1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Community

Get Connected

  • Join the discussions in the online forums
  • Create your own group or join others
  • Communicate and share ideas members
  • Suggest a feature or help with a bug report
  • Access translations, develop and more
 

Members Login

Forgot your / ?

Latest Groups

  • ClearOS Tanzania Community
  • Bolivia
  • Clean Team
  • Hong Kong

New photos

  • Aaron Bylund
  • Sarwar Javaid
  • Aaron Bylund
  • Aaron Bylund
  • Sarwar Javaid
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Christopher Garcia
  • Christopher Garcia
  • Christopher Garcia
  • Sarwar Javaid
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund
  • Aaron Bylund

Who's Online

  • wadvs457
  • mhEddkjwf
  • Nick Howitt
  • Maxim
  • Dave Loper
  • Thomas Thompson
  • Ruud van Lent
  • k03RSvu4
  • gjisoslius9
  • Aeddvawk
  • huangh0i3
  • Nathan
  • iornzeior
  • zalf1t4s
  • Vincenzo Prota
  • Eaddjnot
  • YAR
  • Mike Szumlinski
  • sanyou3by
  • Peter Baldwin

Members

  • Daniel Zimbru
  • andy burley
  • Steve Royer
  • fftda0r0
  • milezgve
  • asyp30tev
  • lp169sioaz
  • vital
  • undeayisp
  • yanqrj2dv
  • Thomas Thompson
  • mjusticia
  • rerlianre
  • tpvz0na6
  • tr6pizq8ax
  • kcqp8m9b
  • Patric Trentin
  • aezlk4j3
  • rem5ft4th
  • tfybujkvse
  • nupb0z6e

Videos

MORNING: Inspirational Running Video 02:32
1347 views
Last updated: Wednesday, 18 December 2013 10:29
Chocolate Shoppe by Sniper Twins feat. Rob Collier 06:14
2791 views
Last updated: Tuesday, 30 November 2010 19:50
ClearOS Roadshow To Campus (TI Universitas Palangkaraya) 02:10
1381 views
Last updated: Tuesday, 17 December 2013 10:46

Recent activities

Today
Peter Baldwin replied to the topic Re:Elasticsearch: Integrated search on files, email, web content, etc. in the forums.
Hi Marc,

ClearOS doesn't have any apps that can be used for creating content -- those apps are coming with Tiki, Wordpress, etc., but have not yet arrived. I'm ready to dogfood/bootstrap getting ElasticSearch running on ClearOS, but the aforementioned apps need to be delivered first
08:37 AM
Peter Baldwin replied to the topic Re:PHP 5.5 / PHP 5.6 : what is the best way to get on ClearOS 6.x ? in the forums.
Dave Loper wrote:
Even the RHEL 7 beta is using 5.4 which is NOT good news (although that could change closer to release.)

It's still PHP 5.4 in the RHEL7 Release Candidate too.
08:26 AM
Nathan replied to the topic Re:Mail Server .. not sending or reciving anything in the forums.
As it turns out you can just call Comcast and ask them to turn port 25 back on. From what I read they do this from the cable modem. You have to call their internet security team or something like that instead of the normal tech support. The number I found was: 888-565-4329. They started a ticket and about 4 or 5 hours later everything was up and running!
02:48 AM
andy burley created a new group, Quality SEO Work 01:07 AM
Sandro replied to the topic Re:Zarafa and the ClearOS 6 Mail Stack - Test Release in the forums.
Hi Tim,
i've updated zarafa as you wroted, now when I try to start the zarafa-server service the message is like this:

Code:

 service zarafa-server start
Starting zarafa-server: Config error: Unknown option 'index_services_prefix_chars' found!
Server shutdown complete.
                                                           [FAILED]



where I fix the config error please?

tnx a lot.
12:29 AM
Jazzy replied to the topic Re:Flexshare audit log not working ? in the forums.
Hi guys, no update on the flexshare audit log? where can i found those logs? i'm also interest to have alook for security compliance. THanks for your advice.
12:03 AM
Yesterday
Josh Harding created a new topic Mail Retrieval able to download from MS Exchange with IMAP running? in the forums.
Greetings Everyone
At my suggestion, the company I work for are considering implementing ClearOS for our fleet of boats. The current arrangement is each boat has several Windows 7 PC's joined to a local domain controller with role based usernames on each boat.

