This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Directory and Authentication / Re: Sync samba machine account between diffent samba versions - 4.1 to 4.15
« on: May 21, 2024, 06:25:54 pm »
Hi
It turns out that the DHCP was misconfigured since it sent the wrong DNS server, the gateway one not the main samba server.
After changing it, now everything is working fine.
Thanks.
It turns out that the DHCP was misconfigured since it sent the wrong DNS server, the gateway one not the main samba server.
After changing it, now everything is working fine.
Thanks.
2
Directory and Authentication / Re: Sync samba machine account between diffent samba versions - 4.1 to 4.15
« on: May 17, 2024, 07:38:41 pm »
Just to clarify a bit, I am send some images.
Domain settings in the srv01 - zentyal 4
Users and computers in the srv01 - zentyal 4
Domain settings in the srv02 - zentyal 8
Users and computers in the srv02 - zentyal 8
Domain settings in the srv01 - zentyal 4
Users and computers in the srv01 - zentyal 4
Domain settings in the srv02 - zentyal 8
Users and computers in the srv02 - zentyal 8
3
Directory and Authentication / Sync samba machine account between diffent samba versions - 4.1 to 4.15
« on: May 17, 2024, 05:44:33 pm »
Hi there.
I have two samba servers, let's say srv01 and srv02. For that matter, both are Zentyal Server 4 and 8, respectively.
In the srv01 there is samba version 4.1, which is in the network 182.168.200.0/24, and which is by the way also the gateway to both network.
In the srv02 there is samba version 4.15, which is in the DMZ network 10.10.100.0/24
The first is an additional controller for the second.
Everything is working fine, except for machine sync.
Let me explain:
- Between these two samba servers, I have a Windows 2022 server. I was able to put Windows 2022 in the samba domain without any problems, which was a bit of surprise to me, since I always used to install SMB1v and SMB2v, first and then add the Windows server into the samba domain.
- I can log in into the Windows 2022 server using the domain account created in the server with samba 4.15
- In fact users created in both samba servers appear on both servers.
- With pdbedit --list I can see the following:
srv01:
pdbedit --list
...
...
SRV01$:4294967295:SRV01$
SRV02$:4294967295:
WINSRV01$:4294967295:
srv02:
pdbedit --list
...
...
SRV01$:3000020:SRV01$
SRV02$:3000022:
As you can see, the windows 2022 server was added in the srv01, which has samba 4.1.17 and does not appear in srv02, which has samba 4.15.13.
Based on that, I wonder if this is something to do with these different versions, before I seek some help with the Zentyal guys.
And I wonder if there is any way to force a sync between the two samba servers, in regard to the samba machines account.
Thanks in advance.
---
Gilbert
I have two samba servers, let's say srv01 and srv02. For that matter, both are Zentyal Server 4 and 8, respectively.
In the srv01 there is samba version 4.1, which is in the network 182.168.200.0/24, and which is by the way also the gateway to both network.
In the srv02 there is samba version 4.15, which is in the DMZ network 10.10.100.0/24
The first is an additional controller for the second.
Everything is working fine, except for machine sync.
Let me explain:
- Between these two samba servers, I have a Windows 2022 server. I was able to put Windows 2022 in the samba domain without any problems, which was a bit of surprise to me, since I always used to install SMB1v and SMB2v, first and then add the Windows server into the samba domain.
- I can log in into the Windows 2022 server using the domain account created in the server with samba 4.15
- In fact users created in both samba servers appear on both servers.
- With pdbedit --list I can see the following:
srv01:
pdbedit --list
...
...
SRV01$:4294967295:SRV01$
SRV02$:4294967295:
WINSRV01$:4294967295:
srv02:
pdbedit --list
...
...
SRV01$:3000020:SRV01$
SRV02$:3000022:
As you can see, the windows 2022 server was added in the srv01, which has samba 4.1.17 and does not appear in srv02, which has samba 4.15.13.
Based on that, I wonder if this is something to do with these different versions, before I seek some help with the Zentyal guys.
And I wonder if there is any way to force a sync between the two samba servers, in regard to the samba machines account.
Thanks in advance.
---
Gilbert
4
Installation and Upgrades / Re: saving webadmin module stuck on 100%
« on: March 13, 2023, 03:49:38 pm »Well, I could make it work following https://github.com/zentyal/zentyal/issues/2100#issuecomment-1241931846
Installed with network cable out.
Logged in on the web admin, skipped installation of modules.
Plugged in cable.
In Zentyal, installed module Network
From terminal:
sudo apt update && apt upgrade
reboot
Now everything works
This works to me!
Thanks a lot!
5
Portuguese / Re: Problema com Openvpn site2site
« on: October 27, 2021, 09:18:33 pm »
RESOLVIDO! Bastou mudar minha lan de 172.16 e 172.18 para 192.168.100 e 192.168.200 e agora tudo está funcionando
6
Installation and Upgrades / Re: Openvpn site2site in Virtualbox (LABHOME) [ SOLVED ]
« on: October 27, 2021, 09:16:07 pm »
SOLVED!
Just change my lan from 172.16 and 172.18 to 192.168.100 and 192.168.200 and now everything is work
Just change my lan from 172.16 and 172.18 to 192.168.100 and 192.168.200 and now everything is work
7
Portuguese / Problema com Openvpn site2site
« on: October 27, 2021, 09:04:14 pm »
Olá pessoal
Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:
vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24
zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.
Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.
Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet
+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:
vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24
zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1
Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.
Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.
Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet
+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
8
Installation and Upgrades / Re: Openvpn site2site in Virtualbox (LABHOME)
« on: October 27, 2021, 02:30:19 pm »
Anybody??
