Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Namaste

Pages: [1]
1
CSF Firewall / Strange error after csf restart
« on: November 16, 2020, 05:56:50 PM »
*ERROR* IPSET: [ipset v7.1: Error in line 65537: Hash is full, cannot add more elements]

Any ideas why thats happening?

Not sure who set the value to "1" but it wasnt me  :)

2
Mod_Security / disabled rules no backup
« on: November 16, 2020, 05:26:36 PM »
So if you update modsec and have a lot of disabled rules that you created you will lose all of them, Like I did.


3
SSL / Android problems coming
« on: November 10, 2020, 10:55:41 PM »
Lets encrypt announced that older versions of android os will not work with lets encrypt very soon.  You can google to your hearts content.

You can start here. https://letsencrypt.org/2020/11/06/own-two-feet.html

4
E-Mail / postfix force ipv4
« on: October 27, 2020, 12:33:10 PM »
Postfix config file main.cf does not include option to force ip4.  I can do it manually but everytime a rebuild the mailserver, my changes disappear.  Is there a template that I can modify?

5
E-Mail / gmail problem
« on: October 22, 2020, 02:35:38 PM »
I have two servers using cwp.  #1 centos 7 #2 centos 8

#1 email header is good with gmail.
Quote
eturn-Path: <2019@lakeservers.com>
Delivered-To: 2015@lakeservers.com
                                                   
                                                
                         
                                             
                                                 
Received: from [192.168.0.16] (unknown [71.214.22.116])
   (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
                                             
   (No client certificate requested)
   by server.foreveryours.us (Postfix) with ESMTPSA id 7ED339DAF
   for <2015@lakeservers.com>; Thu, 22 Oct 2020 10:20:27 -0400 (EDT)
To: LAKE SERVERS <2015@lakeservers.com>
From: Lake Servers <2019@lakeservers.com>
Subject: testt
Message-ID: <90ae98ca-b5fe-df2d-2d66-3dfaba86a6b8@lakeservers.com>
Date: Thu, 22 Oct 2020 10:20:26 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.12.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US

#2 centos 8 gmail header marked as spam
Quote
Return-Path: <info@smadirectory.com>
Delivered-To: 2015@lakeservers.com
Received: from server.rosinto.com (server.rosinto.com [45.79.19.73])
   (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
   (No client certificate requested)
   by server.foreveryours.us (Postfix) with ESMTPS id EB64F9D74
   for <2015@lakeservers.com>; Thu, 22 Oct 2020 10:20:47 -0400 (EDT)
Received: from [192.168.0.16] (unknown [71.214.22.116])
   (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
    key-exchange X25519 server-signature RSA-PSS (2048 bits))
   (No client certificate requested)
   by server.rosinto.com (Postfix) with ESMTPSA id 4DAFC3E844
   for <2015@lakeservers.com>; Thu, 22 Oct 2020 14:21:01 +0000 (UTC)
To: LAKE SERVERS <2015@lakeservers.com>
From: SMA Directory <info@smadirectory.com>
Subject: test
Message-ID: <379cb829-9c32-1aad-4058-2979a74b48a5@smadirectory.com>
Date: Thu, 22 Oct 2020 10:20:44 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.12.1
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="------------41DE0BD500F628F2784C5DBB"
Content-Language: en-US

I am going crazy trying to figure why one server is good and the other is bad.

6
SSL / Trustedhosts RED
« on: October 22, 2020, 01:52:36 PM »
All of my addon domains have a green icon for Trustedhosts

But one (rosinto.com) has red icon for trustedhosts and green icon for

TrustedHosts   KeyTable   v=DKIM1   v=spf1   Action
Red                   Green         green         green

7
Information / SoftException UID is smaller than min_uid
« on: October 10, 2020, 10:31:38 AM »
Im getting errors in my log file.

8
CentOS-WebPanel Bugs / Advanced file editor incomplete directory
« on: October 01, 2020, 04:24:53 PM »
Directory is incomplete.


9
Installation / Preview websites without DNS
« on: October 01, 2020, 03:03:26 PM »
FYI

You can view your websites before changing dns.

ipx.x.x.x/~username/domaindirectory

Works really well and lets you get the new site up before changing dns.

10
CSF Firewall / Login to admin takes forever
« on: September 23, 2020, 12:20:02 PM »
I logged into admin okay but noticed that the dashboard said CSF not enabled.  I clicked to enable and got a message that said CSF is not disabled. In the meantime, dashboard advised new update available.  I updated from 1008 to 1009.  Now login requires 5 minutes to get in.

ALSO  csf is not working properly.  I cannot do csf -x or -r or -f.  Nothing happens.

Results from perl test of csf

Testing ip_tables/iptable_filter...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_LOG...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_REJECT...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_state/xt_state...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_limit/xt_limit...FAILED [FATAL Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf to function
Testing ipt_recent...FAILED [Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for PORTFLOOD and PORTKNOCKING features
Testing xt_connlimit...FAILED [Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...FAILED [Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for SMTP_BLOCK and UID/GID blocking features
Testing iptable_nat/ipt_REDIRECT...FAILED [Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for MESSENGER feature
Testing iptable_nat/ipt_DNAT...FAILED [Error: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?] - Required for csf.redirect feature

RESULT: csf will not function on this server due to FATAL errors from missing modules [6]
[r

11
Information / postfix force ipv4
« on: September 21, 2020, 02:18:23 PM »
 inet_protocols = ipv4 will not allow restart postfix.

Update: I confused protocols with interfaces

Pages: [1]