Each PC's email client, Outlook 2010, reaches into our head office (not on the local domain) to authenticate to the Exchange Server over a 3G connection to shore. The 3G provider has a backhaul into our office. This proves problematic as Windows has authentication issues using differing accounts (local domain user differing from the Head Office domain user - yes 2 user accounts exist). The boat domain controllers are NOT in a trust relationship with head office as they may go offline for very long periods at a time. As an alternative, the boats will use Webmail to check their mailboxes when on satellite comms.

I've suggested each boat should be using ClearOS over Windows 2008R2 server as they will be more autonomous, require far less ongoing maintenance, plus will receive regular report on each server which Windows Svr lacks. There are a plethora of other advantages ClearOS has over Windows in this environment also.

Q - Can ClearOS use Mail Retrieval to connect to the head office Exchange Server to download mail? A "Pull mail" is preferred over "Push from Exchange" so the same folder structure can be replicated on each boat's client PC.

Our usernames are in the format of "first initial then surname" (i.e. jharding) but email is "firstname.surname@domain.com". When attempting to prefix the username with domain (i.e. domain\jharding) in the mail retrieval is returning an error. If we try the full email address, the system isn't able to authenticate correctly as the username isn't presented correctly.

Will this require the Active Directory connector installed on the ClearOS to have any chance at authenticating correctly? I'm really hoping this can be resolved as there are potentially 52 boats that will have this installed. We will be up-spec'ing ClearOS to Professional however need to sort this for proof of concept.

Thanks in advance
Josh
05:14 PM
Mike Szumlinski replied to the topic Re: IPSec VPN Tunnel up, odd traffic passing in the forums.
Site A
Code:

[root@router ~]# iptables -L POSTROUTING -t nat -n -v
Chain POSTROUTING (policy ACCEPT 3494 packets, 304K bytes)
 pkts bytes target     prot opt in     out     source               destination         
   10   720 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           policy match dir out pol ipsec 
    0     0 ACCEPT     all  --  *      tun+    0.0.0.0/0            0.0.0.0/0           
    0     0 SNAT       udp  --  *      *       192.168.3.0/24       192.168.3.44        udp dpts:10000:20000 to:192.168.3.1 
    0     0 SNAT       udp  --  *      *       192.168.3.0/24       192.168.3.44        udp dpt:5060 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.37        tcp dpt:80 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.50        tcp dpt:22 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.37        tcp dpt:22 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.46        tcp dpts:6180:6188 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.43        tcp dpt:8080 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.39        tcp dpt:10011 to:192.168.3.1 
    0     0 SNAT       tcp  --  *      *       192.168.3.0/24       192.168.3.39        tcp dpt:30033 to:192.168.3.1 
    0     0 SNAT       udp  --  *      *       192.168.3.0/24       192.168.3.39        udp dpt:9987 to:192.168.3.1 
 5322  474K MASQUERADE  all  --  *      eth0    0.0.0.0/0            0.0.0.0/0           
21757 2172K MASQUERADE  all  --  *      eth1    0.0.0.0/0            0.0.0.0/0           



Site B
Code:


[root@router ~]# iptables -L POSTROUTING -t nat -n -v
Chain POSTROUTING (policy ACCEPT 1145 packets, 75958 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   19  1500 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           policy match dir out pol ipsec 
    0     0 ACCEPT     all  --  *      tun+    0.0.0.0/0            0.0.0.0/0           
    0     0 SNAT       tcp  --  *      *       192.168.10.0/24      192.168.10.5        tcp dpt:85 to:192.168.10.1 
    0     0 SNAT       tcp  --  *      *       192.168.10.0/24      192.168.10.5        tcp dpt:6036 to:192.168.10.1 
 4431  264K MASQUERADE  all  --  *      eth0    0.0.0.0/0            0.0.0.0/0           

11:21 AM
Niko Nieminen created a new topic Windows Update transparent proxy in the forums.
Hi,

I'm trying to get transparent proxy to cache Windows 8.1 update. It's not working. Can somebody say what's wrong with my config?

