them, the ethernet ports would
> not renumber and foul up scripts.. so it saves the MAC to "eth" relationship
>
> -Christopher
>
>
> --
> *From:* Mickael MONSIEUR
> *To:* AstLinux Users Mailing List
> *Sent:* Wednesday, January 30, 2
ernet ports would not renumber
> and foul up scripts.. so it saves the MAC to "eth" relationship
>
> -Christopher
>
>
> From: Mickael MONSIEUR
> To: AstLinux Users Mailing List
> Sent: Wednesday, January 30, 2013 12:41 PM
> Subject: [Astlinux-users] Bug udevd[
Mailing List
Sent: Wednesday, January 30, 2013 12:41 PM
Subject: [Astlinux-users] Bug udevd[166] renamed network interface eth0 to ethX
Hi,
I installed AstLinux in a Xen virtual machine. Everything worked fine! (with
DHCP)
I set a static IP address. I restarted on the new IP, everything worked :-)
Hi,
I installed AstLinux in a Xen virtual machine. Everything worked fine!
(with DHCP)
I set a static IP address. I restarted on the new IP, everything worked :-)
A few hours later, I turn off the virtual machine for maintenance, from, I have
no IP.
Error is:
<30> udevd [166] renamed network int
Thanks a lot, Lonnie!
Michael
Am 26.08.2012 17:19, schrieb Lonnie Abelbeck:
> Hi,
>
> Related to Michael's report, we have bumped the SVN version on the build
> engine to "astlinux-1.0-5644" with the standard images built:
>
> http://build.astlinux.org/
>
> The current pre-1.0.5 changes are d
Hi,
Related to Michael's report, we have bumped the SVN version on the build engine
to "astlinux-1.0-5644" with the standard images built:
http://build.astlinux.org/
The current pre-1.0.5 changes are documented here:
http://astlinux.svn.sourceforge.net/viewvc/astlinux/branches/1.0/docs/ChangeL
Hi Michael,
You are the first to report this, though it does make sense. From the msmtp
documentation...
--
‘domain argument’
This command sets the argument of the SMTP EHLO (or LMTP LHLO) command. The
default is ‘localhost’, which is stupid but usually works. Try to change the
default if mail
Hi
I can't get astlinux to send emails. Some debugging shows that the
DOMAIN config option is not set and msmtp then takes "localhost" as
domain name for the EHLO/HELO. This however, is rejected by quite some
mailservers with the error message:
504 5.5.2 : Helo command rejected: need fully-qualif
Guys,
The re registration bug still there. I just lost internet and none of my
host where able to comeback.
It happen 3 times and in all the cases it required a reboot for the system
to re register.
I have 3 different ITSP.
Thank You,
Fernando Fuentes
DIGITALVOIPNET.COM
Lonnie,
Thanks for the reply. I had no idea you guys implemented "service"
I am as puzzled as you are. As soon as I get a chance to replicate the
issue I will send you the logs and procedures. I am on a production env.
Thank You.
On Tue, Nov 8, 2011 at 9:28 PM, Lonnie Abelbeck
wrote:
> Fernando
Fernando,
Without any logs, or other details I really don't have any idea what is going
on with ntpd and your system.
In particular your quote "My time was sync again BUT All of my ethernet
interfaces went off line", is quite puzzling to me.
You have not edited any files except /mnt/kd/ files,
Lonnie,
Any updates?
Thank You,
On Mon, Nov 7, 2011 at 6:30 PM, Fernando Fuentes wrote:
> Lonnie,
>
> Thank you for your reply.
>
> I did:
>
> cd /etc/init.d/
> ./ntpd restart
>
> I also did
>
> ./ntpd stop
> ./ntpd start
>
> They all demonstrated the same behavior.
>
>
> On Mon, Nov 7, 2011 a
Lonnie,
Thank you for your reply.
I did:
cd /etc/init.d/
./ntpd restart
I also did
./ntpd stop
./ntpd start
They all demonstrated the same behavior.
On Mon, Nov 7, 2011 at 6:19 PM, Lonnie Abelbeck
wrote:
>
> On Nov 7, 2011, at 3:59 PM, Fernando Fuentes wrote:
>
> > Yesterday I saw that my a
On Nov 7, 2011, at 3:59 PM, Fernando Fuentes wrote:
> Yesterday I saw that my astlinux system lost its time due to no internet
> connection. after monitoring the system to see if it would catch up in a sync
> I saw the ntpd would not sync up the time. In effort to avoid a reboot I
> restarted
Yesterday I saw that my astlinux system lost its time due to no internet
connection. after monitoring the system to see if it would catch up in a
sync I saw the ntpd would not sync up the time. In effort to avoid a reboot
I restarted ntpd manually from cli. This caused chaos My time was sync
ag
arrick Hartman
> Subject: Re: [Astlinux-users] Bug in Re Registration
>
> Am 06.10.2011 um 19:40 schrieb Michael Keuter:
> > Am 06.10.2011 um 18:41 schrieb Fernando Fuentes:
> >>
> >> Today I was able to replicate this issue on two Alix systems.
