HI,
I can not browse some Sites, but i dont use the webfilter
What can i Check ??
I can not browse some Sites, but i dont use the webfilter
What can i Check ??
↧
Cant browse
↧
Issue clean installing Sophos UTM 9.1.107 Software Appliance
Hello, I'm having trouble doing a clean install of the Sophos UTM 9.1.107 software appliance.
It gets to the point of installing ep-release-9.107-33 and it errors out, saying RPM installation error
I go for the default installation options, with these exceptions:
64-bit Kernel: Yes
Enterprise Toolkit: Yes (not sure if needed for the Home edition)
The ISO file that I download is the latest_asg_v9_software.iso
Hardware is the following:
APU: AMD A8-5600K
Motherboard: MSI FM2-A85XMA-E35 (On-board ethernet is detected as Realtek RTL8111/8168B chipset, eth0)
RAM: Corsair XMS 4GB DDR3 1333
Hard Drive: Seagate Barracuda ST500DM002 500GB 7200 RPM
Optical: LG 24X DVD Burner GH24NS95
Additional NIC: Rosewill RNG-407-Dual PCI-Express (Same as MB, but eth1 and eth2)
I have done this exact setup on the previous version, with no issues whatsoever. And before I decided to do a clean install (because I forgot my login information, oops), everything was working.
It gets to the point of installing ep-release-9.107-33 and it errors out, saying RPM installation error
I go for the default installation options, with these exceptions:
64-bit Kernel: Yes
Enterprise Toolkit: Yes (not sure if needed for the Home edition)
The ISO file that I download is the latest_asg_v9_software.iso
Hardware is the following:
APU: AMD A8-5600K
Motherboard: MSI FM2-A85XMA-E35 (On-board ethernet is detected as Realtek RTL8111/8168B chipset, eth0)
RAM: Corsair XMS 4GB DDR3 1333
Hard Drive: Seagate Barracuda ST500DM002 500GB 7200 RPM
Optical: LG 24X DVD Burner GH24NS95
Additional NIC: Rosewill RNG-407-Dual PCI-Express (Same as MB, but eth1 and eth2)
I have done this exact setup on the previous version, with no issues whatsoever. And before I decided to do a clean install (because I forgot my login information, oops), everything was working.
↧
↧
UTM9 und Teamdrive Personal Server
Hi,
in der Firma betreiben wir einen Server hinter einer UTM9.1. Auf diesem Server ist ein Teamdrive Personal Server installiert, der Plattenplatz diversen Clients auf Notebooks, iOS-Geräten usw. zur Verfügung stellt. In dem TD Personal Server stellt man die eigene externe feste IP und den Port, über den man sich verbindet, ein.
Zunächst werden der Client und der Server miteinander bekannt gemacht. Dabei wird dem Notebook-Client die externe IP und der Port mitgeteilt, auf dem später die Verbindung erfolgen soll.
In der Astaro habe ich eine Port-Weiterleitung in der Firewall per DNAT definiert. Alle Notebooks und iOS-Geräte außerhalb des Firmennetzes verbinden sich brav und ich kann sauber arbeiten.
Nun habe ich aber auch einen Client auf meiner Arbeitsstation installiert und will den Plattenplatz nutzen. Dazu versucht der Client eine Verbindung zur festen IP aufzubauen um dann auf dem entsprechenden Port den Personal-Server zu finden.
Dazu erlaube ich per Firewall-Regel meiner Arbeitsstation eine Verbindung über den Port an das Externe-NIC. Der Firewall-Monitor zeigt auch grüne Verbindungen an.
Nun muß ja aber die Route wieder rein zu unserem Server geleitet werden, bzw. eine Regel nach dem folgenden Schema erstellt werden:
Wenn ein netzinterner Client sich auf Port sowieso mit der externen festen IP sowieso verbinden will, dann verbinde direkt mit der internen IP sowieso...
Da stehe ich nun auf dem Schlauch.
Könnt Ihr mir da weiterhelfen?
Gruß
Christoph
in der Firma betreiben wir einen Server hinter einer UTM9.1. Auf diesem Server ist ein Teamdrive Personal Server installiert, der Plattenplatz diversen Clients auf Notebooks, iOS-Geräten usw. zur Verfügung stellt. In dem TD Personal Server stellt man die eigene externe feste IP und den Port, über den man sich verbindet, ein.
Zunächst werden der Client und der Server miteinander bekannt gemacht. Dabei wird dem Notebook-Client die externe IP und der Port mitgeteilt, auf dem später die Verbindung erfolgen soll.
In der Astaro habe ich eine Port-Weiterleitung in der Firewall per DNAT definiert. Alle Notebooks und iOS-Geräte außerhalb des Firmennetzes verbinden sich brav und ich kann sauber arbeiten.
