Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
151
Installation and Upgrades / Re: Help, ISO image not passing check
« on: April 10, 2009, 04:30:27 pm »
Javi,
That is great to know, but can you give me the exact directions to do this?
-jeff
That is great to know, but can you give me the exact directions to do this?
It's a known problem. You can check the integrity of the ISO with md5sum.Checking with MD5sum is not something I know how to do....
-jeff
152
Installation and Upgrades / Re: New Installation, Udev problems.
« on: April 09, 2009, 10:00:45 am »
All,
how do I get the networking interfaces back up with the new udev file? After that I could just reload eBox 1.0 using apt-get could I not?
-jeff
how do I get the networking interfaces back up with the new udev file? After that I could just reload eBox 1.0 using apt-get could I not?
-jeff
153
Installation and Upgrades / New Installation, Udev problems.
« on: April 09, 2009, 09:47:42 am »
Hello,
Well I'm trying to install ebox from the ebox 1.0 install ISO. Got the OS and ebox modules installed from CD. Rebooted, and because I have 5 NIC's I checked the /etc/udev/rules.d/70-persistent-net.rules file. I did not like what I saw and using nano I changed the file, rebooted and ran into troubles galore. I then reinstalled the screen and keyboard and again using nano fixed the files and rebooted. I'm exactly back where I started. So how do I do that now?
(I am generating a log as I go that I plan to become a good through HOWTO, and I'll include that below between the lines.) it is very very rough right now so please excuse.
_________________________________________________________________________
OK this is where I am going to document the installation of eBox 1.0 in my home network.
Why? The current gateway device does not offer enough flexibility and configuration options to keep my IT savy kids off of the non-school sites during the day. They keep getting viruses on their systems.
what I have:
A domain registered with eNom Central called MYmailDOMAIN.US, that I'll use for email delivery.
Comcast Cable Modem:
Domain hsd1.pa.comcast.net
IP Address 68.32.x.y
Subnet Mask 255.255.255.128
Gateway 68.32.x.w
DNS 168.87.75.194
DNS 268.87.64.146
DNS 368.87.72.130
Linksys WRT54G-TM running DD-WRT v24 as my gateway server
Wan Domain hsdi.pa.comcast.net
WAN IP Address 68.32.x.y
WAN Subnet Mask 255.255.255.128
WAN Gateway 68.32.x.w
Lan Domain Home.MyMailDomain.US
LAN Subnet Mask 255.255.255.0
LAN IP Address 192.168.1.1
LAN Gateway 192.168.1.1
LAN DNS 192.168.1.1
Linksys WRT54G V2 Running DD-WRT V24
Many switches and bridges.
Headless Dell box to run eBox on,
My Main workstation is a Windows VISTA system.
14+ computers
Current Network Configuration:
CABLEMODEM=====>{Linksys WRT54G-TM Running DD-WRT V24}==========={Home Lan}
{IP DHCP 68.32.x.y from Cable Company} {IP's DHCPed from DD-WRT}
What I want:
Desired network configuration:
CABLEMODEM=====>{NIC0 ->eBox with 5 NICS}=+=nic1===>192.168.1/24 -> DMZ, Servers, and other stuff
|
+=nic2===>192.168.2/23 -> Home & School LAN, 2 Wireless AP's running DD-WRT V24 in ap MODE
|
+=nic3===>192.168.3/24 -> DEV LAN
|
+=nic3===>192.168.3/24 -> TEST LAN
I want to have the eBox provide all gateway services for my internal networks.
I would like the following services running on eBox: DHCP, Firewall, Web Proxie, NTP Server, eMail, eGroupware
OK with Ubunto there is a process that is used during the install that writes the hardware configuration files. UDEV. for Network devices Ubuntu writes out a file that records the hardware networking configuration.
On my system I want the motherboards NIC to be the external or WAN ethernet interface SO I use nano to change the file to
so->
now to shutdown, as you can see below I still make lots of mistakes
_________________________________________________________________________
As you can imagine I had problems after that reboot. The network was dead. After re-installing a screen and keyboard I was able to login and change the file back.
