Profile Details

Toggle Sidebar
Loading cover... Drag cover to reposition
Recent updates
  • Patrick de Brabander

    Nick Howitt wrote:

    I suspect we have the same source for out openvpn filters, but I've tweaked mine differently,



    Indeed. The source is the same ;)
    Thanks for sharing your tweaks.

    Do you more filters which you can share ?
    I Saw in the screenshot for example Apache and postfix filters :)
    Is there a filter for the ClearOS Webconfig?

  • Patrick de Brabander

    Hi Nick,

    I see some interesting F2B configs.
    Are you willing to share those files/setups?

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Fail2ban development

    Nick Howitt wrote:

    RFC's say that any sending MTA must have a valid PTR record **but** there is no requirement for the PTR record to resolve back to the sending IP. In this case there is a PTR record pointing to loj2.1915.life, but there is no DNS record for loj2.1915.life. It looks like postfix is correctly rejecting the mail. Enabling the jail should pick up the bad messages. Setting maxretry is just a bit more aggressive, but will probably be OK. There is a risk, however. 5xx failure codes are temporary DNS failure codes and there are some of them in the filter. There is a risk you could block valid e-mails which fail because of a temporary DNS issue.

    Hi Nick,

    Thanks for your reply.
    Good to hear that Postfix is correclty rejecting these kind of mail.
    I've tried this setup and see fail2ban is picking up the config:

    FAIL2BAN.LOG


    MAIL.LOG


    i'll try this for the next few days and check the log frequently

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Fail2ban development

    Hi

    I know this is an old thread, but i think my question is related to the content.

    I see in my mail.log time to time a lot of these messages.


    Not sure if this is something to worry about, but i'm trying to get the server better secured.

    I've installed fail2ban, but i don't see this IP being blocked, maybe because fail2ban is only blocking on postfix-sasl

    No i've added in : /etc/fail2ban/jail.d a file : clearos-postfix.conf



    Not sure if this will work or not or it will break other things

    Please comment if i can secure the server with a better methode for these kind of attacks

    Thanks

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Domoticz 2022.1

    Fred, Nick,

    On my VMware test setup i've made a clean install of v2021 and did a update to 2022.
    All went smooth and looks like it is working.
    SInce i've already made build of 2022 on my production server i'll not installed the package from the repos.

    This is the output of the update on my VMware testserver for reference


    Thanks both of you for the effort !

  • Patrick de Brabander
    Patrick de Brabander likes the reply for the discussion, Re: Domoticz 2022.1

    I've played around a bit with koji and got domoticz to build. It was not with the correct options so I've manually tagged it into clearos-contribs-testing. Hopefully it will build correctly next time without the manual tagging. I can't test until there is a version bump.

    I will always have to be contacted to get the package to build in koji in the first place but otherwise I hope it will be OK.

    If you can, please test the build and I can then release it.

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Domoticz 2022.1

    Hi Fred,

    I've installed today the Domoticz build on my production server and everything is running well.
    Thanks for the clear instruction and support
    I hope that Koji will work again next time, but this is also working

    Thanks again !

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Domoticz 2022.1

    Fredrik Fornstad wrote:

    Patrick,
    In ClearOS/Centos there is no package called libpython3 to my knowledge, instead I think you mean python3-libs...
    Anyway, I will likely update my instruction above to do in the build machine before doing the rpmbuild -bs domoticz.spec command. I am not sure if it is needed, but it will at least take care of an error message. Also, I will try to update the spec-file itself to make sure python 3.6 is installed together with domoticz.

    Expect a domoticz-2022.1-3 update in a day or so.

    /Fred


    I did :
    And these package were then installed.

  • Patrick de Brabander
    Patrick de Brabander likes the reply for the discussion, Re: Domoticz 2022.1

    Patrick,
    In ClearOS/Centos there is no package called libpython3 to my knowledge, instead I think you mean python3-libs...
    Anyway, I will likely update my instruction above to do in the build machine before doing the rpmbuild -bs domoticz.spec command. I am not sure if it is needed, but it will at least take care of an error message. Also, I will try to update the spec-file itself to make sure python 3.6 is installed together with domoticz.

    Expect a domoticz-2022.1-3 update in a day or so.

    /Fred

  • Patrick de Brabander
    Patrick de Brabander replied to a discussion, Domoticz 2022.1

    Hi Fred

    I managed to build an rpm version and get Domoticz running on a VMware
    Only Domoticz runs on Python 3.4 instead of 3.6.
    Both versions of Python are installed and when I do Python --version I get " version 3.6.8"

    Now do I aso have a spare server with a copy of an old ClearOS with Domoticz 2021.1 installed.
    If I do the update, I just get Domoticz running on Python 3.6.

    Now I don't remember if I ever updated anything on this, but do you know if I can get VMware (fresh install) to also run Domoticz with Python 3.6?