Re: [Efw-user] High availability for web server
Look at HA Proxy On Wed, Mar 22, 2017 at 2:11 PM, Juan Pablo Botero < juanpabloboterolo...@gmail.com> wrote: > Hi. > > We are a restaurant and have a web server with a system information to > reservations. > I need to configure a second server with the same system as high > availability. > > So, i want to know is that possible with endian?, i am thinking in work > with DNS registry to the same subdomain and get the high availability. > > Is possible this scenario?, or endian has this possibility? > > thanks. > > -- > Cordialmente: > Juan Pablo Botero > > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > ___ > Efw-user mailing list > Efw-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/efw-user > > -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW Community 3 Devel BlackList All ** not working
Hi Agenzia, Maybe your Access Policy isn’t defined correctly or there is another Filter profile which rule is being hit? The position (order) counts. Can you post more specific details, maybe a screen grab of your configuration? Kind regards, Sam On 30 Apr 2015, at 5:18 pm, Domenico DI MIERI tecn...@finsea.net wrote: Hi Thank you for your answer but I can’t move to non transparent proxy and no, My installation on Endiwn Firewall Community 3.0 devel does not work with regular expressions nor “*.*” or “**”: I have to use the whole name of a domain to block it. image001.jpg Agenzia in Attività Finanziaria Fin.Se.A. Srl Iscrizione OAM n°A8065 - RUI IVASS n°E000276207 Domenico Di Mieri Via Provinciale, 177 - 84039 Teggiano (SA) Tel. 0975.73452 - Fax. 0975.739900 e-mail: domenico.dimi...@finsea.net mailto:domenico.dimi...@finsea.net Da: Menaka Tharanga [mailto:menakatharanga2...@gmail.com] Inviato: giovedì 30 aprile 2015 06:32 A: efw-user@lists.sourceforge.net Oggetto: Re: [Efw-user] EFW Community 3 Devel BlackList All ** not working Hi. *.* this working all sites are block .can you change non transparent proxy policy. On 27 April 2015 at 18:35, Domenico DI MIERI tecn...@finsea.net mailto:tecn...@finsea.net wrote: Hi I’m missing something for sure, but I’m not able to blacklist all sites when I define a new filter for transparent proxy policy. Can you please give me som hints? Thank you image001.jpg Agenzia in Attività Finanziaria Fin.Se.A. Srl Iscrizione OAM n°A8065 - RUI IVASS n°E000276207 Domenico Di Mieri Via Provinciale, 177 - 84039 Teggiano (SA) Tel. 0975.73452 - Fax. 0975.739900 e-mail: domenico.dimi...@finsea.net mailto:domenico.dimi...@finsea.net -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user https://lists.sourceforge.net/lists/listinfo/efw-user -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] QoS for equally distirbuting bandwidth among users
I utilse delay_pools in the squid.custom On Tue, Feb 11, 2014 at 8:48 PM, Lorenzo Milesi lorenzo.mil...@yetopen.itwrote: If you have HTTP Proxy enabled, you could add an access policy to destination domains and restrict the updates based on time if is possible (e.g. only on Friday after working hours, for 30 minutes you are allowed to have Windows Updates). Even if not really adherent to my original request I applied this solution to work around accessibility problem, by blocking windowsupdate.microsoft.com v4.windowsupdate www.windowsupdate.com download.windowsupdate.com wustat.windows.com officeupdate.microsoft.com office.microsoft.com crl.microsoft.com download.microsoft.com during office hours. My original request should be possible on a normal linux machine using FairNAT [1] script. Not really up to date but could still work. [1] https://github.com/frostschutz/FairNAT -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY - Tel 0341 220 205 - Fax 178 6070 222 GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it D.Lgs. 196/2003 Si avverte che tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. -- Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151iu=/4140/ostg.clktrk___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] [EFW 2.5.1] System Access Rules not working
Hi, Are you setting this under Firewall System Access ? This is remembered after restart for me. Sam. On 04/09/2012, at 7:06 PM, Ahmed Morgan akha...@gmail.com wrote: I did you setps with no luck I can access to server if add to iptables from ssh to EFW Server # iptables -A INPUT -p TCP -i eth1 --dport 10443 -j ACCEPT but how can I add to startup to load when EFW booting ? On Mon, Sep 3, 2012 at 3:50 PM, compdoc comp...@hotrodpc.com wrote: I like EFW and I have 2.5.1 , but my problem with System Access is now working When I add rule Source Address: blank Source Interface: Any service:User define protocol: TCP : 10443 policy action:allow enabled: checked Mine works when set this way: Source Address: blank Source Interface: RED service:ANY protocol: TCP : 10443 policy action:allow with IPS Position First enabled: checked -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- __ __ __ / __ \| |__ _ __ ___ ___ __| | | \/ | ___ _ __ __ _ __ _ _ __ / / _` | '_ \| '_ ` _ \ / _ \/ _` | | |\/| |/ _ \| '__/ _` |/ _` | '_ \ | | (_| | | | | | | | | | __/ (_| | | | | | (_) | | | (_| | (_| | | | | \ \__,_|_| |_|_| |_| |_|\___|\__,_| |_| |_|\___/|_| \__, |\__,_|_| |_| \/ |___/ _ _ _ _ _ | | (_)_ __ _ ___ __/ \ __| |_ __ ___ (_)_ __ | | | | '_ \| | | \ \/ / / _ \ / _` | '_ ` _ \| | '_ \ | |___| | | | | |_| | / ___ \ (_| | | | | | | | | | | |_|_|_| |_|\__,_/_/\_\ /_/ \_\__,_|_| |_| |_|_|_| |_| -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Announcement: Endian Firewall Community 2.3rc1