Now to my question..... How do I change the OS so that eth0 is on the motherboard - the e100 PCI device, and the Sundance NIC interfaces are configured so that b4-b7 is eth1-eth4?
Any and all help is really appreciated. Especially links to good documentation.
-jeff
Well I'm trying to install ebox from the ebox 1.0 install ISO. Got the OS and ebox modules installed from CD. Rebooted, and because I have 5 NIC's I checked the /etc/udev/rules.d/70-persistent-net.rules file. I did not like what I saw and using nano I changed the file, rebooted and ran into troubles galore. I then reinstalled the screen and keyboard and again using nano fixed the files and rebooted. I'm exactly back where I started. So how do I do that now?
(I am generating a log as I go that I plan to become a good through HOWTO, and I'll include that below between the lines.) it is very very rough right now so please excuse.
_________________________________________________________________________
OK this is where I am going to document the installation of eBox 1.0 in my home network.
Why? The current gateway device does not offer enough flexibility and configuration options to keep my IT savy kids off of the non-school sites during the day. They keep getting viruses on their systems.
what I have:
A domain registered with eNom Central called MYmailDOMAIN.US, that I'll use for email delivery.
Comcast Cable Modem:
Domain hsd1.pa.comcast.net
IP Address 68.32.x.y
Subnet Mask 255.255.255.128
Gateway 68.32.x.w
DNS 168.87.75.194
DNS 268.87.64.146
DNS 368.87.72.130
Linksys WRT54G-TM running DD-WRT v24 as my gateway server
Wan Domain hsdi.pa.comcast.net
WAN IP Address 68.32.x.y
WAN Subnet Mask 255.255.255.128
WAN Gateway 68.32.x.w
Lan Domain Home.MyMailDomain.US
LAN Subnet Mask 255.255.255.0
LAN IP Address 192.168.1.1
LAN Gateway 192.168.1.1
LAN DNS 192.168.1.1
Linksys WRT54G V2 Running DD-WRT V24
Many switches and bridges.
Headless Dell box to run eBox on,
My Main workstation is a Windows VISTA system.
14+ computers
Current Network Configuration:
CABLEMODEM=====>{Linksys WRT54G-TM Running DD-WRT V24}==========={Home Lan}
{IP DHCP 68.32.x.y from Cable Company} {IP's DHCPed from DD-WRT}
What I want:
Desired network configuration:
CABLEMODEM=====>{NIC0 ->eBox with 5 NICS}=+=nic1===>192.168.1/24 -> DMZ, Servers, and other stuff
|
+=nic2===>192.168.2/23 -> Home & School LAN, 2 Wireless AP's running DD-WRT V24 in ap MODE
|
+=nic3===>192.168.3/24 -> DEV LAN
|
+=nic3===>192.168.3/24 -> TEST LAN
I want to have the eBox provide all gateway services for my internal networks.
I would like the following services running on eBox: DHCP, Firewall, Web Proxie, NTP Server, eMail, eGroupware
OK with Ubunto there is a process that is used during the install that writes the hardware configuration files. UDEV. for Network devices Ubuntu writes out a file that records the hardware networking configuration.
Code: [Select]
poundjd@ebox:/etc/udev/rules.d$ cat 70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single line.
# PCI device 0x8086:0x1064 (e100)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:13:20:0c:56:2b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b6", ATTR{type}=="1", KERNEL=="eth*", NAME="eth3"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b5", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b7", ATTR{type}=="1", KERNEL=="eth*", NAME="eth4"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b4", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
poundjd@ebox:/etc/udev/rules.d$
On my system I want the motherboards NIC to be the external or WAN ethernet interface SO I use nano to change the file to
Code: [Select]
poundjd@ebox:/etc/udev/rules.d$ nano 70-persistent-net.rules
This did not work because poundjd is not root, and does not have write permissions to this directory.so->
Code: [Select]
poundjd@ebox:/etc/udev/rules.d$ sudo nano 70-persistent-net.rules
[sudo] password for poundjd:
after saving both a backup and this file with changesCode: [Select]
poundjd@ebox:/etc/udev/rules.d$ ls
05-options.rules 40-permissions.rules 60-persistent-storage-tape.rules 70-persistent-net.rules.backup 85-hwclock.rules README
05-udev-early.rules 45-fuse.rules 60-symlinks.rules 75-cd-aliases-generator.rules 85-ifupdown.rules
20-names.rules 55-hpmud.rules 61-persistent-storage-edd.rules 75-persistent-net-generator.rules 85-pcmcia.rules
30-cdrom_id.rules 60-persistent-input.rules 70-persistent-cd.rules 80-programs.rules 90-modprobe.rules
40-basic-permissions.rules 60-persistent-storage.rules 70-persistent-net.rules 85-hdparm.rules 95-udev-late.rules
poundjd@ebox:/etc/udev/rules.d$ cat 70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single line.
