Akcije
Podrška #11699
Zatvoren
novi router-sa <-> sc_linksys1
Početak:
Završetak:
% završeno:
0%
Procjena vremena:
Opis
novi router-sa <-> sc_linksys1
ref. trac ticket: http://trac.sigma-com.net/sa-ScInfrastructure/ticket/611
Povezani tiketi 1 (0 otvoreno — 1 zatvoren)
Izmjenjeno od Ernad Husremović prije više od 18 godina
ranije aktivnosti sa ovim uređajem: #11364
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# nvram set lan_domain=sigma-com.net root@sc_linksys_1:~# nvram commit
Izmjenjeno od Ernad Husremović prije više od 18 godina
Ethernet/Wireless Physical Connections IP address HW type Flags HW address Mask Device 192.168.45.149 0x1 0x2 00:0D:56:74:E4:9A * br0
Izmjenjeno od Ernad Husremović prije više od 18 godina
trenutno stanje je:
lan_ifnames=vlan0 eth1 wds0.49153 wds0.49154
inače linksys wrt54g ima ovu harversku strukturu
LAN = vlan0 WAN = vlan1 wifi = eth1
evo slike:
http://voidmain.is-a-geek.net/i/WRT54_sw2_internal_architecture.png
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:/etc/init.d# nvram set wan_proto=pppoe root@sc_linksys_1:/etc/init.d# nvram set pppoe_username=hsamra root@sc_linksys_1:/etc/init.d# nvram set pppoe_passwd=xxxx root@sc_linksys_1:/etc/init.d# nvram set pppoe_username=hsamrae root@sc_linksys_1:/etc/init.d# nvram commit
Izmjenjeno od Ernad Husremović prije više od 18 godina
našao sam bilješke kada sam štimao pppoe kod sc_wl_hdd_1 router-a
Izmjenjeno od Ernad Husremović prije više od 18 godina
na /mnt/data/download/openwrt.ipk
našao sam i ove ifup.* skripte
stavio sam ih u repos
http://repos.sigma-com.net/hernad/sa/openwrt/sbin_ifup.pppoe
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:/sbin# scp 192.168.45.149:/mnt/data/download/openwrt.ipk/kmod*pppoe* . Host '192.168.45.149' is not in the trusted hosts file. (fingerprint md5 52:b0:83:4d:da:50:44:ea:65:f8:72:40:f8:de:22:90) Do you want to continue connecting? (y/n) y Password: kmod-pppoe_2.4.30-brcm-3_mipsel.ipk 100% 9103 8.9KB/s 00:00 root@sc_linksys_1:/sbin# ipkg install kmod*pppoe*ipk Installing kmod-pppoe (2.4.30-brcm-3) to root... Configuring kmod-pppoe Successfully terminated. root@sc_linksys_1:/sbin#
Izmjenjeno od Ernad Husremović prije više od 18 godina
hm prijavljume mi da nema prostora ... ovo je firmware ali bez pppoe-a
idem flashirati novi firmware
root@sc_linksys_1:~# scp 192.168.45.149:/mnt/data/download/openwrt.ipk/rc6/pppoe/openwrt-brcm-2.4-squashfs.trx . root@sc_linksys_1:~# mtd -r write openwrt-brcm-2.4-squashfs.trx linux
Izmjenjeno od Ernad Husremović prije više od 18 godina
hernad@desk-hernad:~$ telnet 192.168.45.1
radi
Izmjenjeno od Ernad Husremović prije više od 18 godina
setovao password root@sc_linksys_1:/# passwd
sada pristupam sa ssh
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# df -h Filesystem Size Used Available Use% Mounted on /dev/root 1.0M 1.0M 0 100% /rom none 7.0M 24.0k 7.0M 0% /tmp /tmp/root 1.0M 1.0M 0 100% /tmp/root /dev/mtdblock/4 2.2M 324.0k 1.9M 14% /jffs /jffs 1.0M 1.0M 0 100% /
Izmjenjeno od Ernad Husremović prije više od 18 godina
nakon instalacije ovog fimware-a
ifup wan radi i postoji /sbin/ifup.pppoe
Izmjenjeno od Ernad Husremović prije više od 18 godina
dyndns client
root@sc_linksys_1:~# ipkg install ez-ipupdate*ipk Installing ez-ipupdate (3.0.11b8-2) to root... Configuring ez-ipupdate Successfully terminated.