Go to http://www.endian.com/en/community/efw-updates/ and register, then you will receive an email with simple steps on how to upgrade your machine via ssh. Easy. I did this from 2.1 to 2.2 and I was up and running again in half-hour. On 22/09/2009, at 2:22 AM, Gabriel - IP Guys wrote: Thank you for this distro. It is great! And I have *never* rebooted since I installed months ago. I even FORGOT I had the Endian firewall up and running, because it's not even part of my daily routine, (which is a good thing!). What I would like to know, is how can I upgrade when the new version is ready, without having to do a complete reinstall? -Original Message- From: Christian Graffer [mailto:christ...@endian.com] Sent: 17 September 2009 22:39 To: efw-user@lists.sourceforge.net Subject: [Efw-user] Announcement: Endian Firewall Community 2.3rc1 Hello everybody, Although it has been a while since our last official statement we never stopped working on a new release in the background. Today I have good news for you! I am proud to announce the first release candidate of our Endian Firewall Community 2.3 which is now available at: http://www.endian.com/en/community/download/ Please remember that this is not the final release. Therefore do not use it in production environments unless you know what you are doing. Should you find any bugs do not hesitate and add them to our bugtracker at http://bugs.endian.com/ *AFTER* you have made sure that the bug has not been reported already. This release includes many features that were previously available only to users of the Enterprise version as well as some completely new features. These new EFW Community features are: ** Backups Backups can now be stored to and recovered from attached USB mass storage devices. It is also possible to schedule automatic backups and to send encrypted backups via email. ** Dashboard The main page has been replaced by a dashboard with statistics about the system and its services as well as live-graphs for incoming and outgoing traffic. ** Email notifications Emails can be sent automatically for predefined events. ** HTTP proxy time based access control With the new interface it is possible to add time based access control lists for the HTTP proxy. ** HTTP proxy with user- and group-based content filtering The HTTP proxy now has a new and polished web interface that adds the possibility to create group based content filters. ** Intrusion Prevention Snort rules can now be configured. It is possible to drop packets as well as to log intrusion attempts. ** Policy routing Routing rules can be created based on the interface, MAC address, protocol or port of a packet. ** Port forwarding rewrite In version 2.3 it is possible to add port-forwards from any zone (only from the RED zone previously). Port forwarding without NAT is now also supported. ** Quality of Service Traffic Shaping has been replaced by a fully configurable Quality of Service module. QoS devices, classes and rules can be defined. ** SNMP support Basic SNMP support has been added. ** SMTP proxy web interface rewrite The web interface of the SMTP proxy has been rewritten with focus on usability. ** VLAN support (IEEE 802.1Q trunking) It is now possible to create VLANs on every interface. The VLAN interfaces can be used to distinguish connections in the same zone. Enjoy the release! Christian and the whole Endian team --- --- Come build with us! The BlackBerryreg; Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9#45;12, 2009. Register now#33; http://p.sf.net/sfu/devconf ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Come build with us! The BlackBerryreg; Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9#45;12, 2009. Register now#33; http://p.sf.net/sfu/devconf ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Come build with us! The BlackBerryreg; Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from
Re: [Efw-user] Windows Authentication Problems
May be obvious but port 80 outgoing blocked? On 16/07/2009, at 10:28 PM, Guilherme Rocha wrote: Hello folks, I'm a very satisfied endian user, since the first versions, so I'm not exactly a endian and linux newbie, but ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows authentication. I already joined the domain successfully, all AD groups are listed inside Endian Group Policies, I choose the groups that have permissions to navigate the web, etc... My issue makes reference to the need to specify the proxy in the browser settings. I only can use AD authentication if I set the proxy inside the browsers. If I didn't set it, users still browsing the web like in transparent mode. Can someone find a motivation to this behavior? I already did read all this references: http://kb.endian.com/entry/49/ http://efwsupport.com/index.php?topic=547.msg1396;topicseen http://solaria.endian.it/screencasts/advanced_groups.html http://www.advproxy.net/ldapads.html thanks for answers. hugs -- -- Guilherme Rocha GF7 Doc Systems - Soluções Tecnológicas Pesquisa e Desenvolvimento - World Wide R. João Goulart, 170 - Rio Pardo - RS - CEP 96640-000 Mobile: +55 51 81400360 - Home Page: http://www.gf7.com.br -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] squid-graph using high CPU and RAM making EFW slow
Resolved this by biting the bullet and upgrading to 2.2 Got other issues now though, will create a new thread for them. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Problem with Windows Authentication
