Profile Details

Toggle Sidebar
Recent updates
  • Al Catoe wrote:

    Nick Howitt wrote:

    How about a link like https://hoststud.com/resources/how-to-disable-core-dumps-in-linux-centos-server.292/? Google will be your friend.

    I can't remember but don't the core dumps always have a consistent file name? If they do, as an alternative approach, you can try dropping an event into /etc/clearsync.d/. In it you'll need something like:I don't know the rules around the file but I just copy other files from the same place as a template. This assumes the core dump is called core.*. This should remove each core dump within a second of it being created. If it takes a while to create a core dump you may need to increase the delay a bit to avoid a file lock.


    Thanks for the help Nick, I had already tried the google approach and had already added the hoststud.com method but that did not work... so I was thinking there was something specific for clearos... I just tried your plugin but that does not seem to work either... do I need to restart a service to make the plugin work? / actually just editing my previous reply > I rebooted and one of the two seems to be working preventing the core dumps from root... Interestingly, I was able to load the latest kernel without emergency mode...

    and the firewall status is not in panic anymore, the status is active exited....

    I cannot access the webconfig - even after "systemctl restart webconfig" - "systemctl status webconfig" shows active running.

    see this image for the firewall status, I see ibvpn which was previously uninstalled through the webconfig.... wondering if this is causing any issues?


    Thanks.


    Well, now it seems to be working again... thank you for all your help... I am going to pull all the files off the server then reinstall.

    Best regards!

  • Nick Howitt wrote:

    How about a link like https://hoststud.com/resources/how-to-disable-core-dumps-in-linux-centos-server.292/? Google will be your friend.

    I can't remember but don't the core dumps always have a consistent file name? If they do, as an alternative approach, you can try dropping an event into /etc/clearsync.d/. In it you'll need something like:I don't know the rules around the file but I just copy other files from the same place as a template. This assumes the core dump is called core.*. This should remove each core dump within a second of it being created. If it takes a while to create a core dump you may need to increase the delay a bit to avoid a file lock.


    Thanks for the help Nick, I had already tried the google approach and had already added the hoststud.com method but that did not work... so I was thinking there was something specific for clearos... I just tried your plugin but that does not seem to work either... do I need to restart a service to make the plugin work?

    Thanks.

  • Nick Howitt wrote:

    First thing to do is grab your configuration backups from /var/clearos/configuration_backup. It will simplify things if you have to reinstall.

    The ADAMNET reference is for Gateway Mangement/DNSThingy. Ignore it if you can. If the firewall gets to the end of start up you should be OK if it does not panic, even though "systemcrl status firewall" may show failure. If "iptables -nvL" looks OK then the firewall should be OK.

    When I googled your first error, it suggested it was not really a kernel error and that you may need a grub reinstall which I've never done.

    I suspect you may have run out of disk space sometime in the past and things have become corrupt.

    As a start, can you make sure you have enough space in all partitions ("df -h") then boot into an older kernel then try reinstalling the current one so you get a known goof installation?

    The firewall should not stop the webconfig starting. Do a "systemctl restart webconfig" and, if it fails, look at "systemctl status webconfig -l" and "journalctl -xe" and have a look in the logs in /var/log/webconfig for issues. I know when you are out of disk space the webconfig won't let you in.


    Well, I give up... this thing seems to be too far gone and I cant trace down the root issue(s). I am trying to move all the files off the server but the core dumps in root keep breaking everything...

    Do you know of a way to prevent core dumps entirely so I can save all the files and then reinstall?

    Thanks!

  • Nick Howitt wrote:

    That kernel has been in to community for a week with no ill reports, so lets hope it is something particular to your system.

    During boot you will get a screen which allows you to select which kernel to boot from. You get 3-5 seconds to make your choice before it defaults to the top one. Can you move your cursor to the previous one (3.10.0-1160.41.1.el7.x86_64) and see if that will boot?