Izmjenjeno od Ernad Husremović prije više od 18 godina
/etc/ez-ipupdate.conf
service-type=dyndns user=hsmra:hernad host=members.dyndns.org interface=ppp0 cache-file=/tmp/ez-ipupdate.cache pid-file=/var/run/ez-ipupdate.pid
root@sc_linksys_1:~# ez-ipupdate -c /etc/ez-ipupdate.conf
ez-ipupdate Version 3.0.11b8 Copyright (C) 1998-2001 Angus Mackay ioctl(SIOCGIFADDR): No such device could not resolve ip address for ppp0
izgleda mi ok, naravno problem je što ppp0 nije aktivan
Izmjenjeno od Ernad Husremović prije više od 18 godina
podesio dns server
root@sc_linksys_1:/etc/init.d# nvram set lan_dns=192.168.45.250 195.222.32.10 195.222.32.20 root@sc_linksys_1:/etc/init.d# nvram commit
Izmjenjeno od Ernad Husremović prije više od 18 godina
gateway je on sam
root@sc_linksys_1:/etc/init.d# nvram set lan_gateway= root@sc_linksys_1:/etc/init.d# nvram commit
Izmjenjeno od Ernad Husremović prije više od 18 godina
otvorio sam repos config sc_linksys_1-a
inicialnu vrijednost firewall-a ću zamijeniti sa fwbuilder verzijom
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:/etc/init.d# which iptables /usr/sbin/iptables
Izmjenjeno od Ernad Husremović prije više od 18 godina
na kraju ovog posla trebam napraviti backup po ovom receptu
dd if=/dev/mtdblock/1 of=/tmp/firmware.trx
Izmjenjeno od Ernad Husremović prije više od 18 godina
sada sam podesio da je firewall fwbuilder-ov
root@sc_linksys_1:/etc/init.d# rm S35firewall root@sc_linksys_1:/etc/init.d# ln -s /etc/sc_linksys_1.fw S35firewall root@sc_linksys_1:/etc/init.d# ls -l S35firewall lrwxrwxrwx 1 root root 20 Jan 1 00:43 S35firewall -> /etc/sc_linksys_1.fw root@sc_linksys_1:/etc/init.d# chmod +x S35firewall root@sc_linksys_1:/etc/init.d# ls -l S35firewall lrwxrwxrwx 1 root root 20 Jan 1 00:43 S35firewall -> /etc/sc_linksys_1.fw root@sc_linksys_1:/etc/init.d#
međutim fale mi još neki paket, prije svega ip i iptables-contrack
ip:
root@sc_linksys_1:~# ipkg install ip_*ipk Installing ip (2.6.11-050330-1) to root... Configuring ip Successfully terminated.
root@sc_linksys_1:~# ipkg install *conntrack*ipk Installing iptables-mod-conntrack (1.3.3-2) to root... Installing kmod-ipt-conntrack (2.4.30-brcm-4) to root... Package kmod-ipt-conntrack (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-mod-conntrack Configuring kmod-ipt-conntrack Successfully terminated.
Izmjenjeno od Ernad Husremović prije više od 18 godina
hm nešto mu još fali
iptables v1.3.3: Unknown arg @--log-level' Try @iptables -h' or 'iptables --help' for more information. Rule 2 (global)
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# ipkg install *ip*extra*ipk
Installing iptables-extra (1.3.3-2) to root...
Installing kmod-ipt-extra (2.4.30-brcm-4) to root...
Configuring kmod-ipt-extra
Successfully terminated.
Collected errors:
ERROR: Cannot satisfy the following dependencies for iptables-extra:
kmod-iptables-extra iptables-mod-extra iptables-mod-filter iptables-mod-ipopt iptables-mod-ipsec iptables-mod-nat iptables-mod-ulog
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# ipkg install *ip*filter*ipk Installing iptables-mod-filter (1.3.3-2) to root... Installing kmod-ipt-filter (2.4.30-brcm-4) to root... Package kmod-ipt-filter (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-mod-filter Configuring kmod-ipt-filter Successfully terminated.
