1. Subscriptions
  2. Services
  3. Hardware
  4. Support

ClearFoundation

Community

Get Connected

  • Join the dicussions in the online forums
  • Create your own group or join others
  • Communicate and share ideas members
  • Suggest a feature or help with a bug report
  • Access translations, develop and more
 

Members Login

Forgot your / ?

Latest Groups

  • ClearOS Tanzania Community
  • Bolivia
  • Clean Team
  • Hong Kong

New photos

  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Aaron Bylund
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Aaron Bylund
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Aaron Bylund
  • Aaron Bylund
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Aaron Bylund
  • Marcel van Leeuwen

Who's Online

  • chrille
  • Vucko Zagi
  • Uğur Çaçaron
  • Gujs
  • Scott
  • Adam Lemanski
  • Francis Poulizac
  • John_Schaller
  • Bob Stangarone
  • nigel tatschner
  • Nick Howitt
  • Cevin

Members

  • CCN
  • Thiago Rosa de Oliveira
  • satuiz
  • Bilo
  • SUtisna
  • Jader Waiser
  • Michel
  • nigel tatschner
  • RobertP
  • Marius Berg Syvertsen
  • Darío
  • PRC
  • Alex Chenko
  • Uğur Çaçaron
  • Yahya HZAMI
  • Thiago Sampaio Richter
  • Donald Francis
  • lolilovely
  • dimka2012
  • Jorge
  • concretomix

Videos

This is Bolgenos! 02:35
894 views
Last updated: Sunday, 06 June 2010 08:49
Using the Dockstar as a Powerful Gaming and Emulation Console 14:08
683 views
Last updated: Tuesday, 30 November 2010 19:48
ClearOS 5.2: Web ServerWebminWordpress installation (Part 3) 09:44
1497 views
Last updated: Tuesday, 17 August 2010 17:20

Recent activities

Today
nigel tatschner created a new topic using Windows AD to auth web proxy in the forums.
This is what I e-mail Clear,

Hi ClearOS,

I am currently setting up ClearOS as a Web Proxy and a Content Filter, I have the system set up and the filtering is working as intended but I require users to be authenticated Via AD when using the proxy so it logs as the AD user.
What I have done so far is to follow some instructions here www.clearfoundation.com/component/option.../func,view/id,25117/ and added the machine to the domain, using wbinfo –u it displays the users in the domain (which is great) and but when I try the proxy I get asked for a log in box (which I don’t want) and if I try my domain log in details its fails to log in stating there is an error and brings up a clearOS error page.

As you can see what I am trying to achieve is that the users do not need to enter any log-in details and that the logs display the users access attempts to blocked sites and it would do if I was going to use the log in via ClearOS itself.


As you can see i'm having issues!!! If you need more info please let me know!!!

Nigel
07:33 AM
Marcin Zastawny created a new topic antispam and antimalware subscription updates in the forums.
Hi everyone, I am going through all the updates (sdn subscriptions) available, and saw the two subscriptions:
antispam
and
antimalware

my question is - do these filtres work only if the mail server is on the clearos machine itself, or is ot some sort of a filter which analises trafic over smtp ports and they would work if I have a web and mail debian server in the dmz?

thanks,
Marcin
04:36 AM
Scott created a new topic ClearOS Subscriptions - how do they work? in the forums.
I have emailed Clear Foundation a couple times and still have not received a reply. Does anyone know if I need to purchase 1 subscription for my account ($80 x 1 account) that covers multiple machines, or do I need to purchase one subscription per machine ($80 x machine)?

Specifically, I need the $80 subscription that includes the dynamic VPN. So is that $80 per machine or $80 for the account that covers all the machines?
03:19 AM
mesut replied to the topic Re:Multi-wan Setup in the forums.
P.S.: I'm not affraid of the CLI.
I love CLI

In my opinion, multi-wan web interface is so simple and poor.

explanation:
Mangle chain of iptables is used to mark the packets for future operations. U can see the it by typing:
iptables -t mangle -nvL
iptables will check the rules in chain by order, and first rule that matches will be applied, the rest rules wont be checked.
So in your situation, the order of rules will be the key.
solution:
U can add custom firewall rules via web interface or by editing /etc/rc.d/rc.firewall.custom (or /etc/rc.d/rc.firewall.local). So u will change the rules in the mangle table to make it work as u requested.

