1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Community

Get Connected

  • Join the dicussions in the online forums
  • Create your own group or join others
  • Communicate and share ideas members
  • Suggest a feature or help with a bug report
  • Access translations, develop and more
 

Members Login

Forgot your / ?

Latest Groups

  • ClearOS Tanzania Community
  • Bolivia
  • Clean Team
  • Hong Kong

New photos

  • Marcel van Leeuwen
  • Sarwar Javaid
  • Sarwar Javaid
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Sarwar Javaid
  • Aaron Bylund
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Aaron Bylund
  • Marcel van Leeuwen
  • Marcel van Leeuwen
  • Marcel van Leeuwen

Who's Online

  • ddehuiuen5
  • John
  • Julien
  • browngc
  • Emilio
  • adww2g7m
  • Chris Dole
  • Ruber Rodriguez
  • Nick Howitt
  • Kevin
  • Bhavesh
  • Jonn Taylor
  • Ricardo
  • ad223x6z
  • Marcel van Leeuwen
  • Tina

Members

  • Luc Leduc
  • pdias
  • Omana
  • Jarlaeanu Florin
  • Dennis
  • Boyd
  • Jonn Taylor
  • Discotoast
  • unicum
  • JAIME HERNAN CASTILLO
  • Bhavesh
  • samak
  • Jemuel Campogan
  • Daniel Hernandez
  • Christos Syrmas
  • imran ismail
  • Christopher Garcia
  • browngc
  • Uroš
  • vicky
  • Ruber Rodriguez

Recent activities

Today
Ricardo replied to the topic Re:MutiWAN + Proxy Fail when one out of two connections are down! in the forums.
Just tried ClearOS 6.4 SP1 x64, still not working.
08:20 AM
Tina created a new topic Firewall problem? in the forums.
Hi all,

Recently I've noticed that the firewall GUI becomes really slow, the internet becomes really slow and today I was able to see the log file at the right time. Could someone please let me know if there is a problem with my firewall?

Code:


[root@firewalls log]# tail -200 messages | more
May 23 12:54:03 firewalls dansguardian[5958]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:04 firewalls dansguardian[5959]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:06 firewalls dansguardian[5960]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:06 firewalls dansguardian[5963]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:09 firewalls dansguardian[5967]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:13 firewalls dansguardian[7355]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:13 firewalls dansguardian[11355]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:15 firewalls dansguardian[5976]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:19 firewalls dansguardian[8342]: Error connecting to proxy
May 23 12:54:21 firewalls dansguardian[7351]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[5957]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[8112]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[21632]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[2313]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[20535]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[10206]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[18508]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[18085]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[5972]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[14935]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[5974]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[28373]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[6100]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[6095]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[31120]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[9981]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[8119]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[8124]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[32100]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[7354]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[8339]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[29344]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[30215]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[10203]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[7586]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[5956]: scanFile/Memory returned error: -1
May 23 12:53:35 firewalls dansguardian[32101]: Exception whilst reading ClamD socket: Can't read from socket: Success
May 23 12:54:22 firewalls dansguardian[32097]: scanFile/Memory returned error: -1
May 23 12:54:22 firewalls dansguardian[2312]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls freshclam[3815]: DON'T PANIC! Read http://www.clamav.net/support/faq
May 23 12:54:27 firewalls freshclam[3815]: bytecode.cld is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
May 23 12:54:27 firewalls freshclam[3815]: Database updated (2342480 signatures) from db.local.clamav.net (IP: 128.177.8.248)
May 23 12:54:26 firewalls dansguardian[8071]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[9316]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[10207]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[7353]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[32578]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[30214]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[12994]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[6852]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[8337]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[9315]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[9317]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[10202]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[19874]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[32098]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[7352]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[8361]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[10100]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[5958]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[5959]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[5960]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[5963]: scanFile/Memory returned error: -1
May 23 12:54:26 firewalls dansguardian[5967]: scanFile/Memory returned error: -1
May 23 12:54:27 firewalls dansguardian[7355]: scanFile/Memory returned error: -1
May 23 12:54:27 firewalls dansguardian[11355]: scanFile/Memory returned error: -1
May 23 12:54:27 firewalls dansguardian[5976]: scanFile/Memory returned error: -1
May 23 12:54:27 firewalls dansguardian[32101]: scanFile/Memory returned error: -1
May 23 12:54:23 firewalls dansguardian[8129]: scanFile/Memory returned error: -1
May 23 12:54:27 firewalls freshclam[3815]: Clamd successfully notified about the update.
May 23 12:54:27 firewalls clamd[3787]: Reading databases from /var/lib/clamav
May 23 12:54:41 firewalls clamd[3787]: Database correctly reloaded (2337066 signatures)
May 23 12:54:48 firewalls clamd[3787]: /tmp/tf8HI0XG: Heuristics.Broken.Executable FOUND
May 23 12:55:30 firewalls clamd[3787]: /tmp/tfphZTXP: Heuristics.Broken.Executable FOUND
May 23 12:56:03 firewalls clamd[3787]: /tmp/tfAhgh0y: Heuristics.Broken.Executable FOUND
May 23 12:56:36 firewalls clamd[3787]: /tmp/tfCsD6AC: Heuristics.Broken.Executable FOUND
May 23 12:56:43 firewalls clamd[3787]: /tmp/tfZwuv76: Heuristics.Broken.Executable FOUND

07:19 AM
Jonn Taylor created a new topic TFTP timeout in the forums.
I have been using ClearOS for a very long time and have been very happy with it. Thanks to all that contribute!