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# ipkg install *ip*ulog*ipk Installing iptables-mod-ulog (1.3.3-2) to root... Installing kmod-ipt-ulog (2.4.30-brcm-4) to root... Package kmod-ipt-ulog (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-mod-ulog Configuring kmod-ipt-ulog Successfully terminated.
međutim --log-level problem je ostao ?!?
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# ipkg install *ip*nat*ipk Installing iptables-mod-nat (1.3.3-2) to root... Installing kmod-ipt-nat (2.4.30-brcm-4) to root... Installing kmod-ipt-nat-pptp (2.4.30-brcm-4) to root... Package kmod-ipt-nat (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-mod-nat Configuring kmod-ipt-nat Configuring kmod-ipt-nat-pptp Successfully terminated.
Izmjenjeno od Ernad Husremović prije više od 18 godina
našao sam dobro uputstvo za fwbuilder+openwrt http://www.martin.cc/OpenWrt/OpenWrt%20Config_RC5.pdf
Izmjenjeno od Ernad Husremović prije više od 18 godina
prema njemu trebam iptable-utils
root@sc_linksys_1:~# ipkg install iptables*utils*ipk Installing iptables-utils (1.3.3-2) to root... Configuring iptables-utils Successfully terminated.
Izmjenjeno od Ernad Husremović prije više od 18 godina
dodao i ovaj pkill
root@sc_linksys_1:/usr/bin# cat /usr/bin/pkill
#!/bin/sh exec killall $* # NOTE.. The following commented lines have been left just in case # the opernWrt guys take killall out of busybox # # case $# in # 1) # SIG="-15" # STRING="$1" # ;; # 2) # SIG="$1" # STRING="$2" #. ;; # *) # echo "usage: $0 [-signal] string" # exit 1 # ;; # esac # # ps | grep $STRING | grep -v grep | grep -v $0 | while read pid restOfLine # do # kill $SIG $pid 2>/dev/null # done
Izmjenjeno od Ernad Husremović prije više od 18 godina
čitraj ernade čitaj .. u bilješkama za sc_wl_hdd_1 našao
http://forum.openwrt.org/viewtopic.php?id=4008
ALuedtke wrote:
Sorry for asking this probably simple question, but how do I enable firewall logging?
Install the modules required for logging:
ipkg install iptables-mod-extra
At the top of your firewall script, add:
insmod ipt_LOG
and then to log traffic, just add these in the appropriate location in the firewall script:
iptables -A INPUT -i tun0 -J LOG --log-prefix "IN tun0: "
(adjust the rule name, interface, etc, as approriate)
Cheers,
Martin.
ipt_LOG
Izmjenjeno od Ernad Husremović prije više od 18 godina
ustvari ovdje
http://forum.openwrt.org/viewtopic.php?id=4008
root@sc_linksys_1:~# ipkg install *ipopt* *ipsec* Installing iptables-mod-ipopt (1.3.3-2) to root... Installing kmod-ipt-ipopt (2.4.30-brcm-4) to root... Package kmod-ipt-ipopt (2.4.30-brcm-4) installed in root is up to date. Installing iptables-mod-ipsec (1.3.3-2) to root... Installing kmod-ipt-ipsec (2.4.30-brcm-4) to root... Package kmod-ipt-ipsec (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-mod-ipopt Configuring iptables-mod-ipsec Configuring kmod-ipt-ipopt Configuring kmod-ipt-ipsec Successfully terminated. root@sc_linksys_1:~#
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:~# ipkg install *extra* *queue* Installing iptables-extra (1.3.3-2) to root... Installing kmod-iptables-extra (2.4.30-brcm-4) to root... Installing kmod-ipt-extra (2.4.30-brcm-4) to root... Installing kmod-ipt-nat-extra (2.4.30-brcm-4) to root... Installing kmod-ipt-queue (2.4.30-brcm-4) to root... Installing iptables-mod-extra (1.3.3-2) to root... Package iptables-mod-extra (1.3.3-2) installed in root is up to date. Package kmod-ipt-extra (2.4.30-brcm-4) installed in root is up to date. Package kmod-ipt-nat-extra (2.4.30-brcm-4) installed in root is up to date. Package kmod-iptables-extra (2.4.30-brcm-4) installed in root is up to date. Package kmod-ipt-queue (2.4.30-brcm-4) installed in root is up to date. Configuring iptables-extra Configuring iptables-mod-extra Configuring kmod-ipt-extra Configuring kmod-ipt-nat-extra Configuring kmod-ipt-queue Configuring kmod-iptables-extra Successfully terminated. root@sc_linksys_1:~#
Izmjenjeno od Ernad Husremović prije više od 18 godina
i sada je napokon OK nema errora
Izmjenjeno od Ernad Husremović prije više od 18 godina
ovo bi takođe trebalo da radi kada aktiviramo ppp0
/usr/sbin/ez-ipupdate
/etc/ez-ipupdate.conf
/etc/hotplug.d/iface/10-ez-ipupdate
Successfully terminated.