Nun habe ich aber auch einen Client auf meiner Arbeitsstation installiert und will den Plattenplatz nutzen. Dazu versucht der Client eine Verbindung zur festen IP aufzubauen um dann auf dem entsprechenden Port den Personal-Server zu finden.
Dazu erlaube ich per Firewall-Regel meiner Arbeitsstation eine Verbindung über den Port an das Externe-NIC. Der Firewall-Monitor zeigt auch grüne Verbindungen an.
Nun muß ja aber die Route wieder rein zu unserem Server geleitet werden, bzw. eine Regel nach dem folgenden Schema erstellt werden:
Wenn ein netzinterner Client sich auf Port sowieso mit der externen festen IP sowieso verbinden will, dann verbinde direkt mit der internen IP sowieso...
Da stehe ich nun auf dem Schlauch.
Könnt Ihr mir da weiterhelfen?
Gruß
Christoph
↧
Problem mit Autobackup
Hallo,
ich habe die Backup-Funktion so eingestellt, dass tägliche Backups erstellt werden. Dies funktioniert auch.
Aber das versenden der Backups per eMail funktioniert nicht.
Ich habe eine eMail Adresse hinterlegt und das versenden der Notifications funktioniert auch.
Nur eben die Backups werden nicht verschickt,
Woran kann dies liegen?
Danke
Feo
ich habe die Backup-Funktion so eingestellt, dass tägliche Backups erstellt werden. Dies funktioniert auch.
Aber das versenden der Backups per eMail funktioniert nicht.
Ich habe eine eMail Adresse hinterlegt und das versenden der Notifications funktioniert auch.
Nur eben die Backups werden nicht verschickt,
Woran kann dies liegen?
Danke
Feo
↧
Reporting mail queue for antispam
Hello,
I configured my monitoring (with PRTG), and I try to monitor the mail queue for the antispam feature. I try to import the MIB in PRTG, but it's appear that only for SNMP Traps.
So I would like to try with the "SSH Script" and return the value of the mail queue.. But I don't know how can I do that !
Is that possible to show the mail queue in CLI ? (Or if you have another solution, I take it ;) )
Thanks in advance
Lucas
I configured my monitoring (with PRTG), and I try to monitor the mail queue for the antispam feature. I try to import the MIB in PRTG, but it's appear that only for SNMP Traps.
So I would like to try with the "SSH Script" and return the value of the mail queue.. But I don't know how can I do that !
Is that possible to show the mail queue in CLI ? (Or if you have another solution, I take it ;) )
Thanks in advance
Lucas
↧
↧
[9.186] Data disk 100%
Firmware version: 9.186-1
My UTM is showing that the data disk is at 100%.
How do i increase this disk space or remove the data that is filling the disk?
My UTM is showing that the data disk is at 100%.
How do i increase this disk space or remove the data that is filling the disk?
↧
vpn redundancy problem
Hi,
we have 2 utm220 on 2 different sites.
utm's are connected toghether through a p2p 4mbps symmetric connection and both utm's have a 15mbps symmetric internet connection.
we setup the uplink balancing using and in case the internet connection from one site is down the traffic is correctly sent to the p2p interface to the remote utma and from them to internet.
Now considered the bandwidth we want to connect the offices using an ipsec vpn as the primary connection an the p2p as the secondary.
Is this configuration supported?
Is it possible to have an automatic failover to the p2p interface in case the internet connection is down?
tx
andy
we have 2 utm220 on 2 different sites.
utm's are connected toghether through a p2p 4mbps symmetric connection and both utm's have a 15mbps symmetric internet connection.
we setup the uplink balancing using and in case the internet connection from one site is down the traffic is correctly sent to the p2p interface to the remote utma and from them to internet.
Now considered the bandwidth we want to connect the offices using an ipsec vpn as the primary connection an the p2p as the secondary.
Is this configuration supported?
Is it possible to have an automatic failover to the p2p interface in case the internet connection is down?
tx
andy
↧
Weekly/monthly virus reports empty
Hi all,
If any known virusses had their try, the daily virus report will show the viruses. However the weekly and monthly virus report show nothing.
Any clues?
Thanx
Jaap
If any known virusses had their try, the daily virus report will show the viruses. However the weekly and monthly virus report show nothing.
Any clues?
Thanx
Jaap
↧
Webusage reports with GB/MB PDFs with KBs
Hi all,
When running Web Usage reports the traffic usage is reported in GB and/or MBs. Just fine by me.
When exporting these reports to PDFs the traffic usage comes in KBs.
No readable for managers :(.
E.g.: 36GB is 39112997425
Is there anything i can do about it?