I have 2 ClearOS 5.2 servers that will not allow clients to pass tftp traffic to an external tftp server. I have a ClearOS 6 server at home and this one allows the tftp traffic to the external server. I have no outgoing firewall rules, all traffic is allowed.

Any idea what could causing this. I did captures and you can see the request for the file and the file starts to transfer. I see one packet and then the request for the file again. This happens a few times and then the client times out.
03:28 AM
Lionel replied to the topic Re: Resolve DNS Issue Multi Wan in the forums.
Hi Nick

Not sure if you saw my reply above about what the problem was and how I managed to solve it

Thanks
02:58 AM
Amit Sharma created a new topic Cannor specify servicename for DSL/PPPoE connection in the forums.
My DSL provider requires that I specify a servicename for the DSL connection that I have taken and the web interface does not allow that. I know it's because he's running miltiple services on the same physical network but the net result is that I'm not able to connect to the internet connection. Just to specify, it is a Multi-Wan setup that I'm setting up here with a 2M/2M Lease line as thebackup/incoming VPN connection which I'm forced to use as my primary for now and a 10M/10M PPPoE connection that I intend to use as my primary connection.

I can very well install a router to interface with my provider and just run the second external interface on a static IP configuration but that would induce another layer of NAT which would essentially kill a lot of services running on user machines inside the local network.

Anyone know of a way to add a servicename to the login parameters?
01:16 AM
Andi Micro replied to the topic Re: Virtual host Problem in the forums.
Sorry for late response.

When i ping both subdomains from external network, it shown same ip, that is my server public ip address.
When i access elearning.smpn1-bjb.sch.id it open right program, but when i access sisfokol.smpn1-bjb.sch.id it open my main website, it same with opening smpn1-bjb.sch.id
It seems sisfokol always redirect to main website, not leads to subdomain folder.
01:13 AM
Robin created a new topic Quarantine Very Slow in the forums.
5.2

We have been runnign CO 5.2 for 2.5 years and have always experienced problems with quarantine being very slow to open the inital page and even slower on the actual quarantine itself.

Is this a common issue or have we got an issue.

I am currently using the quarantine-purge script to clear down ~5000 items as I can't get into it via the web console reliably.

Rob
12:40 AM
Wayne Osborn replied to the topic Re:Big Error in the forums.
There is strange bug with the DHCP module that I too am trying to debug.

I have been deleting old leases that come back when I refresh the page.
12:15 AM
Yesterday
Lionel replied to the topic Re: Resolve DNS Issue Multi Wan in the forums.
Hi Nick

Thank you for taking the time to resolve this. I have bridged both wan connections and have set both WAN's to pppoe. The both get an IP from my ADSL routers.

Still I have the same issue. when I have both enabled my computers won't connect to the internet the browser just hangs waiting for a response. As soon as I remove one of the WAN's whala internet is flying.

This is a fresh install of Clearos. I was running this setup for a long time and last week it just randomly started this issue where i cant have two WAN's configured.

Dont know if its multi-wan? where can I see a log of what happens when my computer tries to make a connection when 2 WAN's are enabled?

Thanks
10:32 PM
RAzvan replied to the topic Re:Big Error in the forums.
I really do not know how to fix ...

I wana that people who join network wit phone or other devices to get unique ip but not the 192.168.0.101 becouse 192.168.0.101 it is the primary ip of an billing server and if people will join means that they will use both ip.

The problem it is that even on the phone device if i check i see the real ip 192.168.0.22 and not the secondary ip .

This is really wierd ...
09:05 PM
RAzvan created a new topic Big Error in the forums.
I have a big problem wich i do not know how to fix it ...

I have some devices Phones like Iphone , Samsung wit IOS , Android and when they conect to wireles network they get one ip example : 192.168.0.22 , on the ClearOS sistem it show : 192.168.0.22 but if i check wit other software ColaSoft Analizer as example it show that folowing mac of ip 192.168.0.22 have + another ip 192.168.0.101 wich it is really wierd and i do not understand why .


imageshack.us/photo/my-images/19/errzg.jpg/

First Image : imageshack.us/photo/my-images/19/errzg.jpg/

imageshack.us/photo/my-images/62/errnew.jpg/

Second Image : imageshack.us/photo/my-images/62/errnew.jpg/
08:58 PM
Omana created a new topic Content Filtering not working when using clearos as an inline transparent proxy in the forums.
Hi,

I have recently setup a clearos 6.4 server and am new to the system.

The server is acting as an inline transparent proxy and was setup according to the instructions in the following link.

www.clearfoundation.com/docs/howtos/network_bridging


Here is a brief diagram of the current setup:

LAN <-> ClearOS(transparent bridge) <-> Router (publicIP) -> Internet

All of this is pretty straight forward and the network is able to connect to the internet without any problems.