9
Installation and Upgrades / Openvpn site2site in Virtualbox (LABHOME)
« on: October 21, 2021, 07:19:57 pm »
Hi there
I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.
I also have create two host network, like:
vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0
Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1
After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.
Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN
I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2
Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2
But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.
What I missing??
I appreciated for any help!
Thank you.
I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.
I also have create two host network, like:
vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0
Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1
After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.
Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN
I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2
Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2
But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.
What I missing??
I appreciated for any help!
Thank you.
10
Installation and Upgrades / Problem when install Sogo [ Zentyal 7 Comercial Edition ]
« on: August 09, 2021, 07:11:33 pm »
Hi there
I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======
SOGo database schemas are _not_ automatically upgraded by
the packaging system.
Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.
More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading
apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
Loaded: loaded (/etc/init.d/sogo; generated)
Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
Docs: man:systemd-sysv-generator(
Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)
ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]: * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
zentyal-sogo depende de sogo (>= 5.0.1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-sogo (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
zentyal-groupware depende de zentyal-sogo; porém:
Pacote zentyal-sogo não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-groupware (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote sogo-activesync (--configure):
problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
sogo:amd64
zentyal-sogo
zentyal-groupware
sogo-activesync
And Yes! My Linux box is in PT-BR.
But after some strogle I figure out that need to trigger two steps:
Step 1 - touch /var/run/sogo/sogo.pid
After this I was to apply apt -f install but Apache2 configuration was in error.
Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:
a2enmod proxy
Then, after this apache2conf configtest ran smootlhy.
Just wanna report this problem.
Thanks.
I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======
SOGo database schemas are _not_ automatically upgraded by
the packaging system.
Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.
More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading
apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
Loaded: loaded (/etc/init.d/sogo; generated)
Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
Docs: man:systemd-sysv-generator(
Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)
ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]: * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
zentyal-sogo depende de sogo (>= 5.0.1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-sogo (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
zentyal-groupware depende de zentyal-sogo; porém:
Pacote zentyal-sogo não está configurado ainda.
dpkg: erro ao processar o pacote zentyal-groupware (--configure):
problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
Pacote sogo:amd64 não está configurado ainda.
dpkg: erro ao processar o pacote sogo-activesync (--configure):
problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
sogo:amd64
zentyal-sogo
zentyal-groupware
sogo-activesync
And Yes! My Linux box is in PT-BR.
But after some strogle I figure out that need to trigger two steps:
Step 1 - touch /var/run/sogo/sogo.pid
After this I was to apply apt -f install but Apache2 configuration was in error.
Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:
a2enmod proxy
Then, after this apache2conf configtest ran smootlhy.
Just wanna report this problem.
Thanks.
11
Portuguese / Re: Fazer máquina interna sair por outro IP externo.
« on: April 05, 2021, 04:31:04 pm »Amigo geralmente esse direcionamento faço nas regras dos gateways, onde determino a saída de um determinado objeto ou IP da rede interna pelo gateway escolhido, se os dois roteadores ou modens da operadora estão na mesma faixa, muda eles pra uma faixa diferente.
É mas no caso eu tenho IPS publicos que estão todos na mesma faixa de rede, máscara e gateway.
Inclusive o Zentyal nem deixou eu criar uma 4 placa de rede com outro IP na mesma mascara. Achei estranho já que o IPFire aceitou.
Obrigado pela sua resposta.
12
Other modules / I need an internal host go out through another external IP.
« on: April 02, 2021, 04:04:27 pm »
Hello guys.
I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
The end ddd is standard.
The end eee would be the secondary.
It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.
I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee
But without success!
Thanks to anyone who can help me.
I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
The end ddd is standard.
The end eee would be the secondary.
It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.
I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee
But without success!
Thanks to anyone who can help me.
13
Portuguese / Fazer máquina interna sair por outro IP externo.
« on: April 02, 2021, 04:01:32 pm »
Olá amigos
Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
O final ddd é padrão.
O final eee seria o secundário.
Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.
Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee
Mas sem sucesso!
Obrigado a quem puder me ajudar.
Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee
O final ddd é padrão.
O final eee seria o secundário.
Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.
Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee
Mas sem sucesso!
Obrigado a quem puder me ajudar.
14
Installation and Upgrades / zentyal.squid3-external killed by KILL signal
« on: November 13, 2019, 06:12:23 pm »
Hi there friends...
I have zentyal 4 works fine, but sometimes I see this message is syslog
Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal
And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...
Any body get this error too???
Thanks
I have zentyal 4 works fine, but sometimes I see this message is syslog
Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal
And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...
Any body get this error too???
Thanks
15
Installation and Upgrades / Re: Zentyal 4 HA
« on: November 07, 2019, 12:59:37 pm »
I managed to solved this issue, creating the script bellow:
#!/bin/bash
statusip=$(crm_mon -1 | grep IPHALOCAL | grep servidor2)
status="$?"
echo $status
if [[ $status -eq 1 ]]
then
echo "That's great :-)"
elif [[ $status -eq 0 ]]
then
echo "(exit status=$status)"
/etc/init.d/samba force-reload
fi
And add to crontab, to run every minute...
#!/bin/bash
statusip=$(crm_mon -1 | grep IPHALOCAL | grep servidor2)
status="$?"
echo $status
if [[ $status -eq 1 ]]
then
echo "That's great :-)"
elif [[ $status -eq 0 ]]
then
echo "(exit status=$status)"
/etc/init.d/samba force-reload
fi
And add to crontab, to run every minute...