Thanx Jaap
When running Web Usage reports the traffic usage is reported in GB and/or MBs. Just fine by me.
When exporting these reports to PDFs the traffic usage comes in KBs.
No readable for managers :(.
E.g.: 36GB is 39112997425
Is there anything i can do about it?
Thanx Jaap
↧
↧
VLAN Config
Hallo zusammen,
kann man bei einer bestehenden Installation ein Interface von Static (internes Netzwerk) auf VLAN umstellen?
Hintergrund: Ich will mehrere VLANs auf der intern NIC laufen lassen, damit ich dann mit einem lassenden Switch den Traffic und die User besser trennen kann.
VLAN1: User
VLAN2: Gäste
VLAN3: Server
Diese jeweils mit eigenen AppControl und FW Regeln.
Gruß und frohes Neues
Robert
kann man bei einer bestehenden Installation ein Interface von Static (internes Netzwerk) auf VLAN umstellen?
Hintergrund: Ich will mehrere VLANs auf der intern NIC laufen lassen, damit ich dann mit einem lassenden Switch den Traffic und die User besser trennen kann.
VLAN1: User
VLAN2: Gäste
VLAN3: Server
Diese jeweils mit eigenen AppControl und FW Regeln.
Gruß und frohes Neues
Robert
↧
Issue with Time Definition in Packet Filter Rule
I think that I ran into an issue and am curious if anyone else has as well. I wrote a packet filter rule (rule #1) to block access to a specific IP address on certain ports between the hours of 8 a.m. and 5 p.m. Later (rule #7), I wrote a packet filter rule to allow traffic to that IP address on those same ports (without a time definition). My intention was that the first rule would block access between 8 a.m. and 5 p.m. and then from 5 p.m. to 8 a.m. the following morning, the traffic would be allowed.
Last night, at around 7:30 p.m., I tested this configuration and it worked fine. However, this morning, between the hours of 5:30 and 7:30 a.m., I could not access that specific site on those ports until I turned off packet filter rule #1.
Am I missing something or might this be a bug?
Sophos UTM Home License - version 9.107-33
Last night, at around 7:30 p.m., I tested this configuration and it worked fine. However, this morning, between the hours of 5:30 and 7:30 a.m., I could not access that specific site on those ports until I turned off packet filter rule #1.
Am I missing something or might this be a bug?
Sophos UTM Home License - version 9.107-33
↧
Syslog severity
Hi all,
Is it correct that it is not possible to send syslog messages with a certain severity? I do want syslog but not all :(
If this is not possible where can I propose this for a modification?
Thanx and greetz,
Jaap
Is it correct that it is not possible to send syslog messages with a certain severity? I do want syslog but not all :(
If this is not possible where can I propose this for a modification?
Thanx and greetz,
Jaap
↧
Updated installation fresh installation?
I'm currently going through the process of recreating my firewall configuration on a new machine (after encountering problems trying to restore my existing config onto new hardware, but that's the topic of another thread).
So far it's going well, and I'm taking the opportunity to remove some old items that are not in use any more, and discovering some areas that I haven't "played with" before, so it's a worthwhile exercise in the end.
But in the process, I noticed that my new installation, installed fresh from the UTM 9.107 ISO, includes a service definition for "ping6" which is not present on my older box, which has been upgraded to 9.107 but which started life as an ASG 8.x (or possibly even 7.x) installation.
I have no idea if this is the only difference, but I thought I'd raise it as a potential issue, since it appears prima facie that the upgrade process does not always add all the new stuff that comes with a new version.
Perhaps this is by design, but I would have expected that if definitions were added to the base installation to support new features or protocols, that they would also be added to existing installations by the upgrade process, or at least mentioned in the release notes so they could be added manually if needed. (And if ping6 was so mentioned, my apologies, but I don't recall seeing it.)
So far it's going well, and I'm taking the opportunity to remove some old items that are not in use any more, and discovering some areas that I haven't "played with" before, so it's a worthwhile exercise in the end.
But in the process, I noticed that my new installation, installed fresh from the UTM 9.107 ISO, includes a service definition for "ping6" which is not present on my older box, which has been upgraded to 9.107 but which started life as an ASG 8.x (or possibly even 7.x) installation.
I have no idea if this is the only difference, but I thought I'd raise it as a potential issue, since it appears prima facie that the upgrade process does not always add all the new stuff that comes with a new version.
Perhaps this is by design, but I would have expected that if definitions were added to the base installation to support new features or protocols, that they would also be added to existing installations by the upgrade process, or at least mentioned in the release notes so they could be added manually if needed. (And if ping6 was so mentioned, my apologies, but I don't recall seeing it.)