root@sc_linksys_1:/etc/ppp# cat /etc/hotplug.d/iface/10-ez-ipupdate
. /etc/functions.sh
NAME=ez-ipupdate
CONFIG=/etc/$NAME.conf
COMMAND=/usr/sbin/$NAME
[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
[ -x $COMMAND ] && [ -r $CONFIG ] && {
IFNAME=$(nvram get ${INTERFACE}_ifname)
$COMMAND -c $CONFIG -i $IFNAME 2>&1 | logger -t $NAME
} &
}
Izmjenjeno od Ernad Husremović prije više od 18 godina
root@sc_linksys_1:/etc/ppp# nvram show | grep lan_ lan_gateway= lan_domain=sigma-com.net dr_lan_rx=1 2 lan_netmask=255.255.255.0 lan_lease=86400 lan_stp=0 dr_lan_tx=1 2 lan_hwaddr=00:13:10:43:88:BF size: 9382 bytes (23386 left) lan_ifnames=vlan0 eth1 wds0.49153 wds0.49154 lan_dns=192.168.45.250 195.222.32.10 195.222.32.20 lan_ipaddr=192.168.45.1 lan_proto=static lan_ifname=br0 lan_wins= lan_hwnames=
prikopčao sam adsl ali ne radi otišao u web interfejs i tamo podesio lozinku i usera
ipak je to ppp_username, ppp_passwd
root@sc_linksys_1:~# nvram show | grep ppp_ ppp_idletime=5 ppp_passwd=xxxxxxxxxxxxxx ppp_get_ac= ppp_username=hsamrae
Izmjenjeno od Ernad Husremović prije više od 18 godina
nakon toga pppoe napokon radi
root@sc_linksys_1:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 89.146.128.1 * 255.255.255.255 UH 0 0 0 ppp0 192.168.45.0 * 255.255.255.0 U 0 0 0 br0 default SE400.PPPoE-1.s 0.0.0.0 UG 0 0 0 ppp0
Izmjenjeno od Ernad Husremović prije više od 18 godina
logread mi je rekao ovo
Jan 1 00:04:39 (none) user.notice ez-ipupdate: ez-ipupdate Version 3.0.11b8 Jan 1 00:04:39 (none) user.notice ez-ipupdate: Copyright (C) 1998-2001 Angus Mackay Jan 1 00:04:39 (none) user.notice ez-ipupdate: connected to members.dyndns.org (63.208.196.95) on port 80 Jan 1 00:04:39 (none) user.notice ez-ipupdate: invalid hostname: members.dyndns.org root@sc_linksys_1:~# logread
Izmjenjeno od Ernad Husremović prije više od 18 godina
ispravio pa sve iz /etc/stavio u repos
root@sc_linksys_1:~# ez-ipupdate -c /etc/ez-ipupdate.conf -foreground ez-ipupdate Version 3.0.11b8 Copyright (C) 1998-2001 Angus Mackay connected to members.dyndns.org (63.208.196.95) on port 80 a feature requested is only available to donators, please donate
Izmjenjeno od Ernad Husremović prije više od 18 godina
podesio dns server da prvi proradi
root@printserver:~# /etc/init.d/networking restart
* Reconfiguring network interfaces... SIOCDELRT: No such process
[ ok ]
root@printserver:~# ping www.google.ba
PING www.l.google.com (209.85.135.99) 56(84) bytes of data.