Just upgraded to 2.2 This use to work fine under 2.1 I tried to Join the Windows Domain but got a ads_connect: No such file or directory error. Read up and found I needed to add a Custom Nameserver into Proxy DNS Custom Nameserver. Once added it in I get new error ads_connect: Resource temporarily unavailable I also get this error above it dnsmasq is stopped Starting dnsmasq: [FAILED] But I cannot find any information about this error. I now also cannot access the Internet when this Custom Nameserver is there. Please help if you can! Sam. -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Connecting to remote offices via VPN
Hi Kenneth, Sounds like overkill, a lot of work setting up 2 new Endian boxes and VPN the 3 together for a simple web based service. I believe it would be best (if possible) to get a static IP address at the main office, set up the server as a web server for the Internet, set up and require SSL connection if the connection is from an external IP (done in the PHP code with the variable $_SERVER['REMOTE_ADDR']), and require a username and password if connection is external IP (can be a generic one if you want, but your security is only as good as your passwords). Won't affect internal use at the main office. Would work better, more reliable and just as secure as a VPN.. I would prefer to spend the time setting it up like this then to go to all the other hassle. And you don't need any new hardware saving $$$. If you find you need to share other network resources, ie printer, shared folders etc then I would agree with VPN, however if it is purely web based that's all you need. Let me know however if I've misunderstood your requirements. Sam. -- The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Firewall Search
Hi Richard, Welcome to the Endian Firewall Community! 1) Yes Endian can identify User Agent String including: AOL APT AvantBrowser Firefox FrontPage Gecko compatible GetRight Go!Zilla Google Toolbar IE Java Konqueror Lynx Netscape Opera Python urlgrabber Safari Windows Update wget and there may be more as I'm running 2.1.2 2) Yes it can send a specific squid HTTP error page to the browser, most pages for customisation live in /usr/share/squid/errors/English 3) It can allow Windows Update (see 1) but not sure about AV update, but if you have a single internal AV server you can add it's IP address or MAC address to a proxy whitelist so it can still have access out then the clients obtain AV updates from this internal server - saves a lot of downloads (same can be done for Windows Update by setting up WSUS on a Windows Server and Software Update on Mac Server) 4) Yes 5) Yes full inbound and outbound firewall with port redirection etc 6) Yes we currently have it running in a school of 550 students and 80 staff and it goes quite well - however this depends on your hardware 7) It's FREE + hardware As for a consultant for Endian customisation I'm not sure of any, what sort of things are you wanting customised? HTTP error pages? Or more like adding other features to the box? Hope this helps! Sam. -- This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Green, Green? Green, Blue? Something new?
Have you tried with a straight through cable? I don't think you need a cross over. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] OpenVPN two Endian Firewalls can't get working
Awesome thanks Mike, I've got it set up like this now and it's working great so far. Now I'm going to set up a new Domain Controller and see how that goes. Thank you so much for your suggestion. - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] OpenVPN two Endian Firewalls can't get working
Yes that seems like a good idea. Any ideas on how I can get traffic through the tunnel? - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] OpenVPN two Endian Firewalls can't get working
Hi, Thanks for your reply. If I used routed connections would users still be able to connect to other workstations/servers on the other LAN? The 2.1.2 EFW isn't a DHCP server, it's just got 192.168.100.200 as it's static address. Most of the servers set up in the 192.168.100.x range and set statically. I've then got permanent staff workstations set statically in 192.168.101.x range, and permanent student use workstations set statically in the 192.168.102.x range. Then DHCP running on 192.168.103.x only. Setting most statically lets me know when students access inappropriate stuff on the 'net I can track down which computer they were on via IP address and therefore find which class they were in and talk with the teacher about supervision of that student. Sam. On 27/10/2008, at 2:57 AM, compdoc wrote: Well, using routed connections, each location should have its own ip address range. Routing rather than bridged would cut down on a lot of bandwidth wasted to useless netbios and other types of traffic. When you say the (2.1.2) EFW is 192.168.100.200, I'm assuming the efw is serving a lan in the 192.168.100.x range? I have to say, in terms of reliability, I would use a DHCP server at each location rather than try use a central one over an internet connection. In the past, I have set up a Windows Server DHCP service to handle 4 different subnets, but each subnet was served on different network cards installed in the server. In other words, each nic had its own range, and this worked very well. But how does your server know which client gets which address range? I'm assuming you only have one or two nics in the server? - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100url=/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user