↧
↧
Eigene URL-Filter definieren
Hallo,
ich hab da ein kleines Verständnisproblem mit der Webprotection. Kann man auch irgendwo eigene Regeln definieren z.B. das URL's geblockt werden können, wenn sich z.B. Wörter wie Gewalt oder Hass darin befinden?
Bis jetzt hab ich nur gefunden, daß man bereits definierte Kategorien einpflegen kann, wenn man sich eine neue Filterkategorie erstellt.
Mir ist das halt aufgefallen, als ich z.B. unter Google den Begriff gesucht habe.
Es geht darum, z.B. für Kinder einen Webfilter zu erstellen, der mehr blockt als z.B. für Erwachsene.
mfg.
Hartmut
ich hab da ein kleines Verständnisproblem mit der Webprotection. Kann man auch irgendwo eigene Regeln definieren z.B. das URL's geblockt werden können, wenn sich z.B. Wörter wie Gewalt oder Hass darin befinden?
Bis jetzt hab ich nur gefunden, daß man bereits definierte Kategorien einpflegen kann, wenn man sich eine neue Filterkategorie erstellt.
Mir ist das halt aufgefallen, als ich z.B. unter Google den Begriff gesucht habe.
Es geht darum, z.B. für Kinder einen Webfilter zu erstellen, der mehr blockt als z.B. für Erwachsene.
mfg.
Hartmut
↧
how to check mail Delivery Status in ASG425
Hi
Is it possible to check the mail delivery status for the particular time. i am new to this Astaro Device.
Thanks
Dannford
Is it possible to check the mail delivery status for the particular time. i am new to this Astaro Device.
Thanks
Dannford
↧
Increasing swap usage
I noticed a rapidly increasing use of swap memory on my hardware appliance.
See screenshots for an overview of the memory usage last month and the active modules.
Installation date of the UTM is around 12.8.2013 so this is the complete overview since then. Did a restart twice because of a Up2Date release, which lowered the memory usage to raise again.
Details:
Firmware version: 9.191-2
Pattern version: 55186
System: Hardware UTM120 (2GB)
Updated: Through Up2Date from 9.165 till latest version
Below I inserted the process list from the Support -> Advanced section.
Could this swap problem because by the postgres process? There are several sessions which have a high VSZ.
When there is more info needed, let me know!
(I'm going to reboot tomorrow night, to prevent overload)
See screenshots for an overview of the memory usage last month and the active modules.
Installation date of the UTM is around 12.8.2013 so this is the complete overview since then. Did a restart twice because of a Up2Date release, which lowered the memory usage to raise again.
Details:
Firmware version: 9.191-2
Pattern version: 55186
System: Hardware UTM120 (2GB)
Updated: Through Up2Date from 9.165 till latest version
Below I inserted the process list from the Support -> Advanced section.
Could this swap problem because by the postgres process? There are several sessions which have a high VSZ.
When there is more info needed, let me know!
(I'm going to reboot tomorrow night, to prevent overload)
Code:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 2 0.0 0.0 0 0 ? S 2013 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 2013 1:33 \_ [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 2013 0:00 \_ [kworker/0:0H]
root 7 0.0 0.0 0 0 ? S< 2013 0:00 \_ [kworker/u:0H]
root 8 0.0 0.0 0 0 ? S 2013 0:02 \_ [migration/0]
root 9 0.0 0.0 0 0 ? S 2013 0:03 \_ [rcu_bh]