64 bytes from mu-in-f99.google.com (209.85.135.99): icmp_seq=1 ttl=240 time=62.0 ms
Izmjenjeno od Ernad Husremović prije više od 18 godina
sljedeći je bio boing-1, tu sam morao ručno sa "ip del ..." brisati staru rutu:
root@boing-1:~# /etc/init.d/networking restart
* Reconfiguring network interfaces... SIOCDELRT: No such process
[ ok ]
root@boing-1:~# ping www.google.ba
PING www.l.google.com (209.85.135.99) 56(84) bytes of data.
From 192.168.45.4 icmp_seq=1 Destination Net Unreachable
--- www.l.google.com ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
root@boing-1:~# vi /etc/network/interfaces
root@boing-1:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.169.45.4 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0
192.169.45.100 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0
192.169.45.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.145.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
192.168.180.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
192.168.45.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.45.1 0.0.0.0 UG 0 0 0 eth0
0.0.0.0 192.168.45.4 0.0.0.0 UG 0 0 0 eth0
root@boing-1:~# ip show
Object "show" is unknown, try "ip help".
root@boing-1:~# ip route show
192.169.45.4 via 192.168.45.4 dev eth0
192.169.45.100 via 192.168.45.4 dev eth0
192.169.45.0/24 dev eth1 proto kernel scope link src 192.169.45.230
172.16.145.0/24 dev vmnet1 proto kernel scope link src 172.16.145.1
192.168.180.0/24 dev vmnet8 proto kernel scope link src 192.168.180.1
192.168.45.0/24 dev eth0 proto kernel scope link src 192.168.45.230
default via 192.168.45.1 dev eth0
default via 192.168.45.4 dev eth0
root@boing-1:~# ip route del default via 192.168.45.4 dev eth0
root@boing-1:~# ip route show
192.169.45.4 via 192.168.45.4 dev eth0
192.169.45.100 via 192.168.45.4 dev eth0
192.169.45.0/24 dev eth1 proto kernel scope link src 192.169.45.230
172.16.145.0/24 dev vmnet1 proto kernel scope link src 172.16.145.1
192.168.180.0/24 dev vmnet8 proto kernel scope link src 192.168.180.1
192.168.45.0/24 dev eth0 proto kernel scope link src 192.168.45.230
default via 192.168.45.1 dev eth0
root@boing-1:~# ping www.google.ba
PING www.l.google.com (209.85.135.147) 56(84) bytes of data.
64 bytes from 209.85.135.147: icmp_seq=1 ttl=240 time=74.8 ms
64 bytes from 209.85.135.147: icmp_seq=2 ttl=240 time=61.4 ms
--- www.l.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1011ms
rtt min/avg/max/mdev = 61.415/68.109/74.804/6.699 ms
Izmjenjeno od Ernad Husremović prije više od 18 godina
otišao sam da pogledam rute na vserver sesijama
root@dev-infra-2:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.169.45.4 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0 192.169.45.100 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0 192.169.45.0 0.0.0.0 255.255.255.0 U 0 0 0 * 172.16.145.0 0.0.0.0 255.255.255.0 U 0 0 0 * 192.168.180.0 0.0.0.0 255.255.255.0 U 0 0 0 * 192.168.45.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.45.1 0.0.0.0 UG 0 0 0 eth0 root@dev-infra-2:~# reboot
Izmjenjeno od Ernad Husremović prije više od 18 godina
hm pobošano mi izgleda -
restartovao dev-infra-2
Izmjenjeno od Ernad Husremović prije više od 18 godina
vmware sesiju suse-90 (if server) podesio sa YaST2
Izmjenjeno od Ernad Husremović prije više od 18 godina
na dyndns account-u samra podesio timezone https://www.dyndns.com/account/settings/prefs.html
Europe/Sarajevo
Izmjenjeno od Ernad Husremović prije više od 18 godina
podesio routers opciju na dhcp serveru
root@printserver:~# /etc/init.d/dhcp3-server restart Internet Systems Consortium DHCP Server V3.0.3 Copyright 2004-2005 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ * Stopping DHCP server [ ok ] Internet Systems Consortium DHCP Server V3.0.3 Copyright 2004-2005 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ * Starting DHCP server: [ ok ] root@printserver:~#
