- This topic is empty.
-
Posts
-
Hello
I’m new with Zeroshell and I must say also that I am not very good at networking.
I managed to install and operate a computer with Zeroshell.
There are two cards that are installed bridged.
the captive portal works fine but I can not start the HTTP proxy.Indeed, the status is down and the “HTTP capturing rules” said to me that : “Proxy service disabled”
I have tried some hoops to try to fix this problem and I read some topics but I must confess that I do not understand some details.
So if one of you’ll have the courage to guide me step by step to try to understand and also my understanding of my problem, it would be very nice of him.
Thank you in advance
StephanHi . This is :
root@coclicoh root> iptables -L -v
Chain INPUT (policy ACCEPT 54415 packets, 3933K bytes)
pkts bytes target prot opt in out source destination
62754 4830K SYS_INPUT all -- any any anywhere anywhere
24 1246 SYS_HTTPS tcp -- any any anywhere anywhere tcp dpt:http
4096 441K SYS_HTTPS tcp -- any any anywhere anywhere tcp dpt:https
108 7929 SYS_SSH tcp -- any any anywhere anywhere tcp dpt:ssh
Chain FORWARD (policy ACCEPT 1064K packets, 601M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 58365 packets, 6711K bytes)
pkts bytes target prot opt in out source destination
62491 7024K SYS_OUTPUT all -- any any anywhere anywhere
Chain NetBalancer (0 references)
pkts bytes target prot opt in out source destination
Chain SYS_HTTPS (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo any anywhere anywhere
4120 442K ACCEPT all -- any any anywhere anywhere
Chain SYS_INPUT (1 references)
pkts bytes target prot opt in out source destination
135 12008 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:12080:12083 PHYSDEV match --physdev-in ETH01
0 0 DROP tcp -- any any anywhere anywhere tcp dpts:12080:12083
10 3375 ACCEPT udp -- any any anywhere anywhere udp spt:domain state ESTABLISHED
142 141K ACCEPT tcp -- any any anywhere anywhere tcp spt:http state ESTABLISHED
0 0 ACCEPT tcp -- any any anywhere anywhere tcp spt:8245 state ESTABLISHED
3824 291K ACCEPT udp -- any any anywhere anywhere udp spt:ntp state ESTABLISHED
58643 4383K RETURN all -- any any anywhere anywhere
Chain SYS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
135 12008 ACCEPT all -- any lo anywhere anywhere
10 731 ACCEPT udp -- any any anywhere anywhere udp dpt:domain
142 8984 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:8245
3839 292K ACCEPT udp -- any any anywhere anywhere udp dpt:ntp
58365 6711K RETURN all -- any any anywhere anywhere
Chain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo any anywhere anywhere
100 7521 ACCEPT all -- any any 192.168.1.0/24 anywhere
8 408 DROP all -- any any anywhere anywhereand
root@coclicoh root> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 85419 packets, 7320K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 47170 packets, 4504K bytes)
pkts bytes target prot opt in out source destination
47170 4504K SNATVS all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 3917 packets, 297K bytes)
pkts bytes target prot opt in out source destination
Chain SNATVS (1 references)
pkts bytes target prot opt in out source destinationthanks
Hello and thank you again,
Well, I’ve just restart the proxy:
Here are the logs: (in the logs of the antivirus there ‘s anything).08:40:53 === Starting HAVP Version: 0.90
08:40:53 Running as user: havp, group: havp
08:40:53 Use transparent proxy mode
08:40:56 RESETTING VIRUS DATABASE.
08:40:57 === Starting HAVP Version: 0.90
08:40:57 Running as user: havp, group: havp
08:40:57 Use transparent proxy mode
08:41:34 === Starting HAVP Version: 0.90
08:41:34 Running as user: havp, group: havp
08:41:34 Use transparent proxy mode
08:41:37 RESETTING VIRUS DATABASE.
08:41:37 === Starting HAVP Version: 0.90
08:41:37 Running as user: havp, group: havp
08:41:37 Use transparent proxy mode
08:41:51 === Starting HAVP Version: 0.90
08:41:51 Running as user: havp, group: havp
08:41:51 Use transparent proxy mode
08:41:54 RESETTING VIRUS DATABASE.
08:41:54 === Starting HAVP Version: 0.90
08:41:54 Running as user: havp, group: havp
08:41:54 Use transparent proxy modeand the status of the proxy in the web page is down
Quick question: is it normal that the option will disable the antivirus is not accessible? (The menu is grayed out and tells me ENABLE)
Stéphan
I am not sure if there is any problem with captive portal, however it should not. Do you mind turning it off a little and try to enable proxy?
Also have you got any capture rules configured for proxy? Maybe it complains due to the fact that it doesn’t have any rules what to capture.Regarding the captive portal works great. I actually already tried to extinguish it but the result is the same.
At the same time, finding it odd to have no log on the antivirus I simply create a new profile by taking the same network settings and then there, everything works fine. Here are the logs of the proxy:09:27:53 === Starting HAVP Version: 0.90
09:27:53 Running as user: havp, group: havp
09:27:53 Use transparent proxy mode
09:27:53 — Initializing ClamAV Library Scanner
09:27:53 ClamAV: Using database directory: /var/register/system/ClamAV/db
09:28:06 ClamAV: Loaded 751959 signatures (engine 0.95.1)
09:28:06 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
09:28:06 — All scanners initialized
09:28:06 Process ID: 8572
09:28:06 WARNING: No HTTP capturing rules defined.
09:30:06 === Starting HAVP Version: 0.90
09:30:06 Running as user: havp, group: havp
09:30:06 Use transparent proxy mode
09:30:06 — Initializing ClamAV Library Scanner
09:30:06 ClamAV: Using database directory: /var/register/system/ClamAV/db
09:30:19 ClamAV: Loaded 751959 signatures (engine 0.95.1)
09:30:20 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
09:30:20 — All scanners initialized
09:30:20 Process ID: 9289
09:36:53 192.168.1.52 GET 401 http://192.168.1.15/ 274+210 OKYou can see at first that the virus is activated after the proxy but in my case it would not start! Maybe it was the cause …
I’ve also put some of whom log in at the beginning I did not set capturing HTTP rules. The proximal Corect worked there was just a warning.My problem is solved but not understood.
Thank you still push me and I’ll post a new topic as I would know if it is possible to ensure that all computers on the LAN interface zeroshell do not communicate with them-! (No sharing of resources possible)
- You must be logged in to reply to this topic.