If u need more help, post the output of "iptables -t mangle nvL"
02:41 AM
Nick Howitt replied to the topic Re:Internet and DNS problems. wait til 6.2? in the forums.
With regards your current set up I am not sure what the issue is and I think it should work. It probably could be done differently with all three WAN's coming into ClearOS then have two LAN interfaces, one a DMZ and the other as a normal LAN. Attach the FTP and webserver to the DMZ and look at using 1-to-1 NAT to connect your external IP to the webserver. Normally the ClearOS firewall isolates the LAN from the DMZ but it is easy to make specific holes in the firewall to you can connect from LAN (or specific LAN machines) to DMZ and not the other way round. I am not familiar with 1-to-1 NAT but I believe it will do what you want.

Out of interest are eth0 and eth2 configured as ethernet or PPPoE and are your WAN's ADSL or cable?

I know you have said you now don't think it is a ClearOS issue, but if you want to check if you are using the latest/best drivers, can you post the output of "lspci -v | grep Eth", "grep eth /etc/modprobe.conf" and "uname -r" or run this script then post the output.
01:36 AM
mesut replied to the topic Re: Multiwan and NAT maximum number of connections. in the forums.
1- I think the value that u look for is "ip_conntrack_max"
# sysctl -A|grep -i net.ipv4.netfilter.ip_conntrack_max
net.ipv4.netfilter.ip_conntrack_max = 65512
the default value "65512" is ok for u?
Check "/var/log/messages" and look for "ip_conntrack Table full. Dropping packet" error message. If u dont see those lines, no need to change "net.ipv4.netfilter.ip_conntrack_max"

Note: U have very powerfull gateway box. If u care about system resources so much that, go with BSD based firewall distros which uses pf. Iptables will use more system resources than pf does.


2- I am not good at english at all I cannot understand the meaning of "evenly distribute public IP to NAT clients".
Do u want certain clients will always use certain external interface to reach internet?
01:34 AM
Nick Howitt replied to the topic Re: Manual Content Filter IDS, etc. updates? in the forums.
For IPS/IDS have a look at this thread. Pass on the others.
01:03 AM
RobertP replied to the topic Re:Can't install vmware server 2 on ClearOS 5.2 in the forums.
Yes, i've seen it. I have a problem with the kernel.

I can't run config.pl because of a difference between the running kernel en de development kernel.
01:03 AM
mesut replied to the topic Re: Port Forwarding through gateway box in the forums.
hi Jeff,
Same port cannot be forwarded to multiple internal destination for same connection.

But the answer of question is "yes it is possible". The firewall will forward that port to multiple internal servers randomly (round robin). So that port will be forwarded to one of internal servers per connection.
it can be done that via custom firewall rules on web interface. iptables allows to define the range of internal servers ip, not seperate 2 ip address. So u must change second server ip 192.168.112.50 to 192.168.112.2

The rules u need to add:
iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 1194 -j DNAT --to-destination 192.168.112.1-192.168.112.2
iptables -I FORWARD -i eth0 -p tcp --dport 1194 -d 192.168.112.1 -j ACCEPT
iptables -I FORWARD -i eth0 -p tcp --dport 1194 -d 192.168.112.2 -j ACCEPT

in this example: eth0 is the external interface, 192.168.112.1 and 192.168.112.2 are the ip addresses of internal servers.
01:01 AM
Yesterday
mangthjik replied to the topic Re:ClearOS Module - Live Bandwidth Graph in the forums.
sorry I am find the answer need to do this first

yum install patch dashboard-index.php.v2.patch
yum install patch dashboard-head.inc.patch

thanks
10:18 PM
Scott created a new topic Manual Content Filter IDS, etc. updates? in the forums.
Is it possible, and how would you update the content filters, IDS, etc. data if you did not subscribe to the additional add-ons for those?
05:30 PM
zakky replied to the topic Re:error every update on cleaos 6 beta2 in the forums.
thanks for all
03:50 PM
RobertP created a new topic Can't install vmware server 2 on ClearOS 5.2 in the forums.
I want to install vmware server 2 on my ClearOS 5.2.

I followed the instructions in the HowTo's, however when i start the config.pl, I get the following question.