Izmjenjeno od Ernad Husremović prije više od 18 godina
morao sam i na printserveru izbrisati staru rutu
192.168.45.0/24 dev eth0 proto kernel scope link src 192.168.45.250 default via 192.168.45.1 dev eth0 default via 192.168.45.4 dev eth0 root@printserver:~# ip route del default via 192.168.45.4 dev eth0
Izmjenjeno od Ernad Husremović prije više od 18 godina
postavio sam ntpclient i setovao vrijeme
root@sc_linksys_1:~# ntpclient -h ntp.ubuntu.com -s 39077 75549.551 68627.0 13.0 33529.0 65918.0 0 root@sc_linksys_1:~# date Thu Dec 28 20:59:14 UTC 2006
Izmjenjeno od Ernad Husremović prije više od 18 godina
na osnovu #11593 podesio i timezone
root@sc_linksys_1:~# echo "CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00" > /etc/TZ root@sc_linksys_1:~# date Thu Dec 28 22:00:26 CET 2006
Izmjenjeno od Ernad Husremović prije više od 18 godina
kod /etc/ez-ipupdate.conf
izbrisao sam liniju
cache=/tmp/*cache
testirao sam reboot rooter-a
ppp0 Link encap:Point-Point Protocol
inet addr:89.146.142.68 P-t-P:89.146.128.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:38 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:4808 (4.6 KiB) TX bytes:1960 (1.9 KiB)
i pogledao na web strani dyndns-a sve je ok refresh dns-a se vrši
Izmjenjeno od Ernad Husremović prije više od 18 godina
odradio restart java-infra-2 servera
Izmjenjeno od Ernad Husremović prije više od 18 godina
joj restartovao sam boing-1 bez potrebe
naime zbunila me je ruta 192.*169*.45.4
root@mail-gw-10:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.169.45.4 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0 192.169.45.100 192.168.45.4 255.255.255.255 UGH 0 0 0 eth0 172.16.145.0 * 255.255.255.0 U 0 0 0 * 192.169.45.0 * 255.255.255.0 U 0 0 0 * 192.168.180.0 * 255.255.255.0 U 0 0 0 * 192.168.45.0 * 255.255.255.0 U 0 0 0 eth0 default 192.168.45.1 0.0.0.0 UG 0 0 0 eth0
Izmjenjeno od Ernad Husremović prije više od 18 godina
ručno sam pokrenuo zimbra-1 servise (zmmtactl, zmamavaisdctl, zmclamdctl) i provjerio
zimbra@zimbra-1:/root$ zmcontrol status
Host zimbra-1.sigma-com.net
antispam Running
antivirus Running
ldap Running
logger Running
mailbox Running
mta Running
snmp Running
spell Running
zimbra@zimbra-1:/root$
Izmjenjeno od Ernad Husremović prije više od 18 godina
nakon restarta nije se podiglao wildfire server pa sam ga ručno pokrenouo
root@java-infra-2:~# /etc/rc.local
root@java-infra-2:~# ps ax
PID TTY STAT TIME COMMAND
1 ? Ss 0:01 init r2
5498 ? Ss 0:00 /sbin/syslogd -u syslog
5510 ? Ss 0:00 /sbin/klogd -P /var/run/klogd/kmsg
5577 ? Ss 0:00 /usr/lib/postfix/master
5579 ? S 0:00 pickup -l -t fifo -u -c
5580 ? S 0:00 qmgr -l -t fifo -u
5586 ? Ss 0:00 /usr/sbin/sshd
7770 ? Ss 0:00 sshd: root@pts/2
7772 pts/2 Ss 0:00 -bash
7788 pts/2 Rl 0:00 /usr/lib/jvm/java-1.5.0-sun-1.5.0.06/bin/java -server 7799 pts/2 R+ 0:00 ps ax
Izmjenjeno od Ernad Husremović prije više od 18 godina
ovo je da poludiš, sa interneta nikako ne dolaze pozivi pop3, imap, 5222 ali dolaze smtp 80 ??!
root@sc_linksys_1:~# iptables -L -t nat | grep 110
root@sc_linksys_1:~# iptables -L -t nat | grep 110 DNAT tcp -- anywhere anywhere tcp multiport dports 143,993,110,995 to:192.168.45.16 DNAT tcp -- anywhere anywhere tcp multiport dports 143,993,110,995 to:192.168.45.16
Izmjenjeno od Ernad Husremović prije više od 18 godina
nakon toga počeo mi je ez-ipupdate prijavljivanti neku grešku 404
pa onda su je i pristup www stranicama otkazao lan -> internet ...
ovo je nevjerovatno ...
na kraju sam vratio router-sa i sve radi.