> >>
> >> If
Releasing 0.7.10 is on the short list. Hope to have those out by Monday.
From: Michael Keuter [[email protected]]
Sent: Thursday, October 06, 2011 12:51 PM
To: AstLinux Users Mailing List
Cc: Darrick Hartman
Subject: Re: [Astlinux-users] Bug in Re
Am 06.10.2011 um 19:40 schrieb Michael Keuter:
> Am 06.10.2011 um 18:41 schrieb Fernando Fuentes:
>>
>> Today I was able to replicate this issue on two Alix systems.
>>
>> If astlinux is connected inside a NAT network and the Firewall providing the
>> NAT loses the wan asterisk is unable to re r
Am 06.10.2011 um 18:41 schrieb Fernando Fuentes:
>
> Today I was able to replicate this issue on two Alix systems.
>
> If astlinux is connected inside a NAT network and the Firewall providing the
> NAT loses the wan asterisk is unable to re register even if the wan in the
> firewall comes back
Today I was able to replicate this issue on two Alix systems.
If astlinux is connected inside a NAT network and the Firewall providing the
NAT loses the wan asterisk is unable to re register even if the wan in the
firewall comes back up. The only solution is to reboot. Any body experience
this iss
Michael,
Yes you can very easily permit multiple ranges of IP addresses. It uses
a standard network masks for wildcards. A good basic reference is
located here:
http://www.voip-info.org/wiki/index.php?page=Asterisk+sip+permit-deny-mask
So if your users would always be coming from the same /24 n
James
Thanks for the explaination. It's good to better understand, how to counter
these attacks.
I need to dig a bit into these asterisk ACL settings to see if it is
possible to give a range of peer IPs (as the external ones are on dynamic
IP).
Otherwise, the adaptive ban also seems to work n
Michael Keuter wrote:
> You could use Lonnie's adaptive-ban firewall-plugin against this
> hacks (works similar to fail2ban).
>
> Michael
>
> http://www.mksolutions.info
>
>
Thanks. That seems to work nicely:
Jul 21 09:16:08 pbx user.info firewall: adaptive-ban: Banned Host:
204.119.22.247
Michael,
While obviously you'll want to block these attacks when you see them, as
long as you use secure credentials for these remote extensions, you
shouldn't have to worry too much about this attacker actually managing
to compromise a SIP account. While you'll probably want to keep the
exten
>I used the sip-voip plugin. It worked fine. However, security is not enough,
>it seems to me. I am experiencing hacker attacks on the open port 5060.
>
>So, I am wondering, what could be a better solution. Maybe would be
>interesting to not use port 5060 for external devices. Then the firewall
>wo
I used the sip-voip plugin. It worked fine. However, security is not enough,
it seems to me. I am experiencing hacker attacks on the open port 5060.
So, I am wondering, what could be a better solution. Maybe would be
interesting to not use port 5060 for external devices. Then the firewall
would
On 7/11/10 12:13 PM, Lonnie Abelbeck wrote:
> On Jul 11, 2010, at 1:04 PM, Philip Prindeville wrote:
>
>
>>> Pass EXT->Local | UDP | Source: 0/0 | Port: 1-2
>>>
>>> (The port range here should exactly match your /etc/asterisk/rtp.conf
>>> rtpstart-rtpend port range. Alternatively you
On Jul 11, 2010, at 1:04 PM, Philip Prindeville wrote:
>>
>> Pass EXT->Local | UDP | Source: 0/0 | Port: 1-2
>>
>> (The port range here should exactly match your /etc/asterisk/rtp.conf
>> rtpstart-rtpend port range. Alternatively you can enable the 'sip-voip'
>> plugin, but personall
On 7/11/10 7:26 AM, Lonnie Abelbeck wrote:
> On Jul 11, 2010, at 6:13 AM, Michael wrote:
>
>
>> Concerning the functioning of the rules, I added one simple rule "Log Local
>> out", leaving all default options. Clicking "Save settings", "Confirm" and
>> "restart firewall".
>>
> The firewal
Lonnie Abelbeck wrote:
>
> The firewall Tab options:
>
> __ Log Denied TCP attempts to privileged and unprivileged ports
>
> __ Log Denied UDP attempts to privileged and unprivileged ports
>
> __ Log Denied non-TCP/UDP/ICMP attempts
>
> (restart firewall after an change)
>
> can be quite use
On Jul 11, 2010, at 12:19 PM, Michael wrote:
> Lonnie Abelbeck wrote:
>
>> I tested this, and it works for me. Remember that 'Log Local Out' only
>> applies to packets outbound directly from the local AstLinux box (OUTPUT
>> Chain), *not* forwarded packets, (FORWARD Chain). For example packets
Lonnie Abelbeck wrote:
> I tested this, and it works for me. Remember that 'Log Local Out' only
> applies to packets outbound directly from the local AstLinux box (OUTPUT
> Chain), *not* forwarded packets, (FORWARD Chain). For example packets
> from a web browser on a LAN NAT'ed subnet will not
On Jul 11, 2010, at 11:38 AM, Michael wrote:
>> If you add the rule:
>>
>> Log Local Out | TCP | Destination: 0/0 | Port: 1 - 65535
>>
>> Then a LOG rule is generated for all ports to all destinations for TCP
>> going Out from the AstLinux box.