    I tried 3.10.0-1160.41.1.el7.x86_64 and it also goes into Emergency Mode - I had to go back to 3.10.0.957.21.3.v7.x86_64 - it does not go into emergency mode @ boot.

    However, the system is not stable and it appears the firewall is not starting due to an error with usr/sbin/firewall-start

    error msg:
    ip6tables v1.4.21: can't initialize ip6tables table 'filter' : Table does not exist (do you need to insmod?)
    Perhaps ip6tables or your kernel needs to be upgraded.

    Any ideas? This update issue has been a huge time suck...

    Thanks!

  • latest kernel (kernel-3.10.0-1160.42.2.el7) - Auto update (09/22/2021) - errors on boot - "no symbol table"; "Emergency Mode - Control-D"

    Latest updates last night at 2AM EST pushed a new kernel "kernel-3.10.0-1160.42.2.el7" and the server was unresponsive this morning - I am assuming after reboot it hung at the emergency mode. How can I resolve this issue on a paid subscription version? I tried to reboot again and it hangs at the emergency mode every time.

    See attached screenshots.

    Thanks!

  • Nick Howitt wrote:

    Why have you included the port number in the exception site? Shouldn't it be just android.clients.google.com?


    Thanks Nick... I just copied the DENIED domain and figured the port was also needed... since the field took it, I figured it was OK or needed.

    I think I am making progress.... however I ran into another issue where the logs are showing:

    18:31:52 kids_name 192.168.1.193 https://vortex.data.microsoft.com:443 *DENIED* Banned site: microsoft.com CONNECT 0 0 3 403 - kids -

    however microsoft.com is not banned in any of the settings that I can see... there are zero banned sites for this group.

    any ideas?

  • *DENIED* Banned site: Blanket Block is active and that site is not on the white or grey list.

    I am working on Content Filtering and have set the group policy to Blanket Ban - I have also entered Exception Sites for this group policy and the exception sites are all showing in the dansguardian access logs as: *DENIED* Banned site: Blanket Block is active and that site is not on the white or grey list.

    I have entered the sites I want to be able to access in the Exception Sites list and continue to get this error:

    example log:
    2020.7.16 14:39:33 kids_name 192.168.1.193 https://android.clients.google.com:443 *DENIED* Banned site: Blanket Block is active and that site is not on the white or grey list. CONNECT 0 0 3 403 - kids -

    see attached screenshots for the General Settings; Exception Sites

    Any help would be great - I have spent wayyyy tooo much time on this so far trying to figure it out... I think it is a bug.

  • OK - so I finally got the google backup and sync to work... had to add "googleapis.com" to the Web Proxy Server Authentication Exception Sites. Adding it to the Content Filter "Default" Exception Sites did not work. This leads me to want a better understanding of the difference in the two methods of filtering urls. Why does the Content Filter "Default" Exception Sites not work?

    What exactly is the Content Filter "Default" Exception Sites used for then? Is this for a logged into proxy user that is not a member of a set group policy?

    I guess what I am trying to figure out - does a member of another group policy ever reach the default policy?

    example:

    default group > allow exception to site A

    user group 1 > no exceptions to Site A

    Does this user in user group 1 ever hit the default group to get the exception to site A?

    Thanks for clarifying...

  • Al Catoe
    Al Catoe updated their profile
  • Proxy Server Authentication Exception Sites VS Content Filtering Group Exception Sites

    Can someone please let me know the difference (Proxy Server Authentication Exception Sites VS Content Filtering Group Exception Sites) and when to use each?

    Does one trump the other?

    Is it that Proxy Server Authentication Exception Sites would be for a system type of access - say windows update urls or google drive backup and sync application?

    And the Content Filtering Group Exception Sites would be user accessed websites using a browser?

    I cannot figure out how to configure these filters for google drive backup and sync application - any advice?

    Does Proxy Server Authentication Exception Sites show as default user or unknown user in the logs or the actual proxy username?

    Thanks for any help!