root 10 0.0 0.0 0 0 ? S 2013 11:14 \_ [rcu_sched]
root 11 0.0 0.0 0 0 ? S 2013 4:12 \_ [ksoftirqd/1]
root 12 0.0 0.0 0 0 ? S 2013 0:08 \_ [migration/1]
root 14 0.0 0.0 0 0 ? S< 2013 0:00 \_ [kworker/1:0H]
root 15 0.0 0.0 0 0 ? S< 2013 0:00 \_ [khelper]
root 16 0.0 0.0 0 0 ? S 2013 0:02 \_ [kworker/u:1]
root 116 0.0 0.0 0 0 ? S 2013 0:00 \_ [bdi-default]
root 118 0.0 0.0 0 0 ? S< 2013 0:00 \_ [kblockd]
root 226 0.0 0.0 0 0 ? S 2013 0:00 \_ [khubd]
root 346 0.0 0.0 0 0 ? S 2013 1:44 \_ [kswapd0]
root 409 0.0 0.0 0 0 ? S 2013 0:00 \_ [fsnotify_mark]
root 424 0.0 0.0 0 0 ? S< 2013 0:00 \_ [crypto]
root 1023 0.0 0.0 0 0 ? S< 2013 0:00 \_ [edac-poller]
root 1034 0.0 0.0 0 0 ? S< 2013 0:00 \_ [deferwq]
root 1087 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ata_sff]
root 1102 0.0 0.0 0 0 ? S 2013 0:00 \_ [scsi_eh_0]
root 1105 0.0 0.0 0 0 ? S 2013 0:00 \_ [scsi_eh_1]
root 1108 0.0 0.0 0 0 ? S 2013 0:00 \_ [scsi_eh_2]
root 1111 0.0 0.0 0 0 ? S 2013 0:01 \_ [kworker/u:2]
root 1140 0.0 0.0 0 0 ? S 2013 0:00 \_ [scsi_eh_3]
root 1143 0.0 0.0 0 0 ? S 2013 0:00 \_ [scsi_eh_4]
root 1606 0.0 0.0 0 0 ? S< 2013 2:10 \_ [kworker/1:1H]
root 1611 0.0 0.0 0 0 ? S< 2013 2:07 \_ [kworker/0:1H]
root 2242 0.0 0.0 0 0 ? S 2013 0:54 \_ [jbd2/sda6-8]
root 2243 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ext4-dio-unwrit]
root 2249 0.0 0.0 0 0 ? S 2013 1:29 \_ [flush-8:0]
root 2597 0.0 0.0 0 0 ? S 2013 0:00 \_ [jbd2/sda1-8]
root 2598 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ext4-dio-unwrit]
root 2599 0.0 0.0 0 0 ? S 2013 1:12 \_ [jbd2/sda5-8]
root 2600 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ext4-dio-unwrit]
root 2601 0.0 0.0 0 0 ? S 2013 1:11 \_ [jbd2/sda7-8]
root 2602 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ext4-dio-unwrit]
root 2603 0.0 0.0 0 0 ? S 2013 0:01 \_ [jbd2/sda8-8]
root 2604 0.0 0.0 0 0 ? S< 2013 0:00 \_ [ext4-dio-unwrit]
root 3758 0.0 0.0 0 0 ? S< 2013 0:00 \_ [redd]
root 19860 0.0 0.0 0 0 ? S 15:20 0:00 \_ [kworker/0:1]
root 23771 0.2 0.0 0 0 ? S 17:00 0:44 \_ [kworker/0:2]
root 24091 0.2 0.0 0 0 ? S 17:05 0:39 \_ [kworker/1:2]
root 3195 0.0 0.0 0 0 ? S 20:50 0:00 \_ [kworker/1:1]
root 1 0.0 0.0 1916 20 ? Ss 2013 0:24 init [3]
root 2313 0.0 0.0 2500 4 ? S<s 2013 0:00 /sbin/udevd --daemon
root 3596 0.0 0.0 2496 0 ? S< Jan06 0:00 \_ /sbin/udevd --daemon
root 3597 0.0 0.0 2496 0 ? S< Jan06 0:00 \_ /sbin/udevd --daemon
root 2770 0.0 0.0 1908 4 ? Ss 2013 0:00 /sbin/acpid
200 2785 0.0 0.0 2596 4 ? Ss 2013 0:00 /bin/dbus-daemon --system
201 3012 0.0 0.0 6276 560 ? Ss 2013 0:18 /usr/sbin/hald --daemon=yes
root 3013 0.0 0.0 3664 4 ? S 2013 0:00 \_ hald-runner
root 3034 0.0 0.0 5572 0 ? S 2013 0:00 \_ hald-addon-input: Listening on /dev/input/event1 /dev/input
root 3049 0.0 0.0 5584 0 ? S 2013 0:00 \_ /usr/lib/hal/hald-addon-cpufreq
201 3050 0.0 0.0 5300 0 ? S 2013 0:00 \_ hald-addon-acpi: listening on acpid socket /var/run/acpid.s
root 3095 0.0 0.0 6240 116 ? Ss 2013 18:22 /sbin/haveged -w 1024 -v 0
root 3139 0.0 0.2 63100 4184 ? Ss 2013 1:26 confd [master]
root 3140 0.0 0.0 1896 0 ? S 2013 0:00 \_ logger -p daemon.debug -t confd[3139]
root 3552 0.0 0.1 62440 2864 ? S 2013 5:31 \_ confd[listener]
root 932 1.7 0.8 69512 18104 ? S 20:37 1:06 \_ confd [worker:prpc:webadmin]
root 11276 0.0 0.0 2716 928 ? R 21:40 0:00 | \_ ps auxwf