The problem though is that I want to utilise the content filter to filter certain sites, but the filtering doesn't seem to work at all in fact all the traffic appears to bypass this component completelely. I can't figure out why this is occurring, and all my searches on using a bridged clearos box the only thing mentioned is to use firewall rules which isn't going to help in my case.

I've gone through all the basic checks such as confirming that the web proxy is running as well.

I've also tried changing the /etc/clearos/network.conf file to redeifne the extif and lanif - after trying various combinations I've left it at the recommended br0 for both interfaces.

I did note though that setting the mode=trustedgateway caused the network mode to be blanked out.
I have since changed network mode to: Gateway Mode using the web interface

Really appreciate some assistance on this as it has left me scratching my head all day as to the cause. None of the changes I have made have had any effect.

Thanks.
07:18 PM
Jemuel Campogan ClearOS Web Proxy sometimes asks for credentials even though I have already provided the correct one... I wonder why. 06:28 PM
Todd E Thomas, Keith replied to the topic Re:Passing Remote PCI Vulnerability / Audit Scans in the forums.
When I had to deal with this, the company performing the PCI scan sent us an email about a week before the monthly scan Those emails gave the IP Addresses they would be scanning FROM.

I took each of those IPs and entered them into the interface (described above) and the scans came back perfectly clean because those IPs are effectively blocked. They will never deliver a single result.

That being said, you should still address real problems. I would say the ones that come back as "Critical" or "High"; anything that is "Low", a "Warning" or "Informational" can reasonably be ignored. They are defined, scored, and maintained by the NVD (National Vulnerability Database). Here's an examples:

CVE-2004-2069: Medium.
You can begin parsing this with the CVE number: 2004-2069 = reported in 2004, and the 2069 issue reported (or whatever). The Open SSH guys are great about patching. This was handled LONG ago.

You can search the page for "redhat" and follow the link. They report that this issue was fixed in 2005-09-28 and you are safe if you update to version openssh-3.6.1p2-33.30.6.x86_64.rpm or greater.

From there you can verify the version of the package you have installed:

# rpm -qa openssh

Sometimes you can even find the CVE number in the changelog:

# rpm -qa openssh --changelog | grep CVE-2004-2069
(this only sometimes produces a result)
---

Here's the way it works:
IF the PCI scanner reports some vulnerabilities LIKE this, and you verify that your package is patched using the method above, then it's a False Positive and should therefore be stricken from further discussion - meaning - the PCI scanner is reporting falsely and should be fixed itself.

But, real issues should be fixed.

Keep a spreadsheet for your personal records. Any company that does this once will do it again. You should keep a running record of vulnerabilities you have "Fixed", all "False Positives", ones that fall in the "Who cares" column, or whatever - it will help your sanity and shorten BS conversations about the same thing over and over....

Good luck,

TT
05:41 PM
Wayne Osborn, Sorin replied to the topic Re:How to I Block Torrent Download in the forums.
Sorin wrote:
I use

Code:


iptables -I FORWARD -p tcp -m multiport --dports 1024:65535 -m iprange --src-range 192.168.0.1-192.168.0.100 -j DROP
iptables -I FORWARD -p udp -m multiport --dports 1024:65535 -m iprange --src-range 192.168.0.1-192.168.0.100 -j DROP


Ditto! And my son hates me. He was pulling 25GB per day... Now he has to ask for ports to be opened for his PS3. Apparently I am a Nazi.
03:51 PM
Ricardo Abrantes replied to the topic Re:Restrict incoming PPTP VPN to one IP range in the forums.
I have pptp server running withs system user, but i need a static ip for this user, to block the access..

I put quotes marks " but nothing...
09:14 AM
Luc Leduc added My twitter updates application 06:31 AM
Lionel created a new topic Resolve DNS Issue Multi Wan in the forums.
Hi There.

External 1 - 10.0.0.101 (primary DNS 196.43.34.190)
External 2 - 196.168.1.103 (primary DNS 196.43.34.190)
LAN - 192.168.1.1

I am confused with how to solve this problem.

I have Multi-wan setup on cleorOS 6.2. When I configure my IP setting to have 2 external card configured as mentioned above and I set my DNS server manually to 196.43.34.190 I can't connect to the internet.

If I use the exact same setting with only 1 external (either the 10.0... or 196.1...) it works fine.

So both externals work through DNS 196.43.34.190.

But I cant have them both configured because then i have no internet?? What am I missing?

I have unchecked automatic DNS on each external.

Thanks
01:58 AM
2 days ago
wixman created a new topic exception lists on proxy filtering is possible on 6.4? in the forums.
Hi everyone,

I'm new to clearOS and testing latest community version so far. I have enable proxy and web access control using the timing option. The scenario Im thinking of is:

50 users have full access to the internet during all day
50 users will not have access except for 5 o 6 specific websites.

I have already accomplished the part for permitting 50 and blocking 50 using the timing option but how do I create an exception list to list the specific websites that will be permitted for the blocked users? is it possible to do with any of the free modules?

Thanks in advance.
07:50 PM