#
# Edit history:
# 2009 04 09 JDP Modified file to move eth0 to motherboard NIC, and sundance NIC to eth1-4.
#
# PCI device 0x8086:0x1064 (e100)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:13:20:0c:56:2b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b6", ATTR{type}=="1", KERNEL=="eth*", NAME="eth3"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b5", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b7", ATTR{type}=="1", KERNEL=="eth*", NAME="eth4"
# PCI device 0x1186:0x1002 (sundance)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:05:5d:5e:89:b4", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
poundjd@ebox:/etc/udev/rules.d$
now to shutdown, as you can see below I still make lots of mistakes
Code: [Select]
poundjd@ebox:/etc/udev/rules.d$ shutdown
shutdown: time expected
Try `shutdown --help' for more information.
poundjd@ebox:/etc/udev/rules.d$ sudo shutdown
shutdown: time expected
Try `shutdown --help' for more information.
poundjd@ebox:/etc/udev/rules.d$ shutdown --help
Usage: shutdown [OPTION]... TIME [MESSAGE]
Bring the system down.
Options:
-r reboot after shutdown
-h halt or power off after shutdown
-H halt after shutdown (implies -h)
-P power off after shutdown (implies -h)
-c cancel a running shutdown
-k only send warnings, don't shutdown
-q, --quiet reduce output to errors only
-v, --verbose increase output to include informational messages
--help display this help and exit
--version output version information and exit
TIME may have different formats, the most common is simply the word 'now' which will bring the system down immediately. Other valid formats are +m, where m is the number of
minutes to wait until shutting down and hh:mm which specifies the time on the 24hr clock.
Logged in users are warned by a message sent to their terminal, you may include an optional MESSAGE included with this. Messages can be sent without actually bringing the
system down by using the -k option.
If TIME is given, the command will remain in the foreground until the shutdown occurs. It can be cancelled by Control-C, or by another user using the -c option.
The system is brought down into maintenance (single-user) mode by default, you can change this with either the -r or -h option which specify a reboot or system halt
respectively. The -h option can be further modified with -H or -P to specify whether to halt the system, or to power it off afterwards. The default is left up to the
shutdown scripts.
Report bugs to <upstart-devel@lists.ubuntu.com>
poundjd@ebox:/etc/udev/rules.d$ shutdown -r
shutdown: time expected
Try `shutdown --help' for more information.
poundjd@ebox:/etc/udev/rules.d$ shutdown -r 0
shutdown: Need to be root
poundjd@ebox:/etc/udev/rules.d$ sudo shutdown -r 0
Broadcast message from poundjd@ebox
(/dev/pts/0) at 1:46 ...
The system is going down for reboot NOW!
poundjd@ebox:/etc/udev/rules.d$
_________________________________________________________________________
As you can imagine I had problems after that reboot. The network was dead. After re-installing a screen and keyboard I was able to login and change the file back.
Now to my question..... How do I change the OS so that eth0 is on the motherboard - the e100 PCI device, and the Sundance NIC interfaces are configured so that b4-b7 is eth1-eth4?
Any and all help is really appreciated. Especially links to good documentation.
-jeff
154
Installation and Upgrades / Help, ISO image not passing check
« on: April 06, 2009, 04:37:25 am »
Hello,
I have downloaded the ISO image for 1.0 three times and burned it to a cd. Each time when I try to have the system check the CD the check sum for ./isolinux/boot.cat fails. Is there a way to verify the ISO image on DISK on my VISTA system before I burn another CD? I have burned many images before with no problem.
