Messages

1

Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...

« on: August 09, 2010, 01:45:38 pm »

Yes, it is a current limitation that we plan to fix some day.

OK, but why in the ebox features say this: "Multi-WAN support for DHCP and PPPoE",  its not true? or its true but without any rule? can you explain the issue?
thks

2

Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...

« on: August 06, 2010, 03:04:37 pm »

OK, first trouble:
I have 2 wans gateways(one is ppoe, and the other dhcp), that i have no to add like gateways manually because ebox add them in automatic way because they are not statics. When i want to setup the Wan Failover, i cant add any rule because an error message appear "WAN Failover is only available for static interfaces"
So, its a limitation of ebox? the wans ip have to be static? but in the ebox features say this: "Multi-WAN support for DHCP and PPPoE"

tkns, and sorry about my english again.
bye

3

Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...

« on: August 05, 2010, 07:56:56 pm »

No, it isn't the same, not exactly. And none of the eBox GUI components are installed—Firefox, etc.—unless you ask for them separately.

OK, i have installed ubuntu server 8.04.4, and then add the ebox repositories. Then i type this:

Code: [Select]

sudo apt-get install ebox-network ebox-trafficshaping ebox-firewall ebox-l7-protocols
And i get postgresql installed, and other unneeded packages like jabber client, but not firefox , the thing is better than with the ebox image, so i will try these way to build a gateway and then comment here my experience.
thks
bye

4

Installation and Upgrades / Re: EBox like a gateway - firewall - traffic shaping, etc...

« on: August 04, 2010, 01:25:30 pm »

You may find things more to your liking if you install the Ubuntu server base and then install from the packages, just those things you want, rather than using the eBox ISO.

OK, i will try but is not the same that select advance mode (in ebox iso) and choose for example only network?
thks

5

Installation and Upgrades / EBox like a gateway - firewall - traffic shaping, etc...

« on: August 03, 2010, 10:06:40 pm »

I read this link "http://www.howtoforge.com/using-ebox-as-a-gateway-firewall-traffic-shaping-http-proxy-and-more"
AND
I like ebox but for do a gateway i think that it have a huge memory footprint, and in other hand you cannt install it without "x" and "firefox", and a lot of more software, if you choose gateway ( or just "network" in advance mode) you get x, firefox, users, etc... and for a gateway-firewall nobody needs all this things, and like i say before it consume a lot of memory in packages that you donnt will to use. If i am wrong and anybody knows how to install ebox just like a gateway, please let me know.

thks, and sorry about my english.
bye

6

Installation and Upgrades / Re: ebox as virtual machine vs. virtualization server; 32-bit vs 64-bit

« on: December 13, 2009, 04:16:36 pm »

It doesn't matter if you choose eBox installer or Ubuntu installer + eBox packages. But you should choose always Ubuntu 8.04 that is the officially supported distribution. It doesn't mather either 32 or 64 bits.

For creating ubuntu virtual machines for KVM you can use ubuntu-vm-builder, that way you won't need to use a CD image.

I dont understand you ebox image is 32bits or 64bits? or both?
In 64bits all the features are available?
thanks

7

Installation and Upgrades / Re: ebox memory footprint

« on: October 15, 2009, 05:53:38 pm »

OK, but why squid use clamav? i think that if i dont select antivirus is because i dont want that squid
scan virus in webs. Ebox have a serius problem with dependencies

ebox-squid was depending on clamav-daemon. That was a mistake, as ebox-squid can detect if the ebox-antivirus module is installed or not to enble/disable the antivirus feature.

I've just uploaded a new package (ebox-squid 1.2.5) that fixes this.

Now you can do this:

Code: [Select]

sudo apt-get update
sudo apt-get install ebox-squid
sudo apt-get remove clamav-daemon

You will get rid of clamd with that.

OK i did that, but iam still installed "clamav" "clamav-base" "clamav-freshclam" "libclamav5" and i cant remove them because they want to remove dansguardian and ebox-squid. So ?
thanks

8

Installation and Upgrades / Re: howto change ssh port or disable ssh?

« on: October 09, 2009, 02:08:59 pm »

Hello Lucho,

SSH service is not managed at all by eBox in order to have, at least, a fallback solution if eBox administration UI is not working at all. SSH service is allowed by default from internal networks to eBox and its configuration must be done manually.

I hope this clarifies the question a little.

Cheers,

Ok but why in "Services" i cant modify or eliminate the "ssh service"?
thanks

9

Installation and Upgrades / Re: ebox memory footprint

« on: October 09, 2009, 02:03:04 pm »

Code: [Select]

ii  samba-vscan                           0.3.6cbeta5ebox1-2                                              Samba virus scanning VFS module
well you do seem to have the samba virus scanner installed. Don't know why that should be, but clam is used by squid to virus scan your web traffic (IIRC).

What filters are you using with IPCOP? URLFilter is pretty light (depending on the size of your lists!) but COPFilter (which does the additional stuff like virus scanning is a bit heavier)

The thing is that ebox isn't just a firewall/gateway system so it has lots of fat compared to the more targeted distros out there.

If you're looking for just a gateway/proxy setup without wanting to integrate all the other services that ebox has you might want to look at pfsense http://www.pfsense.com/

It's got all the load balancing fail-over stuff you want (as well as a ton of other stuff that ipcop can't do) and should use a lot less ram.

OK, but why squid use clamav? i think that if i dont select antivirus is because i dont want that squid scan virus in webs. Ebox have a serius problem with dependencies. In other hand, ebox use clamav 0.94 and this version is been deprecated (http://lwn.net/Articles/355643/).

With ipcop i use dansguardian with a lot of lists, BOT, openvpn, l7filter, Advanced QoS. And i dont use copfilter because is not very stable.

