If you get your address by DHCP from your ISP, setting the WAN NIC is fine. You *may* have to power cycle your modem when you connect ClearOS to it. You don't have to enter any Dynamic IP internet address and subnet mask from your provider - and don't expect to get the same one as you had on the TP-Link!
Once you are up and running, if you have cable it is great if you can put your modem into bridge mode so ClearOS get's your public WAN IP. If you have a PPPoE connection (ADSL or some fibre, like BT), if you put your modem into bridge mode you may have to change the ClearOS WAN to PPPoE. Don't do this until everything is working.
For your LAN, more typically you set it as Static. Commonly you give it a .1 or .254 address (the highest or lowest usable in a /24 subnet) but there is no particular requirement to. You would also enable the interface DHCP server (Webconfig > Network > Infrastructure > DHCP Server) so your LAN devices get their IP addresses from ClearOS. Again, you don't have to do this if you have another DHCP server on your LAN. Most likely yout TP-Link is your DHCP server currently. As I said earlier, I recommend not to use a subnet which is 192.168.0.0/24 or 192.168.1.0/24.
Once you have your WAN and LAN working and ClearOS has replaced or is about to replace the TP-Link, I suggest you close the Webconfig port in the incoming firewall. It only affects your WAN as the LAN is automatically allowed full access to ClearOS.
Thanks Nick. I have seen the Plex.tv resource and followed it when I did the set up. I think the only thing I changed on "Network" was to set/allow the local network to login without password. I defined the network as per the instructions ie. 192.168.1.0/255.255.255.0, 192.168.2.0/255.255.255.0. The devices can see the Plex server in the list but can't access anything.
I'll look at the Configure Plex Media Server link. There is likely something I've missed.
If you've done the downgrade, an update was pushed last night so you should now have:If you have not done the downgrade, do:which should straighten thing out.
This should provide an interim fix for BitTorrent. The blocking will not be perfect but, if anything gets through, it should be very slow and the app should no longer stop. I hope to test myself in the next few days.
I've had the Marketplace App Plex Media Server running for a while and connected to my NAS.
I can use the web interface to play movies, tv & music, but I'm not able to connect via DLNA.
I haven't changed the default settings on the Plex server advanced DLNA.
For example. Both my Bose SoundLink/SoundTouch & VLC Player will show the Plex Media Server:PlexMedia in the UPnP but I can't connect. In VLC Player there is a yellow triangle with !. I can't find out what that is supposed to mean.
I'm sure I've missed some set-up step somewhere along the way.
What I should be checking?
By default, plexmediaserver comes from the clearos-contribs repo and is not often updated - currently it is 10 releases behind the plex repo. The current build from the plex repo is in clearos-contribs-testing so may appear soon. If you want to keep up with the public plex releases then you can install the plex repo directly like me. If you keep it disabled you can do an update manually by doing:
Your knowledge is getting beyond mine now. I have not looked at journalmatch or backend at all.
Yesterday I was talking to Peter and he also checked:and got the same results but it appears not to matter as he is getting blocks in his jail (I don't as I only have secure ports open and they rarely get attacked). It may be due to the backend sucking out messages before they hit the logs but I don't know for sure. It is conjecture, but it does mean the default jail is not buggy.
If you really want to check, using "sed -e 's/#.*$//' -e '/^$/d' /etc/fail2ban/jail.conf" and cutting down the output to the defaults, postfix-sasl and sshd-ddos I get:
I enable mine by jails.local rather than via the Webconfig and my jails.local (cut down) is:and I don't use sshd-ddos. My filter is a bit different from default but that does not matter. Mu paths-common.conf and paths-fedora.conf are default
In the initial configuration, port 81 is open on the WAN (note - please close it when you've finished configuring, unless you need WAN access). This means that, if the ClearOS WAN is set up to DHCP, you can connect the ClearOS WAN into your LAN, leaving the ClearOS LAN disconnected from the TP-Link LAN. If you can then work out the ClearOS WAN IP you can then connect to the ClearOS Webconfig. The easiest way to work out the ClearOS WAN IP is to log back into the console directly and look at the interface configuration.
I suggest you enable the DHCP server on the ClearOS LAN, and use a subnet which is not 192.168.0.0/24 or 192.168.1.0/24. Once you have the ClearOS LAN configured like that, if the subnet you've chosen is different from your TP-Link subnet then you can leave the ClearOS box connected to your LAN and connect workstation to the ClearOS LAN and do everything from the ClearOS LAN, only removing the TP-Link when you are ready. You can do these settings directly from the console which would allow you to plug a workstation directly into the ClearOS LAN.
If you have not bumped into them already, to very useful tools for remote access to ClearOS are PuTTy for a terminal and WinSCP for a graphical file manager and text editor.
Nick Howitt wrote:
When f2b went from 0.8.x to 0.9.x a lot of things were parametrised. In jail.conf you have "before = paths-fedora.conf", so have a look in paths-fedora.conf where you'll find "before = paths-common.conf". In paths-common.conf you'll find "postfix_log = %(syslog_mail_warn)s" and "syslog_mail_warn =" which takes us back to the paths-fedora.conf for its override "syslog_mail_warn = /var/log/maillog" and bingo! It does make tracking down entries convoluted but I can see why they've done it to make it easier to work with multiple distro's.
Yes, it is convoluted. I can follow it thanks to your explanation. I have following in /etc/fail2ban/paths-fedora.conf
Nick Howitt wrote:
Changing "logpath = %(syslog_mail)s" which works with other postfix jails does not work here! It looks like you have to comment out the "backend" line in jail.conf or (better) set "backend = auto" in jail.local. I smell a bug here.
I have in jail.conf. This doesn't look right. If we're using systemd for the logs then it should be . Setting "auto" means that it will use pyinotify, gamin or polling.
From the jail.conf:
Do I need to add "journalmatch = " into the jail.local to make this work?
I will give this a try.