Community Forum

georger
georger
Offline
Resolved
0 votes
Hi,
I just installed 6.2b3 (Community) on a VM and couldn't get past the post-install configuration wizard - I'm behind a non-transparent proxy server. Could this be because COS 6.2 *requires* an Internet connection?

With 5.2SP1, I can configure a working Samba domain in under 30 minutes, complete with CUPS and DHCP. It's completely self-contained. This is a feature in LANs that are isolated by design such as mine.

Unfortunately, changing the proxy configuration is not an option. I could try and hack as discussed in another thread, but even the most polished hack is still a hack, not a real solution.

It's in the wishlist, by the way.

Also, when I have a single NIC configured with a static IP address, why can't I set the default gateway?

Regards,

Georger
Thursday, March 01 2012, 01:19 AM
Share this post:
Responses (15)
  • Accepted Answer

    georger
    georger
    Offline
    Wednesday, March 14 2012, 05:27 PM - #Permalink
    Resolved
    0 votes
    Hi Peter,
    Peter Baldwin wrote:
    Thanks! I changed the default object size to 500 MB, that's sane given today's gear (even SSDs). As for the refresh patterns, it's a bit late in the beta to make that change. I have added the issue in the tracker:

    http://tracker.clearfoundation.com/view.php?id=485

    It's one of those things that's easy to implement (coding-wise), so it's really just a matter of making sure it works. This should probably be an option in the GUI (on/off) which gets tuned as Microsoft and others make changes. In other words, squid.conf will look like:

    # ClearOS updates tuning start
    refresh_pattern...
    # ClearOS updates tuning end

    For the 99% who don't touch squid.conf, that block of configuration might change on an upgrade (e.g. Windows 8 additions). For the 1%, there's always the option to disable the automagic.

    Nice! I'd just like to point out that the Squid wiki [1] advises that not only maximum_object_size should be changed, but also range_offset_limit and quick_abort_min as well.

    [1] Squid wiki

    Regards,

    Georger
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, March 14 2012, 04:32 PM - #Permalink
    Resolved
    0 votes
    Thanks! I changed the default object size to 500 MB, that's sane given today's gear (even SSDs). As for the refresh patterns, it's a bit late in the beta to make that change. I have added the issue in the tracker:

    http://tracker.clearfoundation.com/view.php?id=485

    It's one of those things that's easy to implement (coding-wise), so it's really just a matter of making sure it works. This should probably be an option in the GUI (on/off) which gets tuned as Microsoft and others make changes. In other words, squid.conf will look like:

    # ClearOS updates tuning start
    refresh_pattern...
    # ClearOS updates tuning end

    For the 99% who don't touch squid.conf, that block of configuration might change on an upgrade (e.g. Windows 8 additions). For the 1%, there's always the option to disable the automagic.
    The reply is currently minimized Show
  • Accepted Answer

    georger
    georger
    Offline
    Tuesday, March 13 2012, 01:43 AM - #Permalink
    Resolved
    0 votes
    Hi Peter,

    Peter Baldwin wrote:
    Hi georger,

    There are five types of groups in ClearOS:

    1) Built-in groups - there's just one right now: "allusers"
    2) User-defined groups
    3) Windows groups
    4) App groups (e.g. pptpd_plugin is a group that holds all the users permitted to use the PPTP server)
    5) System groups (stuff /etc/groups)

    Right now, only the first two types are shown in Flexshare, but all five types could be shown instead (well, I'm not 100% sure about system groups, but certainly the first four). Perhaps we should make this a tunable option?

    I have a use case where I create a Samba (flex)share that is owned by the Domain Admins group with RW permissions. If the Domain Admins group isn't available, I can't pull it off, at least not as easily as I can do in 5.2 SP1.
    I create the (flex)share, say appsrw, and then I add (hack) an include to /etc/samba/hack.conf in /etc/samba/smb.conf which defines a new appsro share. /etc/samba/hack.conf looks like this:

    [appsro]
    path = /var/flexshare/shares/appsrw
    comment = Apps - read only
    browseable = Yes
    guest ok = No
    directory mask = 775
    create mask = 664
    valid users = @"%D\domain_users", @"%D\domain_admins"
    veto files = /.flexshare*/

    This way, I can have a (flex)share which is RO for regular users, and RW for admin users (namely winadmin) - useful when I have to deploy a new version of a C/S app.
    Some Windows Update tweaks were added to squid.conf, but it looks like more could be done. Is it working for you?

