Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - evanrich

Pages1
#1
Zenarmor (Sensei) / Re: Repeated "Ethernet detached" events / Flapping caused by Sensei Zenarmor?
April 05, 2023, 05:02:56 AM
 
Quote from: BNaCl on March 30, 2023, 02:04:25 PM
@evanrich - Just making sure you aren't getting incorrect info here.


Thanks.  I'm not using bridged mode, but I am having issues with ZA in routed mode.  Every time I put it in Routed with native netmap driver, i get reapted ethernet flapping on all my interfaces.   I have a single 10G interface (ix1) that then has vlans on it, and if I watch the logs, I see all the vlans flap at random intervals.  Disabling ZA stops this.  I had tried both native and emulated, but not bridged, so I was hoping that the netmap driver update was the fix for me.   It's good to know you're not using quite the same config, but I would bet there might be a relation between both problems.
#2
Zenarmor (Sensei) / Re: Repeated "Ethernet detached" events / Flapping caused by Sensei Zenarmor?
March 30, 2023, 07:23:04 AM
Did they ever fix this? I've had zA turned off for weeks now because everything I try causes it to flap non-stop.  Only passive mode works.  The last post says "a couple weeks" but i haven't seen an update to ZA in a long time.
#3
22.7 Legacy Series / Re: Multiple services don't work after update to 22.7
August 03, 2022, 06:55:48 AM
Quote from: RamSense on August 02, 2022, 09:17:38 PM
what settings do you use? Enable syncookies : always ?

I have it set to "adaptive"  start 60, end 30, and whatsapp, facebook etc all is working fine.

do you have any issues with zenarmor dashboard graphs by chance? mine weren't showing either.

Edit: nvm i tried it and zenarmor works too.  You're a life saver.
#4
22.7 Legacy Series / Re: Multiple services don't work after update to 22.7
August 03, 2022, 06:53:23 AM
interesting, i had it turned on to always.
#5
22.7 Legacy Series / Multiple services don't work after update to 22.7
August 01, 2022, 08:08:25 PM
I ended up having to roll back (fresh install) 22.1.10_4 after experiencing numerous issues with some services.   

After updating, Whatsapp, facebook messanger, facebook (web), youtube, and a few other services woudl not load, both on my desktops and mobile devices.   Nothing between 22.1.10 and 22.7 changed, but as a test, I disabled (completely shut off, and in some cases uninstalled)  the following:

Suricata
Zenarmor
c-icap/clamav
any firewall rule/nat rule for the above
disabling any custom tuning parameters

I see traffic going outbound to say, whatsapp via the live log, but for whatever reason, they never work.  I also attempted multiple restarts of the firewall but that didnt' help.   I also tried to use external DNS thinking it might be an issue with unbound (after seeing another post about unbound restarting) but this didn't help either.

As soon as I rolled back to 22.1.10_4, re-importing the exact same config I had (with all those services enabled)   facebook/youtube/whatsapp etc started working again.

Also of note, is that the zenarmor dashboard graphs would not render either, they just showed some error (forget what it said).  22.1.10 worked, so my guess is maybe zenarmor doesn't play nicely with php8?

At some point i might try a fresh install of 22.7 again, but based on this and other issues present I'll probably wait for 22.7.1 or what not to come out.   Open to thoughts on what it could be though.  For what it's worth, switching between OpenSSL and LibreSSL didnt change anything either (yes I read the upgrade guide and had switched back to OpenSSL prior to upgrading to 22.7)
#6
22.7 Legacy Series / c-icap / clam AV don't work after 22.7
July 30, 2022, 08:59:02 AM
I had c-icap set up and working with webproxy/clam av in 22.1.10_4, but after updating to 22.7, i notice some issues.  In the c-icap logs, it shows:
Code Select
Fri Jul 29 23:53:52 2022, main proc, Possibly a term signal received. Monitor process going to term all children
Fri Jul 29 23:53:41 2022, main proc, Possibly a term signal received. Monitor process going to term all children
Fri Jul 29 23:53:39 2022, 27129/12672768, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:39 2022, 27129/12672768, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:39 2022, 27129/12676352, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:39 2022, 27129/12669184, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:39 2022, 27129/12669184, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:39 2022, 27129/12672768, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:39 2022, 27129/12672768, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:39 2022, 27129/12669184, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:39 2022, 27129/12669184, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:39 2022, 27129/12672768, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:37 2022, 27129/12670976, Antivirus engine is not available, allow 204
Fri Jul 29 23:53:37 2022, 27129/12670976, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:37 2022, 27129/12669184, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:36 2022, 27129/12670976, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:36 2022, 27129/12670976, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:36 2022, 27129/12676352, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:36 2022, 27129/12672768, Registry 'virus_scan::engines' does not exist!
Fri Jul 29 23:53:36 2022, 27129/12678144, Registry 'virus_scan::engines' does not exist!

I've tried restarting clamav, c-icap, webproxy, etc, nothing works...anyone have any ideas?
Pages1