-jeff
I have downloaded the ISO image for 1.0 three times and burned it to a cd. Each time when I try to have the system check the CD the check sum for ./isolinux/boot.cat fails. Is there a way to verify the ISO image on DISK on my VISTA system before I burn another CD? I have burned many images before with no problem.
-jeff
155
Installation and Upgrades / Re: smarthost: SASL authentication failure: 'algorithm' isn't 'md5-sess'
« on: April 05, 2009, 07:23:05 pm »Temporarily resolved.To make the edit servive a change you must find the .mas file that ebox used to generate the configuration file. It is almnost always the same name with .mas added to the end
I had to manually edit the /etc/postfix/main.cf file.
I added a rule to allow only plain logins to the remote server, ignoring it's request for MD5-sess.
smtp_sasl_mechanism_filter = plain, login
Clearly, this is not preferred.
Is it possible that eBox thinks it can support md5-sess when requested by remote smarthost server, but it actually cannot? Do I need to do something to enable it?
I also think my edit to the file in /etc/postfix will be overwritten the next time I make a change from the web ui that changes the main configuration, correct? How do I make this change permanent? should I disable TLS in the mail main configuration?
-jeff
156
Installation and Upgrades / Re: Activating advertised networks messes default gateway up
« on: March 31, 2009, 06:00:57 pm »
Does your VPN client allow Split Tunnel VPN connections. I know that my VPN client for work doesn't allow this feature, and most corporate environments would not as well.
-jeff
-jeff
157
Installation and Upgrades / Re: Integration with active directory + user based content filtering?
« on: March 30, 2009, 09:13:25 pm »
All,
I was under the impression that AD had a LDAP interface to AD, am I wrong?
If I am not wrong what would be needed to use the LDAP from AD instead of the LDAP on eBox?
This would be a really cool and usefull feature.
-jeff
I was under the impression that AD had a LDAP interface to AD, am I wrong?
If I am not wrong what would be needed to use the LDAP from AD instead of the LDAP on eBox?
This would be a really cool and usefull feature.
-jeff
158
Installation and Upgrades / Re: Change to a custom subnet
« on: March 29, 2009, 08:51:29 pm »
Ok,
Gateway machine, to preserve the public IP you would have to keep the MAC off of the public iP space until it is installed in the eBox server as the External NIC. That should preserve the ISP's DCHP MAC to IP binding.
Can you draw your current network configuration and the desired network configuration? This would help a whole lot. Please annotate the IP's with xxx for upper two groupings. so your IP range on the drawing might be xxx.xxx.196/21 or some such, with a netmask of 255.255.248.0, this will make it a little harder for someone to find your specific network. My network is a single public IP with 4 internal /24 NATed class C networks, nothing fancy.
-jeff
Gateway machine, to preserve the public IP you would have to keep the MAC off of the public iP space until it is installed in the eBox server as the External NIC. That should preserve the ISP's DCHP MAC to IP binding.
Can you draw your current network configuration and the desired network configuration? This would help a whole lot. Please annotate the IP's with xxx for upper two groupings. so your IP range on the drawing might be xxx.xxx.196/21 or some such, with a netmask of 255.255.248.0, this will make it a little harder for someone to find your specific network. My network is a single public IP with 4 internal /24 NATed class C networks, nothing fancy.
-jeff
159
Installation and Upgrades / Re: Change to a custom subnet
« on: March 29, 2009, 04:22:14 pm »
In order to go forward we need to establish some common ground. So a few really basic questions.
How Many IP's do you get from your ISP? 1 or 2048
I suspect that you get 1.
Is this computer to be a network Gateway for other computers? Yes or No
How many NiC's does the computer have? 1, 2, or more?
and as to losing the IP that your currently getting from the ISP, there are Dynamic DNS solutions to deal with that in a permminate manor, and several are free. My level of technical detail about eBox won't allow me to deal with this. Sorry about that.
-jeff
How Many IP's do you get from your ISP? 1 or 2048
I suspect that you get 1.
