1
17.7 Legacy Series / Re: Tor is unusable [HALF-SOLVED, tor feature needs correction]
« on: October 23, 2017, 02:56:48 pm »
Thanks, Franko ! It's working now.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Development and Code Review / Re: Feature correction request: TOR binding
« on: October 23, 2017, 02:55:02 pm »
Thanks !
Looks like it's working. I have another question, though: should i uninstall the patch before installing the next update, or can is install the update right away once it is released ?
Looks like it's working. I have another question, though: should i uninstall the patch before installing the next update, or can is install the update right away once it is released ?
3
Development and Code Review / [SOLVED] Feature correction request: TOR binding
« on: October 20, 2017, 07:59:22 pm »
Tor binds only to interface's main IP, but not to virtual IP. Please provide the possibility to bind TOR to virtual IPs to make it usable in HA scenario.
4
17.7 Legacy Series / Re: Tor is unusable
« on: October 20, 2017, 07:46:58 pm »
Sorry, i'm stupid. But also, that's an unfinished feature from developer side.
Well, tor binds to interface main address, but not to virtual ip. While i have a HA config with CARP, i tried to use a CARP ip, so i subsequently got nothing.
Due to this i've got a feature request: please make tor bindable to virtual IPs.
Well, tor binds to interface main address, but not to virtual ip. While i have a HA config with CARP, i tried to use a CARP ip, so i subsequently got nothing.
Due to this i've got a feature request: please make tor bindable to virtual IPs.
5
17.7 Legacy Series / Tor is unusable [SOLVED]
« on: October 20, 2017, 07:36:25 pm »
Sorry. It had started after second reboot. But now i can't use it. I've created an ACL for my LAN network, Configured browser to use GW address with port 9050 as proxy, but it's not working. I've got only timeouts.
6
17.7 Legacy Series / Tor is unusable [SOLVED]
« on: October 20, 2017, 07:12:14 pm »
Well, i installed the plugin, rebooted, assigned interfaces like it was said in howto, enabled service, and... "root: /usr/local/etc/rc.d/tor: WARNING: failed to start tor". I don't have a clue what i should to to make it start. I can't even find it's logs.
Please advise.
Please advise.
7
17.7 Legacy Series / Re: C-icap seems to be inoperable in 17.7.5
« on: October 18, 2017, 08:26:19 pm »
Looks like this does the trick.
Also, while i was waiting for the answer, i looked into c-icap configs and found string "virus_scan?allow204=on&mode=simple", that also worked.
Also, while i was waiting for the answer, i looked into c-icap configs and found string "virus_scan?allow204=on&mode=simple", that also worked.
8
17.7 Legacy Series / Re: C-icap seems to be inoperable in 17.7.5
« on: October 18, 2017, 05:27:21 pm »
Request and response string is now "icap://127.0.0.1:1344/avscan/".
access.log:
--------------------------------------------------------
18/Oct/2017:18:21:48 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
18/Oct/2017:18:24:29 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
--------------------------------------------------------
Looks like it is still not working.
access.log:
--------------------------------------------------------
18/Oct/2017:18:21:48 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
18/Oct/2017:18:24:29 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
--------------------------------------------------------
Looks like it is still not working.
9
17.7 Legacy Series / Re: C-icap seems to be inoperable in 17.7.5
« on: October 18, 2017, 02:49:28 pm »
Here they are:
10
17.7 Legacy Series / Re: C-icap seems to be inoperable in 17.7.5
« on: October 17, 2017, 10:39:34 pm »
Server.log:
Tue Oct 17 22:00:10 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:00:12 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:00:12 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:00:13 2017, 14669/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15001/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15222/348217344, recomputing istag ...
Tue Oct 17 22:05:53 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:10:14 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:10:14 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:10:49 2017, 68377/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68409/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68251/687955968, recomputing istag ...
Access.log:
17/Oct/2017:22:00:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:04:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:16:28 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:20:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:23:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:26:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:29:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:33:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:36:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:40:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:44:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:48:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:52:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:55:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:00:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:04:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:10:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:15:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:20:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:25:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:30:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:33:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:36:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
Tue Oct 17 22:00:10 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:00:12 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:00:12 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:00:13 2017, 14669/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15001/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15222/348217344, recomputing istag ...
Tue Oct 17 22:05:53 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:10:14 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:10:14 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:10:49 2017, 68377/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68409/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68251/687955968, recomputing istag ...
Access.log:
17/Oct/2017:22:00:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:04:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:16:28 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:20:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:23:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:26:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:29:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:33:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:36:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:40:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:44:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:48:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:52:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:55:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:00:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:04:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:10:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:15:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:20:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:25:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:30:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:33:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:36:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
11
17.7 Legacy Series / [SOLVED] C-icap seems to be inoperable in 17.7.5
« on: October 17, 2017, 09:40:27 pm »
Installed 2 opn 17.7.5 boxes in HA config. The problem came up when i tried to attach ClamAV to Squid. Well, i installed Web Proxy, C-icap and ClamAV plugins, enabled c-icap, told Squid to use c-icap... And got an error:
------------------------------------------------------------------------
The following error was encountered while trying to retrieve the URL: http://www.ya.ru/
ICAP protocol error.
The system returned: [No Error]
This means that some aspect of the ICAP communication failed.
Some possible problems are:
•The ICAP server is not reachable.
•An Illegal response was received from the ICAP server.
------------------------------------------------------------------------
Well, i entered the OPN console, launched netstat... And, as i thought, there was nobody listening at icap port. The web GUI is showing the c-icap service running though, that is strange.
What should i do to get the thing running ?
------------------------------------------------------------------------
The following error was encountered while trying to retrieve the URL: http://www.ya.ru/
ICAP protocol error.
The system returned: [No Error]
This means that some aspect of the ICAP communication failed.
Some possible problems are:
•The ICAP server is not reachable.
•An Illegal response was received from the ICAP server.
------------------------------------------------------------------------
Well, i entered the OPN console, launched netstat... And, as i thought, there was nobody listening at icap port. The web GUI is showing the c-icap service running though, that is strange.
What should i do to get the thing running ?
12
17.7 Legacy Series / Re: 17.7.4 - no web proxy config replication in HA mode
« on: October 05, 2017, 03:21:35 pm »The sync is not always executed on web proxy settings changes.But why ?
Furthermore, I don't believe the proxy is being restarted automaticallySquid service restart doesn't do the trick, only the full reboot. And even this doesn't help every time.
13
17.7 Legacy Series / 17.7.4 - no web proxy config replication in HA mode
« on: October 04, 2017, 10:54:29 pm »
Hi guys.
Installed two 17.7.4 boxes in HA mode and had encountered strange behavior. When i change some settings (fw rules, nat rules, gw settings, etc.) on main box it replicates to backup box instantly except one thing: web proxy. When i change web proxy settings on main box, they keep unchanged on the backup box until reboot, or even do not replicate at all. Is that a bug, or maybe i have forgotten to do something ?
Installed two 17.7.4 boxes in HA mode and had encountered strange behavior. When i change some settings (fw rules, nat rules, gw settings, etc.) on main box it replicates to backup box instantly except one thing: web proxy. When i change web proxy settings on main box, they keep unchanged on the backup box until reboot, or even do not replicate at all. Is that a bug, or maybe i have forgotten to do something ?
Pages: [1]