in webs. Ebox have a serius problem with dependencies. In other hand, ebox use clamav 0.94 and this version is been deprecated (http://lwn.net/Articles/355643/).
With ipcop i use dansguardian with a lot of lists, BOT, openvpn, l7filter, Advanced QoS. And i dont use copfilter because is not very stable.
I know pfsense but have several issues with multiwan/failover/loadbalance setups, i know that in version 2 (aka 1.3) will be solved but they are waiting that freebsd 8 was stable to release pfsense 2.
thanks and sorry about my english
10
Installation and Upgrades / Re: ebox memory footprint
« on: October 08, 2009, 09:32:58 pm »A quick, not well thoughtout answer would be to kill clamav at start up.
You could add this to your /etc/rc.local file
/etc/init.d/clamav-daemon stop
/etc/init.d/clamav-freshclam stop
The check it like this.
pgrep clam
Remember, the focus of ebox staff has been features. I'm thinking they are well aware they need to go back and tweak things later down the road.. All in good time..
OK but if i dont select antivirus and in fact i have not installed the antivirus module of ebox why the clamav packages are installed? and why i cant remove them?
11
Installation and Upgrades / Re: howto change ssh port or disable ssh?
« on: October 08, 2009, 09:30:32 pm »To change the port, you'll find the setting in /etc/ssh/sshd_config
ok, but in the ebox webmenu?
12
Installation and Upgrades / Re: ebox memory footprint
« on: October 08, 2009, 06:36:50 pm »
this is my top sort by mem usage
why clamav is installed if i dont select antivirus? and if i want remove clamav with apt its say that will removo too squid danguardian and others things that i want.
if anybody can help me? thanks
bye
Quote
top - 13:30:50 up 18 min, 1 user, load average: 0.06, 0.05, 0.08
Tasks: 73 total, 1 running, 71 sleeping, 0 stopped, 1 zombie
Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1018976k total, 433324k used, 585652k free, 45604k buffers
Swap: 1686784k total, 0k used, 1686784k free, 179180k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4536 clamav 20 0 79068 74m 396 S 0.0 7.5 0:00.00 clamd
6033 ebox 20 0 47464 37m 4980 S 0.0 3.8 0:07.28 apache2
5622 ebox 20 0 37852 31m 4268 S 0.0 3.1 0:02.04 ebox-loggerd
5856 root 20 0 31172 22m 5520 S 0.0 2.3 0:02.14 apache2
5951 root 20 0 28468 19m 4592 S 0.0 1.9 0:00.81 apache2
6016 ebox-use 20 0 31304 18m 724 S 0.0 1.8 0:00.00 apache2
5578 bind 20 0 34696 7416 2324 S 0.0 0.7 0:00.02 named
4293 postgres 20 0 40148 4912 4296 S 0.0 0.5 0:00.44 postgres
5773 proxy 20 0 7028 4604 1572 S 0.0 0.5 0:00.08 squid
6088 root 20 0 12440 3928 2152 S 0.0 0.4 0:00.03 apache2
4317 openldap 20 0 22220 3568 1596 S 0.0 0.4 0:00.01 slapd
6266 pepe 20 0 5556 3000 1444 S 0.0 0.3 0:00.14 bash
5771 postgres 20 0 40952 2980 1804 S 0.0 0.3 0:00.00 postgres
6263 root 20 0 8056 2532 2072 S 0.0 0.2 0:00.03 sshd
6090 www-data 20 0 12440 2456 672 S 0.0 0.2 0:00.00 apache2
6093 www-data 20 0 12440 2456 672 S 0.0 0.2 0:00.00 apache2
6095 www-data 20 0 12440 2456 672 S 0.0 0.2 0:00.00 apache2
6097 www-data 20 0 12440 2456 672 S 0.0 0.2 0:00.00 apache2
6098 www-data 20 0 12440 2456 672 S 0.0 0.2 0:00.00 apache2
4647 ebox 20 0 4228 2440 1792 S 0.0 0.2 0:02.50 gconfd-2
4193 klog 20 0 3028 1920 424 S 0.0 0.2 0:00.11 klogd
6265 pepe 20 0 8056 1556 1076 S 0.0 0.2 0:00.05 sshd
4297 postgres 20 0 40272 1400 676 S 0.0 0.1 0:00.02 postgres
5686 root 20 0 4024 1396 1132 S 0.0 0.1 0:00.01 ntpd
4295 postgres 20 0 40148 1352 724 S 0.0 0.1 0:00.03 postgres
4296 postgres 20 0 40148 1172 544 S 0.0 0.1 0:00.02 postgres
4298 postgres 20 0 11468 1148 464 S 0.0 0.1 0:00.01 postgres
why clamav is installed if i dont select antivirus? and if i want remove clamav with apt its say that will removo too squid danguardian and others things that i want.
if anybody can help me? thanks
bye
13
Installation and Upgrades / howto change ssh port or disable ssh?
« on: October 08, 2009, 05:55:21 pm »
I want to know howto change ssh port or disable ssh?
thanks
bye
thanks
bye
14
Installation and Upgrades / Re: multigateway + loadbalancer + wan failover
« on: October 08, 2009, 03:05:11 pm »Yes, if the interfaces in the eBox machine are static that should work.ok thanks, and also i can use only a ethernet interface like in this pic?
http://ebox-platform.com/shots/Gateways.png
and the gateways can be in the same lan like in this picture too?
thanks.
bye
15
Installation and Upgrades / Re: ebox memory footprint
« on: October 08, 2009, 02:57:59 pm »Memory usage on ebox is not problematic. A typical install of a bind9 server runs 200m, while most of my boxes running just a few services use 400m and my main incoming mail server regularly eats up 2 gig, while a kvm machine with 8 gigs is using 7gig running 7 servers..
And I don't think an ipcop box running any "added" services like filters etc runs on 50m even with just 1 client behind it. Sorry, I don't believe it. I'll look at a couple of ipcop boxes running tomarrow and see what I see...
Please doit, install ipcop (stable or unstable) and you will see the diference of mem usage. And yes ipcop can do (include filters) all that ebox do, the only issue is that not support multiwan.
thanks and sorry about my english.
bye
Pages: [1] 2