root 9966 1.2 1.6 72716 33084 ? S 21:29 0:08 \_ confd [worker:prpc:webadmin]
root 11256 2.1 0.0 0 0 ? Z 21:40 0:00 \_ [confd.plx] <defunct>
root 3156 0.0 0.0 1896 0 ? Ss 2013 0:00 /usr/local/bin/confd-queuer
root 3170 0.0 0.1 8064 2332 ? Ss 2013 2:28 confd-qrunner.pl
root 3209 0.0 0.1 7804 2644 ? S 2013 19:06 /usr/local/bin/sysmond
root 3296 0.0 0.0 16108 20 ? S 2013 0:00 /var/aua/aua.bin
root 3297 0.0 0.0 1896 0 ? S 2013 0:00 \_ logger -p daemon.debug -t aua[3296]
root 933 0.0 0.0 0 0 ? Z 20:37 0:00 \_ [aua.bin] <defunct>
root 3466 0.0 0.0 14544 32 ? S 2013 0:00 /usr/local/bin/notifier.plx -d
rrdcache 3490 0.0 0.0 118068 240 ? Ssl 2013 12:38 /usr/bin/rrdcached -l unix:/var/run/rrdcached/socket -m 777 -b /var
at 3524 0.0 0.0 2340 12 ? Ss 2013 0:00 /usr/sbin/atd
postgres 3602 0.0 0.0 573632 368 ? S 2013 1:47 /usr/pgsql92/bin/postgres -D /var/storage/pgsql92/data
postgres 3609 0.0 0.7 574000 14344 ? Ss 2013 5:55 \_ postgres: checkpointer process
postgres 3610 0.0 0.0 573892 44 ? Ss 2013 0:26 \_ postgres: writer process
postgres 3611 0.0 0.7 573892 14544 ? Ss 2013 13:48 \_ postgres: wal writer process
postgres 3612 0.0 0.0 574648 964 ? Ss 2013 3:07 \_ postgres: autovacuum launcher process
postgres 3613 0.0 0.0 7936 136 ? Ss 2013 0:11 \_ postgres: archiver process last was 00000001000000060000003F
postgres 3614 0.0 0.0 8216 408 ? Ss 2013 9:18 \_ postgres: stats collector process
postgres 4290 0.0 0.1 576388 2480 ? Ss 2013 3:17 \_ postgres: hotspot hotspot 127.0.0.1(37336) idle
postgres 4467 0.7 1.0 576964 21376 ? Ss 2013 160:19 \_ postgres: reporting reporting [local] idle
postgres 4728 0.0 0.0 576384 636 ? Ss 2013 0:01 \_ postgres: smtp smtp 127.0.0.1(37356) idle
postgres 14671 0.5 1.2 578236 26396 ? Ss 00:00 6:48 \_ postgres: reporting reporting [local] idle
postgres 14672 0.0 0.0 576296 20 ? Ss 00:00 0:00 \_ postgres: reporting reporting [local] idle
postgres 14763 0.0 0.0 576172 8 ? Ss 00:00 0:00 \_ postgres: reporting reporting [local] idle
postgres 991 0.4 0.1 576408 3544 ? Ss 20:38 0:16 \_ postgres: smtp smtp 127.0.0.1(34674) idle
root 3700 0.0 0.0 40420 36 ? S 2013 1:46 /var/mdw/mdw.plx
root 3749 0.0 0.0 1896 0 ? S 2013 0:00 \_ logger -p daemon.debug -t middleware[3700]
root 3738 0.0 0.0 1920 20 ? Ss 2013 0:25 runsvdir -P /etc/service log: .....................................
root 3744 0.0 0.0 1776 16 ? Ss 2013 0:00 \_ runsv selfmonng
root 3745 1.5 0.1 11768 3024 ? S 2013 328:29 \_ /usr/local/bin/selfmonng.plx
root 3751 0.0 0.0 11360 296 ? S 2013 0:10 \_ [timewarp check]
root 3739 0.0 0.0 2420 8 tty1 Ss+ 2013 0:00 /sbin/mingetty --noclear --no-hostname tty1
root 3740 0.0 0.0 2420 8 tty2 Ss+ 2013 0:00 /sbin/mingetty --no-hostname tty2
root 3741 0.0 0.0 2420 8 tty3 Ss+ 2013 0:00 /sbin/mingetty --no-hostname tty3
root 3742 0.0 0.0 2420 8 tty4 Ss+ 2013 0:00 /sbin/mingetty --no-hostname tty4
root 3743 0.0 0.0 2140 8 ttyS0 Ss+ 2013 0:00 /sbin/mingetty ttyS0
root 4193 0.0 0.0 2360 156 ? Ss 2013 0:09 /usr/sbin/cron
root 4205 0.0 0.4 20652 9648 ? Ss 2013 17:19 /usr/sbin/named -4
root 4244 0.0 0.0 5016 4 ? Ss 2013 0:00 /usr/sbin/sshd -f /etc/ssh/sshd_config
root 4253 0.0 0.2 12592 5440 ? Ss 2013 7:08 dns-resolver.plx
root 4270 0.0 0.3 34724 6180 ? Ss 2013 7:27 awed [master]
root 4288 0.0 0.0 9580 368 ? S 2013 0:38 /usr/local/bin/hotspotd
