Mine is also a permanent state of affairs on my old server (the one I can't alt+left_arrow to go back), but I did manage to set the server up in the first place somehow. I don't know about the VM image I sent you, but that has a lot more history.
I have been able to reproduce this and not reproduce this on the same virtual machine. That is to say. I have a snapshot that has the issue and a snapshot that does not have the issue and one that does. The big difference I can see is a reboot. On my VM, a reboot fixes the issue.
Does rebooting solve this for those that are affected? If so, then I have captured the issue in a VM and can work on it. If not, there may be another issue here.
Please can you have a look at the app documentation and the kb articles Live Monitoring of Web Traffic in Proxy and Content Filter and Add Whitelist of Sites to Proxy Server to see if you can determine the issue and fix it.
M$ have done a lot of changes to WIn10 over the last year and a half which have caused problems. It may be that there are other registry settings you need to get things going. As an example now, login scripts don't work any more in Win10 unless you make some more registry changes; old style workgroup sharing has now been stopped, but can be re-enabled etc.
Thanks for having a look. Without the software there is little more I can do to investigate.
Lots of ways of telling your LAN interfaces - IP Settings in the webconfig, "ps aux | grep arpwatch", "grep IF /etc/clearos/network.conf" and ignore the EXTIF, or, flashier, "ls /etc/systemd/system/multi-user.target.wants/arpwatch*"
All you can do is play with the options. In the past I tried using -n to get rid of the 0.0.0.0 messages but it didn't work. If you have two separate LANIF's, then arpwatch should not need the -n.
Personally I am not sure, really, what arpwatch brings to the table.
What a grotty set of subnets as they don't simplify too well! In the main firewall, just don't open port 25. Then add custom firewall rules:Or you can do individual rules fro each listed subnet. If you need mobile and laptop devices to relay through you, use SMTPS on port 465.
FWIW custom firewall rules are really outside the scope of the support contract. There is a real possibility of making a mess of the firewall and you need to be prepared to do some command line stuff if the firewall goes into a restart loop or panics.
You should test each rule at the command line first, replacing "$IPTABLES" with "iptables", and, only if it is accepted without an error, put it in the Custom Firewall rules (with "$IPTABLES" and not "iptables")
Thank you Nick. Appreciate your help as always!
Is there a way to find what the "your_LAN_interface" is being used from the command?
Before I mess with the command, I should know what "your_LAN_interface" is being executed in the default state.
As I have 2 network segments perhaps I need to add the second segment using the -n option?? Maybe the default is our wired segment but not the wifi segment?
In the man for arpwatch. It says:
I would like to keep arpwatch sending info when it really should and if I turn of the emails then I won't get something when I really should look at it. So I'd really like to continue to try to figure out why this is happening.