Search found 4697 matches

by ummeegge
Today, 5:59 pm
Forum: Addons
Topic: sslh version 1.8+
Replies: 43
Views: 3734

Re: sslh version 1.8+

Hi all, just to take now one step further and get a good plan for a merge request. I would leave the initscript pretty much the same as it was before so i would leave the transparent option completely out an bring all back to 127.0.0.1 are you guys ready for a nice wiki where we can extend the knowl...
by ummeegge
Today, 5:53 pm
Forum: VPN
Topic: Update 123 OpenVPN Host Zertifikat RFC3280 nicht Regelkonform
Replies: 54
Views: 7240

Re: Update 123 OpenVPN Host Zertifikat RFC3280 nicht Regelkonform

Grüss Gott, ich schätze mal das ist dann ein "Script timed out before returning headers" Problem, manch Boards haben da ein Problem mit Entropie ?! Probier doch mal den Patch: --- /srv/web/ipfire/cgi-bin/ovpnmain_core131.cgi 2019-04-21 19:30:08.089428603 +0200 +++ /srv/web/ipfire/cgi-bin/ovpnmain.cg...
by ummeegge
Yesterday, 10:40 am
Forum: Addons
Topic: nginx (statt Pound) als Reverse-Proxy gelöst ;-)
Replies: 5
Views: 142

Re: nginx (statt Pound) als Reverse-Proxy gelöst ;-)

Hallo zusammen, wollte das ein oder andere zum Wohle der Allgemeinheit und potentiellen zukünftigen Lesern auch noch ergänzen bzw. geraderücken. Es waren genug Fragen im Forum zu dem Thema, die auch ( aus welchem Grund denn wohl ?? ) nicht weiter kamen, Es gab zu diesem Thema u.a. folgende Beiträge ...
by ummeegge
Yesterday, 10:22 am
Forum: Generelle Fragen
Topic: DNS server 81.3.27.54 - Lightningwire Labs - Außer Betrieb
Replies: 6
Views: 128

Re: DNS server 81.3.27.54 - Lightningwire Labs - Außer Betrieb

DNS-over-TLS via LWL geht auch ohne Probleme (Tests laufen seit ~2 1/2 Monaten): ;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), server(81.3.27.54), port(853), protocol(TCP) ;; DEBUG: TLS, imported 135 certificates from '/etc/ssl/certs/ca-bundle.crt' ;; DEBUG: TLS, received certifica...
by ummeegge
April 19th, 2019, 6:57 pm
Forum: IPFire in General
Topic: OpenVPN n2n / site 2 site feature broken
Replies: 7
Views: 233

Re: OpenVPN n2n / site 2 site feature broken

Hi schories, tls-auth is not available via WUI for N2N this is only a WUI feature for for RoadwarriorI. Your logs are mixed a little with Roadwarrior (openvpnserver) entries and N2N Logs so a potential interesting part can not be seen. Can you use a tail -f /var/log/messages | grep n2n for the conne...
by ummeegge
April 19th, 2019, 7:49 am
Forum: Development
Topic: unbound - DoT
Replies: 35
Views: 4000

Re: unbound - DoT

Hi all,
update for Core 131 is meanwhile up. Changes from en.pl and unbound initscript are integrated. Update as always via in- uninstaller --> viewtopic.php?f=50&t=21954#p120691 .

Best,

UE
by ummeegge
April 19th, 2019, 7:47 am
Forum: VPN
Topic: Ovpn TLS Handshake failed
Replies: 33
Views: 655

Re: Ovpn TLS Handshake failed

Hallo zusammen,
hab gerade nochmal Core 130 in eine VM gepackt und der openvpn-crl-updater ist vorhanden. Ich kann derzeit leider nichts reproduzieren um schlussendlich einen Patch für die Probleme in diesem Topic zu befördern...

Grüsse,

UE
by ummeegge
April 16th, 2019, 7:37 pm
Forum: VPN
Topic: Ovpn TLS Handshake failed
Replies: 33
Views: 655

Re: Ovpn TLS Handshake failed

Verstehe das statemtment mit dem Glück noch nicht so ganz... Hab alleine in diesem Thread ~ 4x neu Zertifikate (ROOT + HOST + Clients) erstellt was doch recht gut ging, im Forum hab ich da gerade auch nichts passendes auf lager was eure Probleme wiederspiegelt <-- einen potentiellen zu fixenden Bug ...
by ummeegge
April 15th, 2019, 8:03 pm
Forum: VPN
Topic: Ovpn TLS Handshake failed
Replies: 33
Views: 655

Re: Ovpn TLS Handshake failed

Komisch das es läuft :D ? Mmhh komisch das es nicht gelaufen ist...

UE
by ummeegge
April 15th, 2019, 2:09 pm
Forum: IPFire in General
Topic: Is it possible to disable DNSSEC?
Replies: 45
Views: 5264

Re: Is it possible to disable DNSSEC?

Hi all, sorry no usable help for your specific problems but am currently a little speechless cause of the always again occurring (probably ISP related?!) problems with DNSSEC. In here --> https://forum.ipfire.org/viewtopic.php?f=50&t=21954 we wanted to step one step further (which includes DNSSEC al...
by ummeegge
April 15th, 2019, 2:00 pm
Forum: Addons
Topic: sslh version 1.8+
Replies: 43
Views: 3734

Re: sslh version 1.8+

Hi digger, 1002 not 1007 Does this matter? No. I'm sure, it's a problem of the firewall. Can't open the port for connect. Am not sure with this, am missing a little the jump into the SSLH chain but am also currently not into that specific. May cmisch do have some usable debugging ideas related to th...
by ummeegge
April 15th, 2019, 1:55 pm
Forum: VPN
Topic: Ovpn TLS Handshake failed
Replies: 33
Views: 655

Re: Ovpn TLS Handshake failed

Moin moin, Ich habe mich dazu entschieden, die Konfig komplett neu zu machen. Aber jetzt: der Button "lösche X509" ist ausgegraut und nicht nutzbar. Ist da doch mehr im argen? du musst den Server vorher stoppen. Speicher dann bei der Gelegenheit auch mal die "Erweiterten Optionen" ab (einfach nur 'S...
by ummeegge
April 13th, 2019, 8:02 pm
Forum: Addons
Topic: sslh version 1.8+
Replies: 43
Views: 3734

Re: sslh version 1.8+

Hi all, @ummeegge about using ssh directly at port 443 thought you are using it because of your provided initscript with the included option --ssh 127.0.0.1:222 which accepts ssh and forward it to local ssh on port 222 tried to get close to the old configuration with this --> https://git.ipfire.org/...
by ummeegge
April 13th, 2019, 5:15 pm
Forum: Addons
Topic: sslh version 1.8+
Replies: 43
Views: 3734

Re: sslh version 1.8+

Hi digger, please check also that you restart sslh manually /etc/init.d/sslh restart since the update.sh provides an command for restart which is used by pakfire. You can also add a '-v' in the configure options so you get a little more verbose output. /var/log/messages should also display some more...
by ummeegge
April 13th, 2019, 5:06 pm
Forum: IPFire in General
Topic: OpenVPN audit connect disconnect
Replies: 3
Views: 187

Re: OpenVPN audit connect disconnect

Hi, your welcome. it keeps recording the "SENT CONTROL" every two minutes... sound is like a strange behavior. I'm looking for a way to record(asctual in the end, email) when a user connects and when that same user disconnects. The up and down scripts can perform this also via e.g. sendEmail, which ...