Community Forum

Share this post:
Responses (10)
  • Accepted Answer

    Thursday, June 21 2018, 02:36 PM - #Permalink
    Resolved
    0 votes
    Another kernel panic on boot in my VM which I was unable to capture. :(
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Tuesday, June 12 2018, 05:50 PM - #Permalink
    Resolved
    0 votes
    Tony Ellis wrote:

    ... snip ...

    Jun 10 16:56:51 alex firewall: Error: /usr/clearos/apps/firewall/deploy/libmultipath.lua:56: bad argument #3 to 'format' (string expected, got nil)


    Many thanks Tony. We're on it.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, June 12 2018, 02:34 PM - #Permalink
    Resolved
    0 votes
    I'm getting two firewall start failures, one for docker and one for wpad. The log from "firewall-start -d":
    firewall: Execution time: 0.369s
    firewall: Running post-firewall: 110740
    firewall: Running /etc/clearos/firewall.d/custom
    firewall: Running /etc/clearos/firewall.d/local
    firewall: Running /etc/clearos/firewall.d/10-docker
    Device "docker0" does not exist.
    iptables v1.4.21: host/network `!' not found
    Try `iptables -h' or 'iptables --help' for more information.
    firewall: Running /etc/clearos/firewall.d/10-snortsam
    firewall: Running /etc/clearos/firewall.d/10-wpad
    iptables v1.4.21: host/network `. . ' not found
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.4.21: host/network `. . ' not found
    Try `iptables -h' or 'iptables --help' for more information.
    firewall: Running /etc/clearos/firewall.d/90-attack-detector


    Docker was not running. If I start docker the docker error goes.

    There is not an option to start wpad. Looking at /etc/clearos/firewall.d/10-wpad, it looks like $exempt_ip is returning a blank and even if it returned something, the parameter after -s would be meaningless, because " . $exempt_ip . " needs to evaluate to an IP, subnet or resolvable FQDN.

    Also this morning I had a kernel panic and halt during the booting of a VM. I tried and failed to get a screenshot and the logs failed to show anything.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, June 12 2018, 12:36 AM - #Permalink
    Resolved
    0 votes
    Peter - email sent - most interesting was this... repeated over and over again...

    Jun 10 16:56:51 alex firewall: Synchronizing multipath routing tables...
    Jun 10 16:56:51 alex firewall: Loading environment
    Jun 10 16:56:51 alex firewall: Detected WAN role for interface: enp0s9f0
    Jun 10 16:56:51 alex firewall: Detected WAN role for interface: enp0s9f1
    Jun 10 16:56:51 alex firewall: Detected WAN backup role for interface: enp0s9f0
    Jun 10 16:56:51 alex firewall: Detected WAN backup role for interface: enp0s9f1
    Jun 10 16:56:51 alex firewall: Detected LAN role for interface: enp0s10
    Jun 10 16:56:51 alex firewall: Error: /usr/clearos/apps/firewall/deploy/libmultipath.lua:56: bad argument #3 to 'format' (string expected, got nil)
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Monday, June 11 2018, 01:42 PM - #Permalink
    Resolved
    0 votes
    Tony Ellis wrote:

    ...
    After re-booting after the upgrade the firewall immediately went into panic mode and refused any attempts to rectify...


    Do you happen to have the screen or log output from the firewall panic? If so, please forward it to developer@clearfoundation.com.

    Thanks.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 10 2018, 09:42 PM - #Permalink
    Resolved
    0 votes
    So far a upgrade on a simple inside/outside routed system - everything seems ok. Glad to be on the 3.10.0-862.x.x (3.10.0-862.3.2.v7) kernel series.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 10 2018, 09:42 AM - #Permalink
    Resolved
    0 votes
    Thanks Nick - you will see my box is running at 100% CPU :D

    Asked about testing as was wondering if this MultiWan issue was a known problem, and hence would not waste any more time on it...

    ClearOS used to provide details with a Beta release - and list known problems... However, a check of https://www.clearos.com/clearfoundation/development/clearos/announcements:releases:start shows the information there is woefully out-of-date - nobody at ClearOS can be bothered with updating it? :(
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 10 2018, 08:52 AM - #Permalink
    Resolved
    0 votes
    Hi Tony, That is not so good! I released the announcement on behalf of the devs and I don't know what testing they've done. On my side I've upgraded two play VM's and a test box, but I don't have your facilities. I only have a single external connection and can't easily stress my test box. The VM's are irrelevant as I have them with NAT's NIC's to my desktop on 127.0.0.1 and funny ports. I've had one boot failure on a VM and had to reset it.

    I'll mention your issue to the devs, but I hope they are following the thread anyway.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 10 2018, 08:17 AM - #Permalink
    Resolved
    0 votes
    Nick a result for you - just updated a test server to ClearOS 7.5

    Install 2 Packages (+27 Dependent packages)
    Upgrade 419 Packages
    Remove 2 Packages
    Total download size: 673 M

    One major problem - multiwan
    This machine through 6.x and 7.x (up-to 7.4) has run successfully with two external interfaces
    1) cable modem - static 2) ADSLl2+ modem dynamic
    After re-booting after the upgrade the firewall immediately went into panic mode and refused any attempts to rectify...
    As a test removed using webconfig the interface to the ADSL modem - no firewall panic
    Re-added the ADSL interface using a static address - no firewall panic
    Changed ADSL interface back to dynamic - immediate panic...
    Nothing to do with kmod drivers as both these external interfaces are Intel e1000...
    Have resorted to static at the moment so the machine can do a 'soak' test..

    Not good - was this configuration tested? - and don't have any more time to chase this at the moment... :(

    On the kmod front - this machine used the kmod-r8169 and kmod-via-rhine drivers on 7.4
    The kmod-r8169 updated OK with the upgrade and used the kmod-via-rhine 7.5 driver from your site Nick - saved me time to compile - thanks
    Both interfaces came up OK after the re-boot with the new kmod drivers...
    Also a nice surprise - re-booted back to the previous 7.4 kernel - and both older kmod drivers were still on the system and the interfaces all cam up OK - so no "burnt bridges" :D

    Note that this system, like all mine, is not 'typical' ClearOS installations
    1. No flexshares or ftp
    2. No dnsmasq - use bind and the dhcpd from ISC
    3. Samba is not configured the "ClearOS way'
    4. No paid apps
    5. Several hundred rpms over and above the base ClearOS install
    6. Monitoring tools are mostly 'home-grown'
    7. Extensive changes made to numerous configuration files
    8. Use home-grown attack-detector - the ClearOS one is too resource heavy for my systems

    Will re-append with any additional information as a result of prolonged testing over the next day or two...

    Edit: This machine can be seen at this url - http://www.sraellis.tk/frame.php?number=28&monitor=alex_sysconfig
    The reply is currently minimized Show
  • Accepted Answer

    Mansoor
    Mansoor
    Offline
    Sunday, June 10 2018, 02:42 AM - #Permalink
    Resolved
    0 votes
    Great news Nick.

    [EDIT: the yum issue has been solved and I'm upgrading now.]

    EDIT 2: this beta version has been working as a gateway for my home's network for 24 hours. I have no issues and everything seems to be working well so far.
    The reply is currently minimized Show
Your Reply