What is the location of the directory of C header files that match your running
kernel? [/usr/src/linux/include]

Whatever I try, the installation doesn't go further than this.

Before the installation i've already installed all of the development tools with : yum groupinstall "Development Tools"
According to the HowTo i've also installed the patch.

When I look further i noticed the following:

command : uname - mr

Results in:

2.6.18-194.8.1.v5PAE i686

Command : rpm -qa kernel\* | sort

Results in:

kernel-devel-2.6.18-194.8.1.v5
kernel-headers-2.6.18-194.8.1.v5
kernel-PAE-2.6.18-194.8.1.v5


As far I can see there's a difference between the running kernel and the development kernel for the headers.

I'm not sure if this causes the problem, if yes, how can I solve it?

I used the rpm version of vmware server, this is the complete filename/version of this rpm.
VMware-server-2.0.2-203138.i386.rpm (this is also the version used in the HowTo)

Is there someone who can help me or has the same problem?
03:48 PM
zakky uploaded a new avatar. 03:41 PM
zakky created a new topic Server Remot Via Mobile Phone????? in the forums.
Hi every one on clearos forum.
In my School, i have project from my head master, the question is "how The Server ClearOs 5.2 can Remot via Mobile Phone:
example:
- Report - who is online (everyting via wireless/wire)?,
- SMS Gateway for Schedule On/Off server by authentic user via Mobile Phone?
- Report - Hotspot Activation register new user via Mobilephone?
- E-Learning (teacher send Homework to students via Mobilephone)?
- Report - manage hotspot (user online/offline)
- Modem HSDPA/3G USB/Com Port )


everything in workstation control by server, but server can control via mobilephone.
for map of networking under contruction.
Have any idea for this solution?
03:38 PM
Patrick Muller replied to the topic Re:Cannot join domain with Win XP clients in the forums.
Mike Gilbert wrote:
Hi,

have just set up first Clear OS install and can't seem to get the XP Pro clients to connect.

When I click on change to change from workgroup to domain I get prompted for a username and
password to which I provide the winadmin login and password

After 30 seconds or so I get the following error

Computer Name Changes

The following error occurred attempting to join the domain 'tmpsrv':

Access is denied.


Any suggestions ?

Thanks

Mike


Hi,

maybe a silly question: what "winadmin" user did you use? Have you also used the password you had to setup during installation?

Just a guess.

Brgds

Patrick
02:42 PM
Patrick Muller replied to the topic Re:Roaming Profiles + Folder Redirection in the forums.
Stylus Pilot wrote:
I sorted out my issue.

To possibly help other users I will post my guide here shortly.

stay tuned.


Well,

1 year already ;o)

Did you make your guide yet? That was one of the info I was looking for.

Thx

Patrick
02:39 PM
Patrick Muller created a new topic CHDIR in flexshares and FTP in the forums.
Hello everyone,

I have now setup a ClearOS5.2.
Created users and groups in Ldap
Connected my win pc's to the domain (yes, I'm using ClearOS a a PDC)

I have created Flexshares for users and groups to use for sharing docs within their dpts.

My issue:

Connecting to the ftp via the default port (21) I get into the user's own directory.

Connecting to port 2121 I get to a ??root?? directory which shows me all manually created flexshares. I can get into the ones I have access rights to, but I can't get back to be able to browse from one share to another.
Also, I am seeing the shares I have no acces access rights for.

Solution I am looking for:

- What to do to be able to browse from share to share, inlcuding the personal one
- How to hide non accessible shares (I hve seen there is already a request for this...but never know)

Thank youin advance for any support

Best regards

Patrick
02:05 PM
Chris Fournier, Nick Howitt replied to the topic Re:Internet and DNS problems. wait til 6.2? in the forums.
I guess now would be as good of a time as any to as this question...

This is how my network is setup as far as this post is concerned.



I am using smoothwall for my webserver so one 18mbps line is dedicated to it. Its very simple and does a wonderful job.
This is not the correct way of doing this at all though. As far as I know, servers shouldn't be "multi homed".

If I were to add the other static cable line to my COS box, is it possible to make it so all traffic to and from that IP would go directly to the webserver, and only to the webserver, but still have access to it from the lan?
01:40 PM