>
> I've done that (see attached picture).
> Stil
> > (Side note, previous versions of the Arno firewall script defaulted to
>> 'all ports' if none were specified, now if no ports are specified, no
>> logging occurs.)
>>
>
>O.K. that's good to know. Still, it seems that something is borked here:
>
>> If you add the rule:
>>
>> Log Local Out |
> (Side note, previous versions of the Arno firewall script defaulted to
> 'all ports' if none were specified, now if no ports are specified, no
> logging occurs.)
>
O.K. that's good to know. Still, it seems that something is borked here:
> If you add the rule:
>
> Log Local Out | TCP | Destina
On Jul 11, 2010, at 6:13 AM, Michael wrote:
> Concerning the functioning of the rules, I added one simple rule "Log Local
> out", leaving all default options. Clicking "Save settings", "Confirm" and
> "restart firewall".
The firewall gui is working fine... if you add the rule:
Log Local Out |
>O.K. Forget bug no 2. That was a stupid user error. I pressed save settings
>after I marked the rules for deletion. I oversaw the "Delete checked"
>button.
>
>Concerning the functioning of the rules, I added one simple rule "Log Local
>out", leaving all default options. Clicking "Save settings", "
O.K. Forget bug no 2. That was a stupid user error. I pressed save settings
after I marked the rules for deletion. I oversaw the "Delete checked"
button.
Concerning the functioning of the rules, I added one simple rule "Log Local
out", leaving all default options. Clicking "Save settings", "Con
>Btw. totally disabling the firewall clears all entries in iptables, thus
>resulting in no more traffic allowed at all.
>
>I as a simple user would have expected that disabling a firewall ALLOWS all
>traffic.
Normally it is so. All traffic is allowed. Maybe there sth. wrong
with your configuratio
>Yeah, I did restart the firewall :-)
>
>Well, the interesting thing is that I seem to see two different bugs (may be
>connected, I don't know).
>
>1.) The rules don't seem to work.
>
>2.) The rules can't be deleted on the gui.
>
>How does it work with you? When you add any custom rule and then in
Btw. totally disabling the firewall clears all entries in iptables, thus
resulting in no more traffic allowed at all.
I as a simple user would have expected that disabling a firewall ALLOWS all
traffic.
Michael wrote:
> Hi
>
> Yesterday I tried to add a custom firewall action to arno's firewa
Yeah, I did restart the firewall :-)
Well, the interesting thing is that I seem to see two different bugs (may be
connected, I don't know).
1.) The rules don't seem to work.
2.) The rules can't be deleted on the gui.
How does it work with you? When you add any custom rule and then in the next
>Hi
>
>Yesterday I tried to add a custom firewall action to arno's firewall on my
>astlinux box. This was in order to enable an external SIP phone to connect
>to asterisk.
>
>As I know the external IP and MAC I added a rule to pass EXT->local port
>5060 from the specified IP address and restarted t
Well, this was my workaround as the custom rules did not work.
I prefer, however, a custom rule as I can limit the open port to a specific
IP (or MAC).
I guess, I don't misunderstand something, e.g. that it is necessary to have
the sip-voip plugin for custom rules to work...
Philip Prindeville
Did you edit your /etc/arno-iptables-firewall/plugins/sip-voip.conf file?
On 7/11/10 1:46 AM, Michael wrote:
> Hi
>
> Yesterday I tried to add a custom firewall action to arno's firewall on my
> astlinux box. This was in order to enable an external SIP phone to connect
> to asterisk.
>
> As I kno
Hi
Yesterday I tried to add a custom firewall action to arno's firewall on my
astlinux box. This was in order to enable an external SIP phone to connect
to asterisk.
As I know the external IP and MAC I added a rule to pass EXT->local port
5060 from the specified IP address and restarted the fi
Well, duh. I didn't even think to look. Very cool. Thanks.
David
On Thu, Dec 11, 2008 at 5:25 PM, Lonnie Abelbeck
wrote:
> David,
>
> Take a look at the Pref tab, "Caller*ID, Blacklist & Whitelist Tab
> Options:" section
>
> Number Format: | |
>
> Error String: ||
>
> The Number format u
I just tried to add a callerID number/name using Lonnie's web interface and
got a "Number must be 10 digits in the format NXXNXX" message. I believe
that this is overly restrictive... and is certainly very US centric. I was
trying to add a UK phone number that I receive calls from through a UK-
David,
Take a look at the Pref tab, "Caller*ID, Blacklist & Whitelist Tab
Options:" section
Number Format: | |
Error String: ||
The Number format uses regular expressions (ereg) to do a sanity check
on the number. You can essentially turn this off by putting "^.*" in
this entry,
49 matches
Mail list logo
