Can I ask which Attack Detector jails do you have enabled and which ports do you have open in your incoming firewall? Currently the cyrus-imap jail does nothing and will not detect intrusion attempts. There is a fix in the pipeline. If you want to test it out, please do a:


Note that unlike the IDS/IPS, Attack Detector only works on exposed ports.

That does not look like the output to the winver command.

Read the link I gave. It tells you how to apply the registry changes.

Re "winver" please give a screen dump. It will show more than you say.

That is symptomatic of not applying the two registry changes. Please can you confirm that you have applied them to the workstations and server? Also, from the command prompt, what is the Version and OS Build from the command "winver"?

Re: please help me

AFAIK, the two registry changes https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_adding_workstation_to_a_domain#windows_7_and_later_registry_changes_to_join_a_domain are needed for both Win7 and Windows Server 2012. What I don't know is the patch level for Windows Server 2012 as M$ made a mess of things with the 1803 update (if it applies). 1809 should be OK, but a patch was released in September which fixed the 1803 versions (in Win10 at least).

What errors are you seeing?

AFAIK, the two registry changes are needed for both Win7 and Windows Server 2012. What I don't know is the patch level for Windows Server 2012 as M$ made a mess of things with the 1803 update (if it applies). 1809 should be OK, but a patch was released in September which fixed the 1803 versions (in Win10 at least).

What errors are you seeing?

Thanks for the feedback. To help everyone here, can you please say which set of instructions worked? I suspect the second from what you say. Or, better still, can you detail your steps.

Tip: the "history" command can help as a memory jogger.

You can even edit /etc/clearos/firewall.d/local , but make sure each rule name after the "#" is different. I am also not sure what are valid comments. If you use the local file the format is the same but without the comment. You may even be able to leave in the comment. It is important it fires on ipv4 only. Each time you save the local file the firewall restarts and the rule gets applied.

Typo:

I am sorry but this is really an English language forum. I've used Google Translate to assist me:

Good afternoon ... I come to you for help in advance thank you very much I have configured a clearOS 7 community as a gateway but at the moment of entering into operation. only the network traffic of the main lan network recognizes the subnets with different gateway does not allow the traffic .. how can I configure that the other subnets can also recognize them?

How many network interfaces to you have and are they recognised by ClearOS?
It is essential that each network interface is on a different subnet, and it is best to avoid the 192.168.0.0/24 and 192.168.1.0/24 subnets if at all possible.
Have you configured the DHCP server for the LAN subnets?
Is your WAN connection Static, DHCP (or PPPoE).
If you ultimately want PPPoE on your WAN, when setting up it is best to avoid PPPoE until you get the WAN connection working and accept the double-NAT until it is working. Once it is working, then you can switch the modem to PPPoE then change the ClearOS interface. This is not necessary with Static or DHCP WAN connections. They should just work.