Izmjenjeno od Ernad Husremović prije više od 18 godina
znači:
- sc_linksys_1 ima nekakve probleme sa firewalom
- ez-ipupdate je takođe sumnjiv
ili sam ja teški baksuz pa je ovo prolupalo radi bihneta ??!
Izmjenjeno od Ernad Husremović prije više od 18 godina
ma idem ponovo pokušati sa linksis-om
Izmjenjeno od Ernad Husremović prije više od 18 godina
na kraju, sve je ipak bilo do podešenja firewall-a
evo testova:
[root@ernadh ~]# telnet mail.sigma-com.net 110 Trying 89.146.138.27... Connected to mail.sigma-com.net. Escape character is '^]'. +OK if Cyrus POP3 v2.1.15 server ready <3185467114.1158649705@if> quit +OK Connection closed by foreign host. [root@ernadh ~]# telnet mail.sigma-com.net 5222 Trying 89.146.138.27... Connected to mail.sigma-com.net. Escape character is '^]'. Connection closed by foreign host. [root@ernadh ~]# telnet mail.sigma-com.net 80 Trying 89.146.138.27... Connected to mail.sigma-com.net. Escape character is '^]'. quit <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>502 Proxy Error</title> </head><body> <h1>Proxy Error</h1> <p>The proxy server received an invalid response from an upstream server.<br /> The proxy server could not handle the request <em><a href="/">quit /</a></em>.<p> Reason: <strong>Error reading from remote server</strong></p></p> </body></html> Connection closed by foreign host. [root@ernadh ~]# telnet mail.sigma-com.net 25 Trying 89.146.138.27... Connected to mail.sigma-com.net. Escape character is '^]'. 220 mail-gw-10.sigma-com.net ESMTP Postfix (Ubuntu) quit 221 Bye Connection closed by foreign host. [root@ernadh ~]#
Izmjenjeno od Ernad Husremović prije više od 18 godina
poslao sam test sigma-com.net -> gmail.com i reply, sve radi u roku od par sekundi
Izmjenjeno od Ernad Husremović prije više od 18 godina
jutros provjerio sve je ok
[root@ernadh ~]# telnet jabber.bring.out.ba 5222 Trying 89.146.138.27... Connected to jabber.bring.out.ba. Escape character is '^]'. Connection closed by foreign host. [root@ernadh ~]# telnet jabber.bring.out.ba 110 Trying 89.146.138.27... Connected to jabber.bring.out.ba. Escape character is '^]'. +OK if Cyrus POP3 v2.1.15 server ready <3310579077.1158674356@if> quit
sad vidim da se nije ni ip officesa mjenjao ... pa dobro nije ni tako davno bilo kada sam radio test
Izmjenjeno od Ernad Husremović prije više od 18 godina
čitam ovdje http://wiki.openwrt.org/OpenWrtDocs/Installing
i vidim da se sa ssh-om odmah može remotely izvršiti neka komanda i usmjeriti na moj desktop ... cool:
hernad@desk-h6:~/repos/sa/sc_linksys_1.sigma-com.net$ ssh -x root@192.168.45.1 'dd if=/dev/mtdblock/1' > firmware-backup.trx root@192.168.45.1's password: 7552+0 records in 7552+0 records out hernad@desk-h6:~/repos/sa/sc_linksys_1.sigma-com.net$ ls -l firmware-backup.trx -rw-r--r-- 1 hernad hernad 3866624 2007-01-24 12:33 firmware-backup.trx
Izmjenjeno od Ernad Husremović prije oko 17 godina
- Status promijenjeno iz Novo u Zatvoreno
Akcije