Search found 471 matches

by H&M
December 3rd, 2019, 7:37 pm
Forum: IPFire in General
Topic: Odd NTP Offset Issues
Replies: 8
Views: 1354

Re: Odd NTP Offset Issues

Alas,
the registration process on new community portal fails for me: I constantly get the message I am a Spamer...

Filled a bug for that...
by H&M
December 3rd, 2019, 6:28 am
Forum: IPFire in General
Topic: Odd NTP Offset Issues
Replies: 8
Views: 1354

Re: Odd NTP Offset Issues

Hello, I have replicated the setup in this topic (edit ntp.conf) but I get a bunch of errors: Dec 3 08:24:09 silver-x86-64 ntpd[19685]: ntpd 4.2.8p13@1.3847-o Thu May 2 20:06:35 UTC 2019 (1): Starting Dec 3 08:24:09 silver-x86-64 ntpd[19685]: Command line: /usr/bin/ntpd -Ap /var/run/ntpd.pid Dec 3 0...
by H&M
November 23rd, 2019, 4:06 pm
Forum: IPFire in General
Topic: wifi ac slow
Replies: 13
Views: 2284

Re: wifi ac slow

Sorry to reuse this topic, But after Core 138 upgrade my AP speed dropped to 20-30 Mbit/s from 200! (I have a SAN in the network with SSD architecture in it and Gibagit connectivity). I spot a few errors from ath10k -> is something new in kernel or ath10k driver between core 136 and 138 ? (I've upgr...
by H&M
November 23rd, 2019, 4:03 pm
Forum: IPFire in General
Topic: wifi ac slow
Replies: 13
Views: 2284

Re: wifi ac slow

duplicated post from me - sorry
by H&M
October 11th, 2019, 8:39 pm
Forum: IPFire in General
Topic: Core 136 - missing files on source update servers?
Replies: 0
Views: 1352

Core 136 - missing files on source update servers?

Hello, [SOLVED] after many attempts files were retrieved from these servers DOWNLOAD INFO: Host: ipfire.earl-net.com (HTTPS) - File: pakfire2/2.23-x86_64/paks/perl-inotify2-1.22-2.ipfire DOWNLOAD INFO: Host: muug.ca (HTTPS) - File: mirror/ipfire/pakfire2/2.23-x86_64/paks/perl-Net-IP-1.26-2.ipfire Or...
by H&M
August 19th, 2019, 7:41 pm
Forum: IPFire in General
Topic: Extra Green Interface
Replies: 1
Views: 366

Re: Extra Green Interface

Hello, One possible solution is here: https://forum.ipfire.org/viewtopic.php?f=27&t=11860&p=89921&hilit=brctl#p76787 Look in the forum for "brctl" word - this is used to create a Layer 2 switch which is what you are searching for. I also believe that an Wiki article exist on this network bridging to...
by H&M
August 14th, 2019, 9:27 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

In this case, no more Let's Encrypt for me - I am running (literally) full GeoIP block: all countries are blocked for Input Trafic and this is *standard* for me. I do understand Let's Encrypt concern but that makes it unusable for me ... Same for exit traffic: less than 10 countries allowed, the res...
by H&M
August 14th, 2019, 8:00 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

No problem with that: I've found a way to get all source IP addresses I need: apparently Let's Encrypt uses only Amazon EC2 servers. Amazon EC2 has posted their addresses in a json that can be parsed with below command: amazon=`curl -k https://ip-ranges.amazonaws.com/ip-ranges.json 2>/dev/null |grep...
by H&M
August 14th, 2019, 7:42 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

[SOLVED with Let's Encrypt Certificate] Cannot connect to ipfire web interface

Certbot: Running http.server daemon: python3 -m http.server 80 Serving HTTP on 0.0.0.0 port 80 (http://0.0.0.0:80/) ... 18.197.227.110 - - [14/Aug/2019 22:22:35] "GET /.well-known/acme-challenge/uxbXUiiqGLya2nrlFlyNh5_99E8fArToQjRDMR69JXk HTTP/1.1" 200 - 66.133.109.36 - - [14/Aug/2019 22:22:36] "GE...
by H&M
August 14th, 2019, 6:08 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

dehydrated is a dead end: pakfire brings version 0.6.2 which generates an error when trying to verify the cert with Let's Encrypt server I've manually got from GIT the version 0.6.5 just to discover that it does not respect the config: it cleans the verification token and also generates (always!) a ...
by H&M
August 14th, 2019, 3:31 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

It may be a way to create an approved (not self-signed) certificate, it's a very complicated way to address the problem and mostly overkill. Also, when I was posting this I failed to notice that ipfire includes dehydrated, a letsencrypt client, and that should be the preferred way to address this p...
by H&M
August 8th, 2019, 7:47 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 54
Views: 7138

Re: Intrusion Prevention System - core 131

If you've got a spare virtual machine, docker container or Raspberry Pi could you please do me a favour? Please try the " pi-hole " software as your primary DNS server for a while and see if you notice any difference. It's really easy to use and the default blocklists are more effective at blocking...
by H&M
August 4th, 2019, 10:19 am
Forum: IPFire in General
Topic: [SOLVED]GeoIP pinhole - allow some IP addresses from a GeoIP blocked country
Replies: 2
Views: 420

[SOLVED]GeoIP pinhole - allow some IP addresses from a GeoIP blocked country

Hello, [SOLVED] Details: 1. I found a way to get from ARIN RDAP *all* CIDR used by Mircorosft, put them in one string, coma separated value msft=`curl -k https://rdap.arin.net/registry/entity/MSFT 2>/dev/null |grep v4prefix -A1 |tr -d '",: \n-' |sed -e 's/v4prefix/,/g' |sed -e 's/length/\//g' |sed -...
by H&M
August 4th, 2019, 10:03 am
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

>>I NAT-ed port 80 from red0 to green0 port 81 I think that you should rather investigate the use of the --standalone certbot flag. With this option, certbot fires up a temporary web server (in fact that's the web server integrated with the python interpreter) only for the time necessary to serve t...
by H&M
July 29th, 2019, 5:23 pm
Forum: IPFire in General
Topic: Cannot connect to ipfire web interface
Replies: 28
Views: 3023

Re: Cannot connect to ipfire web interface

Hi, I had same problem so i wrote a custom apache init script that creates a local ROOT CA and an Intermediary CA. Then I imported these CAs (the trust chain) in my machine. Custom apache init script: https://forum.ipfire.org/viewtopic.php?f=27&t=19814&hilit=apache&start=15#p112742 How to create ope...