[Résolu moi-même][NOT RESOLVABLE-RESOLUTION FAILURE] Mailtrail doesn't work

[Darkopnsense]

Hi,

Franco
In console mode SENSOR requests the installation of 'schedtool'

mimugmail
no error message when browsing https or https with different browser on this address.

cordially,

[mimugmail]

mimugmail
no error message when browsing https or https with different browser on this address.

cordially,

OK, and where exactly is the problem? I'm a bit confused

[Darkopnsense]

Hi,

According to my analysis and my understanding, I had traffic and reports in MALTRAIL then nothing.

I noticed and researched why the message "Updates to this section also require a restart via the Sensor or Server menu." stay in maltrail / general.
In console mode, SENSOR asks me to install 'schedtool'.

But I don't know where to find the version of freebsd.
If you can give me an "http" link to deploy it with wget


cordially

[mimugmail]

the schedtool is just a info, not a requirement.
Are you on the latest version? Can you set Listen Interface on LAN?
Maybe it need an hour to load all trail to see new data.

[Darkopnsense]

os-Maltrail 1.3
Maltrail 0.16
Py27-pcapy 0.11.1
Sensor 0.15.56
Server 0.15.56

[mimugmail]

Also when you set listening port on LAN? Usually this only happens when you set this on PPPoE

[Darkopnsense]

Hi,

I made a point mimugmail.

In Services / maltrail / General -> I listen to LAN, WAN, WIFI

In Services / maltrail / sensor -> I capture all

When connecting to http: // my-ip: 8338, there is nothing all white and zero.

Maltrail apparently works but does not record any traffic.

An idea ?

Regards,

[mimugmail]

What is the type of your WAN? Pppoe, dhcp, static?

[Darkopnsense]

DHCP

[mimugmail]

Ok, try to select only LAN and do a ping from internal to the one test IP in the docs

[Darkopnsense]

Hi,

I modified
In Services / maltrail / General/Monitor Interface -> LAN,

I have a problem of misunderstanding following the translation
"ping internally to one test IP in documents"

Did I have to understand

root@Pare-Feu:/usr/local/share/maltrail # ping 192.168.66.66
PING 192.168.66.66 (192.168.66.66): 56 data bytes
64 bytes from 192.168.66.66: icmp_seq=0 ttl=64 time=0.083 ms
64 bytes from 192.168.66.66: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 192.168.66.66: icmp_seq=2 ttl=64 time=0.051 ms
64 bytes from 192.168.66.66: icmp_seq=3 ttl=64 time=0.048 ms
64 bytes from 192.168.66.66: icmp_seq=4 ttl=64 time=0.044 ms

Regards,

[Darkopnsense]

Hi,

After reading the following link
https://github.com/stamparm/maltrail

Here are my results :

root@Pare-Feu:/ # ping -c 1 192.168.66.66
PING 192.168.66.66 (192.168.66.66): 56 data bytes
64 bytes from 192.168.66.66: icmp_seq=0 ttl=64 time=0.043 ms

--- 192.168.66.66 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.043/0.043/0.043/0.000 ms


root@Pare-Feu:/ # cat /var/log/maltrail/$(date +"%y-%m-%d").log
Illegal variable name.


root@Pare-Feu:/ # nslookup morphed.ru
nslookup: Command not found.


I'm stunned!

Regards,

[mimugmail]

You have to ping this IP from a LAN PC: 136.161.101.53
And then check the GUI if you see an alert.

[Darkopnsense]

Hi,

If I understood correctly

on a windows computer
cmd
ping 136.161.101.53 -t
= Réponse de 136.161.101.53 : octets=32 temps=98 ms TTL=47


on Maltrail
= no matching threats found

above my results

Regards,

[mimugmail]

When you go to CLI, what happens when you type:

/usr/local/etc/rc.d/opnsense-maltrailsensor stop
python2.7 /usr/local/share/maltrail/sensor.py

Output please ...