I know pfsense but have several issues with multiwan/failover/loadbalance setups, i know that in version 2 (aka 1.3) will be solved but they are waiting that freebsd 8 was stable to release pfsense 2.

thanks and sorry about my english

10

Installation and Upgrades / Re: ebox memory footprint

« on: October 08, 2009, 09:32:58 pm »

A quick, not well thoughtout answer would be to kill clamav at start up. 

You could add this to your /etc/rc.local file
/etc/init.d/clamav-daemon stop
/etc/init.d/clamav-freshclam stop

The check it like this.
pgrep clam

Remember, the focus of ebox staff has been features. I'm thinking they are well aware they need to go back and tweak things later down the road.. All in good time..

OK but if i dont select antivirus and in fact i have not installed the antivirus module of ebox why the clamav packages are installed? and why i cant remove them?

11

Installation and Upgrades / Re: howto change ssh port or disable ssh?

« on: October 08, 2009, 09:30:32 pm »

To change the port, you'll find the setting in /etc/ssh/sshd_config

ok, but in the ebox webmenu?

12

Installation and Upgrades / Re: ebox memory footprint

« on: October 08, 2009, 06:36:50 pm »

this is my top sort by mem usage

top - 13:30:50 up 18 min,  1 user,  load average: 0.06, 0.05, 0.08
Tasks:  73 total,   1 running,  71 sleeping,   0 stopped,   1 zombie
Cpu(s):  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   1018976k total,   433324k used,   585652k free,    45604k buffers
Swap:  1686784k total,        0k used,  1686784k free,   179180k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 4536 clamav    20   0 79068  74m  396 S  0.0  7.5   0:00.00 clamd
 6033 ebox      20   0 47464  37m 4980 S  0.0  3.8   0:07.28 apache2
 5622 ebox      20   0 37852  31m 4268 S  0.0  3.1   0:02.04 ebox-loggerd
 5856 root      20   0 31172  22m 5520 S  0.0  2.3   0:02.14 apache2
 5951 root      20   0 28468  19m 4592 S  0.0  1.9   0:00.81 apache2
 6016 ebox-use  20   0 31304  18m  724 S  0.0  1.8   0:00.00 apache2
 5578 bind      20   0 34696 7416 2324 S  0.0  0.7   0:00.02 named
 4293 postgres  20   0 40148 4912 4296 S  0.0  0.5   0:00.44 postgres
 5773 proxy     20   0  7028 4604 1572 S  0.0  0.5   0:00.08 squid
 6088 root      20   0 12440 3928 2152 S  0.0  0.4   0:00.03 apache2
 4317 openldap  20   0 22220 3568 1596 S  0.0  0.4   0:00.01 slapd
 6266 pepe      20   0  5556 3000 1444 S  0.0  0.3   0:00.14 bash
 5771 postgres  20   0 40952 2980 1804 S  0.0  0.3   0:00.00 postgres
 6263 root      20   0  8056 2532 2072 S  0.0  0.2   0:00.03 sshd
 6090 www-data  20   0 12440 2456  672 S  0.0  0.2   0:00.00 apache2
 6093 www-data  20   0 12440 2456  672 S  0.0  0.2   0:00.00 apache2
 6095 www-data  20   0 12440 2456  672 S  0.0  0.2   0:00.00 apache2
 6097 www-data  20   0 12440 2456  672 S  0.0  0.2   0:00.00 apache2
 6098 www-data  20   0 12440 2456  672 S  0.0  0.2   0:00.00 apache2
 4647 ebox      20   0  4228 2440 1792 S  0.0  0.2   0:02.50 gconfd-2
 4193 klog      20   0  3028 1920  424 S  0.0  0.2   0:00.11 klogd
 6265 pepe      20   0  8056 1556 1076 S  0.0  0.2   0:00.05 sshd
 4297 postgres  20   0 40272 1400  676 S  0.0  0.1   0:00.02 postgres
 5686 root      20   0  4024 1396 1132 S  0.0  0.1   0:00.01 ntpd
 4295 postgres  20   0 40148 1352  724 S  0.0  0.1   0:00.03 postgres
 4296 postgres  20   0 40148 1172  544 S  0.0  0.1   0:00.02 postgres
 4298 postgres  20   0 11468 1148  464 S  0.0  0.1   0:00.01 postgres

why clamav is installed if i dont select antivirus? and if i want remove clamav with apt its say that will removo too squid danguardian and others things that i want.
if anybody can help me? thanks
bye

13

Installation and Upgrades / howto change ssh port or disable ssh?

« on: October 08, 2009, 05:55:21 pm »

I want to know howto change ssh port or disable ssh?
thanks
bye

14

Installation and Upgrades / Re: multigateway + loadbalancer + wan failover

« on: October 08, 2009, 03:05:11 pm »

Yes, if the interfaces in the eBox machine are static that should work.

ok thanks, and also i can use only a ethernet interface like in this pic?
http://ebox-platform.com/shots/Gateways.png
and the gateways can be in the same lan like in this picture too?

thanks.
bye

15

Installation and Upgrades / Re: ebox memory footprint

« on: October 08, 2009, 02:57:59 pm »

Memory usage on ebox is not problematic. A typical install of a bind9 server runs 200m, while most of my boxes running just a few services use 400m and my main incoming mail server regularly eats up 2 gig, while a kvm machine with 8 gigs is using 7gig running 7 servers..

And I don't think an ipcop box running any "added" services like filters etc runs on 50m even with just 1 client behind it. Sorry, I don't believe it. I'll look at a couple of ipcop boxes running tomarrow and see what I see...

Please doit, install ipcop (stable or unstable) and you will see the diference of mem usage. And yes ipcop can do (include filters) all that ebox do, the only issue is that not support multiwan.
thanks and sorry about my english.
bye