    I just reviewed /etc/squid/squid.conf in 6.2b3 and I believe it is fine (I'm not running it in production, just on a VM at home), but the way it's configured now it just means that all clients have access to Windows Update and some (not all) of the files downloaded from WU will be cached - my config goes further.

    First, maximum_object_size at just 10 MB means Squid won't cache large update files, like .NET updates. I crank it all the way up to 500 MB so that Windows and Office updates, including Service Packs, will be cached.

    Second, the custom refresh_pattern (see here and here) lines tell Squid to keep Windows Update files for longer, so that they will always (mostly) be prompty available. When installing a new Windows machine, or simply updating one that was just (re)deployed, this makes a big difference, chiefly when the WAN link is slow. Antivirus updates also benefit from this - Symantec update files are HUGE. Same goes for files from other vendors.

    Keep the great work! Regards,

    Georger
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, March 08 2012, 12:39 AM - #Permalink
    Resolved
    0 votes
    Just an update. We updated the ISOs, so you should no longer see the "single NIC" issue.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, March 06 2012, 02:19 AM - #Permalink
    Resolved
    0 votes
    Well that's an ugly GUI bug. We'll see what we can do.
    The reply is currently minimized Show
  • Accepted Answer

    georger
    georger
    Offline
    Tuesday, March 06 2012, 12:10 AM - #Permalink
    Resolved
    0 votes
    Brian wrote:
    Came across this as well. I was in a vm so I just added 2nd NIC, which let me choose Role on original one, then removed 2nd NIC. Stays as external after that. Didn't have to assign role to 2nd nic at all. It's presence lets you change roles.

    On actual hardware this could be cumbersome or unfeasible.

    Regards,

    Georger
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Monday, March 05 2012, 07:30 PM - #Permalink
    Resolved
    0 votes
    Came across this as well. I was in a vm so I just added 2nd NIC, which let me choose Role on original one, then removed 2nd NIC. Stays as external after that. Didn't have to assign role to 2nd nic at all. It's presence lets you change roles.
    The reply is currently minimized Show
  • Accepted Answer

    DavidAdams
    DavidAdams
    Offline
    Monday, March 05 2012, 01:46 PM - #Permalink
    Resolved
    0 votes
    georger wrote:
    Peter Baldwin wrote:
    You need to specify your single NIC as an "External" role (as opposed to a "LAN"). That has always been a bit confusing in ClearOS. There used to be a big warning when this "single NIC / no external" configuration was detected -- I'll make sure that warning is shown in version 6 too!

    Hi Peter,
    I just installed 6.2b3 again on a VM with a single NIC. When adding/editing the NIC, it appears that the Role parameter can't be changed - its value is "LAN", and I can't change it (it is displayed as a text label rather than a combo box).

    Regards,

    Georger


    Same issue here which means I am unable to test it as a standalone web proxy. Also there is no where in the config to specify a default gateway.
    The reply is currently minimized Show
  • Accepted Answer

    georger
    georger
    Offline
    Friday, March 02 2012, 02:55 AM - #Permalink
    Resolved
    0 votes
    Peter Baldwin wrote:
    You need to specify your single NIC as an "External" role (as opposed to a "LAN"). That has always been a bit confusing in ClearOS. There used to be a big warning when this "single NIC / no external" configuration was detected -- I'll make sure that warning is shown in version 6 too!

    Hi Peter,
    I just installed 6.2b3 again on a VM with a single NIC. When adding/editing the NIC, it appears that the Role parameter can't be changed - its value is "LAN", and I can't change it (it is displayed as a text label rather than a combo box).

    Regards,

    Georger
    The reply is currently minimized Show
  • Accepted Answer

    georger
    georger
    Offline
    Thursday, March 01 2012, 11:31 PM - #Permalink
    Resolved
    0 votes
    Hi Peter,
    Great! I'm looking forward to seeing this happen!

    By the way, I've sent an email a few days ago offering to help on the pt_BR translation.

    Regards,

    Georger
    The reply is currently minimized Show
Your Reply