root 4398 0.0 0.0 5116 312 ? Ss 2013 0:15 /usr/sbin/openvpn --config /etc/openvpn/openvpn.conf --writepid /va
root 4404 0.0 0.0 10876 288 ? Ss 2013 1:24 /bin/httpd -f /etc/httpd/httpd.conf
root 4406 0.0 0.0 1896 164 ? S 2013 0:01 \_ /bin/logger -t httpd -p local6.notice
wwwrun 4411 0.0 0.0 10788 136 ? S 2013 0:03 \_ /bin/httpd -f /etc/httpd/httpd.conf
wwwrun 916 2.7 1.3 81580 28160 ? S 20:37 1:43 | \_ /var/webadmin/webadmin.plx
wwwrun 967 2.4 1.6 77456 34548 ? S 20:38 1:32 | \_ /var/webadmin/webadmin.plx
wwwrun 10454 0.0 0.1 11260 2464 ? S 21:35 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf
wwwrun 10486 0.0 0.1 11196 2400 ? S 21:35 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf
root 4461 0.5 0.0 104728 2032 ? S<sl 2013 117:28 /usr/sbin/ulogd -c /etc/ulogd.conf -d
root 4470 0.0 0.0 3796 28 ? S 2013 0:00 supervising syslog-ng
root 4473 0.2 0.1 9540 2832 ? Ss 2013 62:12 \_ /usr/sbin/syslog-ng -f /etc/syslog-ng.conf
root 14632 0.0 0.2 29292 5884 ? S 00:00 0:12 \_ /usr/bin/perl /usr/local/bin/reporter/admin-reporter.pl
root 14649 0.4 0.3 16008 6272 ? S 00:00 5:58 \_ /usr/bin/perl /usr/local/bin/reporter/pfilter-reporter.pl
root 14650 0.0 0.0 37720 72 ? Sl 00:00 0:08 \_ /usr/local/bin/reporter/vpn-reporter.pl
root 14651 0.0 0.2 13456 4428 ? S 00:00 0:06 \_ /usr/bin/perl /usr/local/bin/reporter/mailsec-reporter.pl
root 14652 0.0 0.1 13672 3428 ? S 00:00 0:05 \_ /usr/bin/perl /usr/local/bin/reporter/ips-reporter.pl
root 14653 0.2 0.0 59544 1736 ? Sl 00:00 3:10 \_ /usr/local/bin/reporter/websec-reporter.pl
root 14654 0.0 0.0 58016 40 ? Sl 00:00 0:04 \_ /usr/local/bin/reporter/websec-reporter.pl -e
root 14655 0.0 0.2 14056 4628 ? S 00:00 0:07 \_ /usr/bin/perl /usr/local/bin/reporter/waf-reporter.pl
root 4654 0.3 0.1 66608 2936 ? Ss 2013 74:12 smtpd [master]
root 4679 0.0 0.0 39064 1136 ? S 2013 5:07 \_ smtpd [queue manager]
smtp 4732 0.0 0.0 9100 4 ? S 2013 0:06 \_ /bin/exim -DINPUT -bdf
root 4733 0.0 0.0 5300 4 ? S 2013 0:00 \_ /bin/spx-auth
afcd 5168 0.4 0.4 35352 9208 ? S<sl 2013 87:47 /usr/sbin/afcd
root 5382 0.0 0.0 6204 204 ? Ss 2013 0:10 /usr/libexec/postfix/master -w
postfix 6855 0.0 0.0 6428 72 ? S 2013 0:05 \_ qmgr -l -t unix -u -c
postfix 10332 0.0 0.0 6264 564 ? S 21:32 0:00 \_ pickup -l -t unix -u -c
810 5385 3.3 3.2 448100 67260 ? Ssl 2013 718:33 /var/chroot-http/usr/bin/httpproxy -f -c /var/chroot-http -u httppr
root 5609 0.0 0.0 5932 24 ? Ssl 2013 0:34 /usr/local/bin/service_monitor
root 5623 0.0 0.0 4172 16 ? Ss 2013 0:01 /usr/local/bin/argos
root 6044 0.0 0.0 5020 436 ? Ss 2013 9:11 /usr/sbin/irqd
root 6210 0.0 0.0 2260 36 ? S 2013 9:32 /usr/sbin/openl2tpd
root 6251 0.0 0.0 2360 0 ? Ss 2013 0:00 /usr/libexec/ipsec/starter
root 6259 0.0 0.0 8768 20 ? Ss 2013 0:00 \_ /usr/libexec/ipsec/pluto --nofork --debug-none --nocrsend --nat
root 6525 0.0 0.0 1876 0 ? S 2013 0:00 \_ _pluto_adns
root 18139 0.0 0.0 5616 1480 ? Ss Jan06 0:19 /usr/sbin/dhcpd -cf /etc/dhcpd.conf eth0.132 eth0.135 eth2 eth0.115
root 24527 0.0 0.0 3216 424 ? Ss Jan06 0:27 /sbin/ntpd↧
DNS-Host-Definition von mobilen Geräten (dynamische IP)
Hi,
ich habe in meinem internen Netz vielen Geräten eine feste IP vergeben. Diese Geräte habe ich in der UTM als DNS-Host definiert. In der Netzwerkdefinition kann ich dann ja einen Namen mit einer IP verknüpfen.
