Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - dsla

Pages: [1]
1
Other modules / Invalid hostname breaks reverse DNS lookup
« on: August 30, 2016, 03:28:29 pm »
For future reference:

I've just solved a problem with my Zentyal 4.2 installation refusing to update any dynamic (DHCP) reverse DNS entries. The errors in syslog looked like this:
Code: [Select]
Aug 30 08:00:41 toby dhcpd: Added new forward map from firetvstick.tomh.sladden.com. to 192.168.2.33
Aug 30 08:00:41 toby dhcpd: Unable to add reverse map from 33.2.168.192.in-addr.arpa. to firetvstick.tomh.sladden.com.: SERVFAIL

After learning more than I ever wanted to know about both dhcpd and bind9 configuration, as well as apparmor relevant to Zentyal running in an lxc container, it turned out that the problem was a hostname defined within Zentyal under DNS->Domains->[domain]->Host names which had an underscore character in it. Deleting that hostname fixed it.

The debug was finally achieved by setting up comprehensive logging in named as per http://stackoverflow.com/questions/11153958/how-to-enable-named-bind-dns-full-logging and spotting the following in /var/log/named/general.log
Code: [Select]
30-Aug-2016 14:08:49.712 dns_rdata_fromtext: /var/lib/bind/db.2.168.192:14: near 'hp_p2015.tomh.sladden.com.': bad name (check-names)
30-Aug-2016 14:08:49.713 zone 2.168.192.in-addr.arpa/IN: loading from master file /var/lib/bind/db.2.168.192 failed: bad name (check-names)
30-Aug-2016 14:08:49.713 zone 2.168.192.in-addr.arpa/IN: not loaded due to errors.

Dan

2
Installation and Upgrades / Re: [SOLVED] File sharing problem
« on: January 08, 2016, 03:52:55 pm »
This bit me today when restarting the Zentyal mail server in version 4.2.1.3.

The error I got was:
Quote
Could not get ticket: could not acquire credentials using an initial credentials context: No ENC-TS found

and the resolution was the same:
Code: [Select]
sudo samba-tool user setexpiry administrator --noexpiry
Dan

3
OK, after some more digging.

Looking at /usr/share/perl5/EBox/Squid/Firewall.pm

If I manually add a rule like that in sub _trans_prerouting using iptables then the transparent proxy springs into life:

   iptables -t nat -A PREROUTING ! -d 192.168.2.1 -p tcp --dport 80 -j REDIRECT --to-ports 3128

So why isn't that happening automatically when the Zentyal firewall module is restarted? That code just isn't being called.

4
Hi

I'm running Zentyal 4.0.10 on Ubuntu 14.04.3 LTS.

Everything has been working beautifully for years - except that I can't get the transparent Http Proxy to work at all. It is enabled in webadmin and changes saved etc. Squid is running, but never accessed.

I've spent many hours trying to figure out why now. I'm reasonably adept with iptables and Zentyal so I am surprised to see that the nat table seems to have no entries for transparent proxying in any chains.

It would be helpful to know if I am looking in the right place to fix this - could someone please confirm that transparent http proxy should insert rules in the nat table? And if this is the case, where I should look next within Zentyal to figure out why it isn't!

Thanks in advance
Dan

5
Installation and Upgrades / Re: Download configuration backup
« on: January 12, 2015, 04:00:14 pm »
Well, no sooner do I ask for help than I realise a solution.

I had a local backup from about a week ago, so managed to restore just the samba module from that with:

Code: [Select]
/usr/share/zentyal/restore-backup --module <<local_backup_file_name>>
This got webadmin back up and running, from which I was able to restore the online backup.

Feature suggestion though: automatically keep the last few online backups locally also?

6
Installation and Upgrades / Download configuration backup
« on: January 12, 2015, 03:49:14 pm »
I have managed to break my installation today :( and would like to restore from the most recent automatic cloud backup.

My zentyal.log file says that the last backup at 5.43am today was successful.

But I have broken the LDAP configuration, without which I cannot start samba and webadmin.

So I am sincerely hoping that there is there a way of downloading a cloud backup without webadmin?

Thanks
Dan

7
Installation and Upgrades / PPPoE configuration not adding default route
« on: December 25, 2014, 09:20:33 pm »
Hi

I've been running Zentyal 3 for a long time to provide internet gateway for home network (eth0->LAN, eth1->Internet).

Recently I have rebuilt the server to Zentyal 4.0.5 (all up to date).

I have been suffering reliability issues with my broadband provider's DSL router so want to remove it. So I have changed Zentyal's eth1 (external) interface from static (on the DSL router's subnet) to PPPoE and removed the router. I also removed the old (redundant) gateway configuration

Login to my DSL provider is fine and connection via ppp0 is established. But the Zentyal-generated IP routing table is missing a default route via ppp0. The only entries are:

192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
195.166.xxx.xxx 0.0.0.0         255.255.255.255 UH    0      0        0 ppp0

Executing "route add default dev ppp0" fixes it - but why isn't Zentyal doing this for itself?

Thanks in advance
Dan

8
Just create two (2) network objects. 1. Certain host and 2. Other hosts. Then use bandwidth shaping, to route those traffic to the appropriate gateway.

I think this is just what I need also, but I'm afraid I don't understand how to do it. Could you spell it out in Zentyal 3.0 please?

So far, I've got my Zentyal server to connect to my VPN provider successfully and to create a tun0 interface, but I can't see how to route any traffic to it.

Thanks in anticipation
Dan

Pages: [1]