Is this computer to be a network Gateway for other computers? Yes or No
How many NiC's does the computer have? 1, 2, or more?
and as to losing the IP that your currently getting from the ISP, there are Dynamic DNS solutions to deal with that in a permminate manor, and several are free. My level of technical detail about eBox won't allow me to deal with this. Sorry about that.
-jeff
160
Installation and Upgrades / Re: Change to a custom subnet
« on: March 29, 2009, 07:31:12 am »If this feature isn't already in eBox, I kinda need it asap. My ISP only gives out 255.255.248.0 subnet masks and that's not an available option. I guess I didn't really notice. Is there any way to manually set this up without breaking anything?
Thanks!
[EDIT]: All it seems I need to do is add 255.255.248.0 somewhere as a valid subnet. I can get a connection but can't force EBOX to see the gateway a valid address because it thinks the subnet is something else.
Since eBox uses XML files for the config, I think I can do it, but I don't know where to go.
I new to e-box but that looks like a sub-net Netmask. So if i understand correctly you get 2048 public addresses from your ISP.
255.255.248.0->1111 1111 1111 1111 1111 1000 0000 0000
Are you planing to use the box as a gateway, with out NAT. on the external interface that should enable you to input a fixed address and the subnet. If on the other hand you get one address from this range via DHCP. the eBox should just cope.
Sorry I could not help you more.
-jeff
161
Installation and Upgrades / Re: egroupware multiple virtual domains configuration
« on: March 27, 2009, 02:20:41 am »
Thanks be to god!
162
Installation and Upgrades / Re: egroupware multiple virtual domains configuration
« on: March 27, 2009, 01:52:41 am »Hi,Please include support for multiple NTP servers - more than 5 is required over slow and jerky links.
I'm sorry to inform you that, as you said, eBox only permits to configure 1 domain for now. Probably the multi-domain feature will be introduced in a next version. Stay tuned!
Regards,
J.A. Calvo
Please include support for multiple domains, with mail, web, egroupware, ldap and other domaine based services......
would also be nice if Ubuntu would automatically stabilize the ethernet locations some how. I have 5 nic's.
sorry for the spelling, I'm on an hotel computer.
-jeff
163
Installation and Upgrades / Re: eBox-USJ asterisk egroupware
« on: March 22, 2009, 01:18:20 am »
Guys,
A bi-Weekly update on this would be Nice. I'm really looking forward to getting this. Weekly would be better.
-jeff
A bi-Weekly update on this would be Nice. I'm really looking forward to getting this. Weekly would be better.
-jeff
164
News and Announcements / Re: eBox 1.0rc2 ready for testing
« on: March 05, 2009, 11:14:10 pm »
Hey all,
Is there an ISO available? I'd love to do an ISO of the 64bit, with e-box and e-groupware.....
A link would really be nice!
-jeff
Is there an ISO available? I'd love to do an ISO of the 64bit, with e-box and e-groupware.....
A link would really be nice!
-jeff
165
Installation and Upgrades / Re: how does a user use ebox?
« on: February 03, 2009, 04:44:40 am »Depending on the desktop your users have you should be able to preset access to their shares...Javi,
I have been away from UNIX for over 20 years, what you said above makes perfect sense to me, but I am absolutely clueless as to how to do that on the computer.... HOW based on Dynamic IP or semi-static MAC, or maybe tieing it back to the user that is currently logged in? BUT re-newed people like me and the newbies need the specific steps.... "I'll even wade through On the server login using the privileged login, them sudo SomeProgramThatDoesSomethingNice --WITHSOMETHING" type instructions....
Code snippets that do the work also educate.... Which is the whole reason I'm hanging around. Heck Snippets that just point the way would at least give is a starting point.
-jeff, OLD RUSTY CRUST IT GUY, I go back to paper tape.... That is where the LOOP came from we would have a need to do something a few hundred times. so we program the tape then either glue it or tape it so that after the result was found, the system reset itself and starting loading.... With the tape constructed in a loop (I have seen them as loon as 50 feet and more, this effectively become a stuck system - frozen in a loop. After the last iteration is done we ensure that the tape is in such a way as to reset the system and power down. if we really were done.
-jeff