Es befinden sich im WLAN aber auch mobile Geräte, die immer mal wieder per DHCP eine andere interne IP zugewiesen bekommen. Gibt es eine Möglichkeit, diesen Geräten auch per Netztwerkdefinition als Host zu definieren (über die MAC-Adresse o.ä.)?
Gruß
Christoph
ich habe in meinem internen Netz vielen Geräten eine feste IP vergeben. Diese Geräte habe ich in der UTM als DNS-Host definiert. In der Netzwerkdefinition kann ich dann ja einen Namen mit einer IP verknüpfen.
Es befinden sich im WLAN aber auch mobile Geräte, die immer mal wieder per DHCP eine andere interne IP zugewiesen bekommen. Gibt es eine Möglichkeit, diesen Geräten auch per Netztwerkdefinition als Host zu definieren (über die MAC-Adresse o.ä.)?
Gruß
Christoph
↧
↧
Scanning Exclusions (Processes) - How to verify
Hi,
I have added 42 process exclusions to the registry of my mail server. Path = HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic es\SAVOnAccess
How can I demonstrate that these exclusions are effective? I have checked the machine.xml config and all that is showing up in there are the File/Folder exclusions and extensions that I have defined in the SEP console.
Help will be much appreciated. Thank you.
I have added 42 process exclusions to the registry of my mail server. Path = HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic es\SAVOnAccess
How can I demonstrate that these exclusions are effective? I have checked the machine.xml config and all that is showing up in there are the File/Folder exclusions and extensions that I have defined in the SEP console.
Help will be much appreciated. Thank you.
↧
[9.191-2] difficulty applying license after expiration
Hi, the trial license on my beta system expired, so I uploaded my Home User license when prompted...
1. A bunch of warnings appeared on screen about SPX customization not being allowed with the home license
I hit 'ok' or apply again...
2. nothing appeared to happen, so I hit 'apply' again
3. nothing appeared to happen; gave it over 1 min, then reloaded the page in the browser, and logged in again and it was OK.
Shouldn't the page auto-refresh or redirect after the license is applied?
Thanks,
Barry
1. A bunch of warnings appeared on screen about SPX customization not being allowed with the home license
I hit 'ok' or apply again...
2. nothing appeared to happen, so I hit 'apply' again
3. nothing appeared to happen; gave it over 1 min, then reloaded the page in the browser, and logged in again and it was OK.
Shouldn't the page auto-refresh or redirect after the license is applied?
Thanks,
Barry
↧
Proper / Best practice for a NAT
New to UTM and have 9.107 running
We're only licensed for Network Protection
I need to create some NATS
What is the best way/ preferred way
I don't want to use auto firewall as I cant seem to see the hidden Firewall filters. (debugging etc)
An example is:
The resource in question is a web server on the inside that needs ports 80,443,8443 from the internet.
Network Protection:
Full NAT:
Traffic From: Any
using service: HTTP (won't let any be used)
going to: Named defined ext host
Action:
Change destination to: Named defined int host
service to: Http
Change source to: Named defined ext host
service: Http
Network Firewall:
Source: Any
Service (Grouped Named Defined Service (80,443,8443))
Destination: Named Defined Internal Host
Or what is a better
We're only licensed for Network Protection
I need to create some NATS
What is the best way/ preferred way
I don't want to use auto firewall as I cant seem to see the hidden Firewall filters. (debugging etc)
An example is:
The resource in question is a web server on the inside that needs ports 80,443,8443 from the internet.
Network Protection:
Full NAT:
Traffic From: Any
using service: HTTP (won't let any be used)
going to: Named defined ext host
Action:
Change destination to: Named defined int host
service to: Http
Change source to: Named defined ext host
service: Http
Network Firewall:
Source: Any
Service (Grouped Named Defined Service (80,443,8443))
Destination: Named Defined Internal Host
Or what is a better
↧