-Niko

Code:

#
# Authentication
#
include /etc/squid/squid_auth.conf

#
# Access control lists
#

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

# ClearOS LAN definitions (webconfig_lan and webconfig_to_lan) are generated automatically
include /etc/squid/squid_lans.conf

# ClearOS Web Access Control: access control lists
include /etc/squid/squid_acls.conf

acl SSL_ports port 443
acl SSL_ports port 81
acl Safe_ports port 80__FBTAB____FBTAB__# http
acl Safe_ports port 21__FBTAB____FBTAB__# ftp
acl Safe_ports port 443__FBTAB____FBTAB__# https
acl Safe_ports port 70__FBTAB____FBTAB__# gopher
acl Safe_ports port 210__FBTAB____FBTAB__# wais
acl Safe_ports port 1025-65535__FBTAB__# unregistered ports
acl Safe_ports port 280__FBTAB____FBTAB__# http-mgmt
acl Safe_ports port 488__FBTAB____FBTAB__# gss-http
acl Safe_ports port 591__FBTAB____FBTAB__# filemaker
acl Safe_ports port 777__FBTAB____FBTAB__# multiling http
acl Safe_ports port 81
acl Safe_ports port 82
acl Safe_ports port 83

acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com

acl CONNECT method CONNECT
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com

acl password proxy_auth REQUIRED

#
# Access permissions
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Access rules
http_access allow localhost

# Windows update
http_access allow CONNECT wuCONNECT webconfig_lan
http_access allow windowsupdate webconfig_lan

# ClearOS Web Access Control: http_access settings
include /etc/squid/squid_http_access.conf
http_access allow webconfig_to_lan
http_access allow webconfig_lan

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
include /etc/squid/squid_http_port.conf

# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/spool/squid 102400 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:__FBTAB____FBTAB__1440__FBTAB__20%__FBTAB__10080
refresh_pattern ^gopher:__FBTAB__1440__FBTAB__0%__FBTAB__1440
refresh_pattern -i (/cgi-bin/|\?) 0__FBTAB__0%__FBTAB__0
refresh_pattern .__FBTAB____FBTAB__0__FBTAB__20%__FBTAB__4320

# Error handling
error_directory /var/clearos/web_proxy/errors

# Logging
access_log /var/log/squid/access.log squid

# X-Forwarding
follow_x_forwarded_for allow localhost
forwarded_for delete

# Shutdown time
shutdown_lifetime 10 seconds

# Sizes
maximum_object_size 10485760 KB
reply_body_max_size none

11:11 AM
Richard George created a new topic Snort community.rules in the forums.
I notice that the Snort website says that with the rewrite of the VRT License Agreement, means that community.rules is now available .. but even though it (apparently) appeared with Snort version 2.9.4.1, and the version in the ID module is later, that particular rule set is missing. Are there any plans to introduce this?
09:13 AM
Sandro replied to the topic Re:Zarafa and the ClearOS 6 Mail Stack - Test Release in the forums.
Hi Tim,
i've try to migrate from zarafa 7.x verision installed on ClearOS 5.2 to zarafa installed on fresh installation of ClearOS 6.5

i've followed you're guide at: docs.google.com/document/d/1Sei3F6uJDkRY...DLYiYuXUD3CDd1A/edit

but when I try to start zarafa server it doesn't works, the log is like that:

