Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Gilberto Ferreira

Pages: [1] 2 3 ... 10
1
Portuguese / Problema com Openvpn site2site
« on: October 27, 2021, 09:04:14 pm »
Olá pessoal

Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:

vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24

zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1

zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1

Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.

Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.

Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet

+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

2
Installation and Upgrades / Openvpn site2site in Virtualbox (LABHOME)
« on: October 21, 2021, 07:19:57 pm »
Hi there

I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.

I also have create two host network, like:

vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0

Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT

# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE

#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1

After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.

Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN

I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2

Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2

But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.

What I missing??
I appreciated for any help!

Thank you.




3
Hi there

I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo  dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======

SOGo database schemas are _not_ automatically upgraded by
the packaging system.

Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.

More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading

apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
     Loaded: loaded (/etc/init.d/sogo; generated)
     Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
       Docs: man:systemd-sysv-generator(8)
    Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)

ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]:  * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
 o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
 zentyal-sogo depende de sogo (>= 5.0.1); porém:
  Pacote sogo:amd64 não está configurado ainda.

dpkg: erro ao processar o pacote zentyal-sogo (--configure):
 problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
 zentyal-groupware depende de zentyal-sogo; porém:
  Pacote zentyal-sogo não está configurado ainda.

dpkg: erro ao processar o pacote zentyal-groupware (--configure):
 problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
 sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
  Pacote sogo:amd64 não está configurado ainda.

dpkg: erro ao processar o pacote sogo-activesync (--configure):
 problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
 sogo:amd64
 zentyal-sogo
 zentyal-groupware
 sogo-activesync

And Yes! My Linux box is in PT-BR.

But after some strogle I figure out that need to trigger two steps:

Step 1 - touch /var/run/sogo/sogo.pid

After this I was to apply apt -f install but Apache2 configuration was in error.

Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:

a2enmod proxy

Then, after this apache2conf configtest ran smootlhy.

Just wanna report this problem.


Thanks.



4
Hello guys.

I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee

The end ddd is standard.
The end eee would be the secondary.

It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.

I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, ​​it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee

But without success!

Thanks to anyone who can help me.

5
Portuguese / Fazer máquina interna sair por outro IP externo.
« on: April 02, 2021, 04:01:32 pm »
Olá amigos

Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee

O final ddd é padrão.
O final eee seria o secundário.

Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.

Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee

Mas sem sucesso!

Obrigado a quem puder me ajudar.



6
Hi there friends...

I have zentyal 4 works fine, but sometimes I see this message is syslog

Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal

And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...

Any body get this error too???

Thanks

7
Installation and Upgrades / Zentyal 4 HA
« on: November 06, 2019, 12:53:35 pm »
Hi there

I have set two servers, working with HA and so far so good... I have tested powered off one server and the secondary server got the IP and DHCP services...  But, when secondary server assume this services, I needed to restart samba manually, in order to get backup folders shares work properly. So my question is, how can I set samba into HA service like ip or dhcp does, in order to samba restart automatic when primary server gone away?
I also tryied to use hooks scripts but when do so, the DHCP return fail status in crm_mon 1

Thanks for any kind of help!

8
Installation and Upgrades / Zentyal HA - Error in dhcp
« on: September 24, 2019, 08:34:14 pm »
Hi

I have this error in zentyal ha running version 4.0

ipha150 (ocf::heartbeat:IPaddr2):       Started srv01
dhcp    (ocf::zentyal:Zentyal): Started (unmanaged) FAILED [ srv01 srv02 ]

Failed actions:
    dhcp_stop_0 (node=srv01, call=78, rc=1, status=Timed Out, last-rc-change=Tue Sep 24 15:27:58 2019
, queued=20002ms, exec=0ms
): unknown error

9
Installation and Upgrades / Add resource in HA - Zentyal 4.0
« on: September 23, 2019, 07:08:45 pm »
Hi there

I am playing aroud HA setup in Zentyal 4.0, and I wonder if there is something way to add ohters resources into cluster

How can I do this?

Thanks

10
Installation and Upgrades / Backup took to long to list files...
« on: August 03, 2019, 01:56:26 am »
Hi there!

I have Zentyal 3.5 here and install ebackup (duplicity) and for my mistake, I set to view all the files (or itens) into restore files tab...
There's thousands files and took too long list them...

The problem occur when I try to display this page:

https://189.115.89.18:50443/SysInfo/EBackup#RemoteFileList

I have seen that uwsgi process took 100% of CPU:

14917 ebox      20   0  757780 394492  54992 R 100,0  4,9   3:50.59 uwsgi                                                           

And I also notice that when I kill the process uwsgi, I am able to return to the dashboard after a while...

How can I reset the view to just 10 itens??

Thanks

https://photos.app.goo.gl/dzT53gAUa8ChLEhi9


11
Hi there!

I am using Zentyal 6 and notice this warn in zentyal.log, after restart DHCP module:

2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $dir_path in concatenation (.) or string at /usr/share/perl5/HTML/Mason/Tools.pm line 114.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - readdir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 17.
2018/11/12 14:45:05 WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - closedir() attempted on invalid dirhandle $dirHandle at /usr/share/zentyal/stubs/dhcp/includes.mas line 21.

What should cause this issue?
Sometimes, the module showing in dashboard as stopped.
So I click in restart module, get the information above and the module still show as stopped.
However, the services dhcpd remain in running state...

Any clue??

Thanks

12
Installation and Upgrades / Issue with Zentyal 3.2...
« on: October 17, 2016, 06:44:00 pm »
Hi folks...

I have an issue with Captive Portal in Zentyal 3.2, which doesn't now show any user or groups.
My Zentyal box are sync with MS Windows AD 2012, and I am able to use groups to make the Proxy HTTP profiles and rules....
But in Captive I see no users or groups.

Can anybody help me, please?

Thanks a lot!

13
Portuguese / Captive Portal no Zentyal 3.2
« on: October 17, 2016, 05:22:46 pm »
Olá amigos.

Integrei um Zentyal 3.2 no AD do Windows 2012 R2, porém não como AD Adicional.
O Zentyal enxerga os usuários e grupos normalmente, tanto é que estou usando eles nas restrições de proxy.
Mas quero usar o Captive Portal e, depois de instalado, não aparece os usuários nem os grupos. Tenho que fazer alguma coisa diferente???

Obrigado se puderem ajudar!

14
Portuguese / Zentyal 4 e módulo de monitoramento.
« on: August 18, 2016, 06:25:40 pm »
Olá amigos...

Alguém sabe se há possibilidade de instalar o módulo de monitoramento no Zentyal 4??

Obrigado

15
Portuguese / Usuário com multiplas Unidades Organizacionais
« on: March 14, 2016, 09:40:36 pm »
Olá amigos...

Alguém usando o Zentyal 4.2??
Pelo que fiquei sabendo, é possível ter um usuário dentro de multiplas Unidades Organizacionais, mas não achei nenhuma documentação a respeito.
Alguém tem uma luz??

Obrigado

Pages: [1] 2 3 ... 10