Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - ovecka

Pages: [1]
Other modules / Successful RADIUS logins can't be filtered in GUI logs
« on: December 03, 2020, 07:29:49 pm »
I found a problem with RADIUS logs in the GUI. When a successful login occurs, it's doesn't show as a "Login OK" event but rather, it is reported as an empty event which can't be filtered. Failures are displayed correctly. The actual /var/log/freeradius/radius.log properly logs the "Login OK" messages but they are not picked up by the GUI. Is it just some simple typo in the web function that can be fixed on my side?

Other modules / Firewall drops random packets on proxy and http ports
« on: April 04, 2018, 07:56:12 pm »
I'm trying to figure out why our Zentyal firewall sometimes drops packets that by the rules should go through easily.

Our 3.5 Zentyal is connected to eth0 (internal) parallel to all other devices and acts as a PDC, DHCP, RADIUS  server and an explicit proxy for around 50 devices. NATting is done on VDSL modem which is set as a default gateway and properly distributed to clients by DHCP. Everything kind of works correctly but for the past two weeks, the firewall module has started dropping some packets from random devices on ports 3128 (inbound) and 80 (outbound) even though the Zentyal outbound traffic rule is set to allow everything and I didn't alter any HTTP proxy service rule. Even explicitly creating a rule to allow port 3128 traffic in "Internal networks to Zentyal" (and setting it as the topmost) doesn't solve the problem and the dropping continues (see picture below). On those affected devices, everything seems to work including internet. Apparently, only a very small fraction of packets is dropped so the user doesn't notice anything while browsing.

The only change I made in /etc/zentyal/firewall.conf is changing nat_enable to "no"
I didn't make any changes to iptables or firewall.postservice hook.

Is it a bug or it has something to do with spoofing protection? Any ideas or advices?

Unfortunately, I can't add any images and iptables printout to the post (upload folder full).

Pages: [1]