Code:


Wed Apr 23 20:11:39 2014: Starting zarafa-server version 7,0,15,42709, pid 2245
Wed Apr 23 20:11:39 2014: Listening for priority pipe connections on /var/run/zarafa-prio
Wed Apr 23 20:11:39 2014: Listening for pipe connections on /var/run/zarafa
Wed Apr 23 20:11:39 2014: Listening for TCP connections on port 236
Wed Apr 23 20:11:39 2014: Connection to database 'zarafa' succeeded
Wed Apr 23 20:11:39 2014: WARNING: zarafa-licensed not running, commercial features will not be available until it's started.
Wed Apr 23 20:11:39 2014: WARNING: Database version (36420) is newer than the server version (62)
Wed Apr 23 20:11:39 2014: You can force the server to start with --ignore-database-version-conflict
Wed Apr 23 20:11:39 2014: Warning, you can lose data! If you don't know what you're doing, you shouldn't be using this option!
Wed Apr 23 20:11:39 2014: Server shutdown complete.



what can I do please?
08:35 AM
mihai replied to the topic Re:DMZ question in the forums.
All done and works just fine.
thanks for all help
07:58 AM
EasyBit joined the group Tiki Wiki CMS Groupware & Tiki Suite 07:05 AM
Marc Laporte replied to the topic Re:PHP 5.5 / PHP 5.6 : what is the best way to get on ClearOS 6.x ? in the forums.
You are the expert.

tikisuite.org is waiting for your signal to be upgraded to 5.5 We need it for the Jitsi Provisioning.

Thanks!
07:02 AM
Luis joined the group Education 04:59 AM
Tashiel created a new topic Web Proxy Authentication disable nto working in the forums.
Hi There

I am new to Clear OS, basically installed it clearos 6.4, registered for professional as it is a VPS, configured webproxy and content filter, however having serious issues with disabling web proxy authentication.

It is disabled in Gateway>Web Proxy>Settings>

Yet when i add the settings to my internet settings, the popup on the browser shows up and asks for authentication.

I have enabled it, added myself as a test user and authenticated and it works perfectly fine when authenticated, but i cannot have it authenticating, because i want to offload my traffic from my mikrotik to this proxy and then have it send the traffic back, which currently almost working, besides this one little thorn, the mikrotik cant authenticate to parent proxies...

i cannot change settings in transparent mode, because there is no transparent mode> standalone install.

Have rebooted it several times.

Please help.
04:14 AM
2 days ago
Marc Laporte created a new topic Elasticsearch: Integrated search on files, email, web content, etc. in the forums.
Hi!

Elasticsearch is a flexible and powerful free / libre / open source, distributed, real-time search and analytics engine. It is super fast, RESTful, based on Apache Lucene and has a very high activity level: www.ohloh.net/p/elasticsearch

It is part of "The Elasticsearch ELK Stack". The two other apps of the stack are:
* Logstash helps you take logs and other time based event data from any system and store it in a single place for additional transformation and processing.
* Kibana is Elasticsearch’s data visualization engine, allowing you to natively interact with all your data in Elasticsearch via custom dashboards.

See also: solr-vs-elasticsearch.com/


Does anyone have experience / interest with it? I would like to explore running Elasticsearch on ClearOS, and handling the security aspects:
* github.com/elasticsearch/elasticsearch/issues/664
* github.com/sonian/elasticsearch-jetty

Elasticsearch is part of Tiki suite:
* www.clearfoundation.com/Community/Groups/141/Viewgroup.html
* suite.tiki.org/Tiki+Suite

These are the types of use cases we are looking to cover:
tiki.org/Use+Cases+for+NLP+and+IR+in+Tiki

I would like to extend this to data outside Tiki, notably the files in the ClearOS-Samba Flexshares and emails in Zarafa.

Best regards,

M
11:22 PM
Rob Bosma added a new wall post in the group, Zimbra Integration 11:09 PM