profile
viewpoint

nethesis/icaro 16

Easy and simple HotSpot for small and medium hotels

cotosso/dante 0

Single stack reports made simple

cotosso/docs 0

NethServer documentation

cotosso/icaro 0

Easy and simple HotSpot for small and medium hotels

cotosso/nethserver-dedalo 0

NethServer integration for Dedalo

cotosso/nethserver-enterprise-docs 0

NethServer Enterprise manual

cotosso/nethserver-lightsquid 0

NethServer lightsquid configuration

cotosso/nethserver-openvpn 0

NethServer OpenVPN configuration

issue commentNethServer/dev

Wrong message showed by port forward validator

I tested the fix and it worked as expected.

cotosso

comment created time in 3 days

issue openedNethServer/dev

Wrong message showed by port forward validator

When creating a port forward with a port range, usign a dash as port separator (e.g. 1000-2000) leads to an error from validator, the validatore message is:

"Must be a valid port number or port range (using dash)"

whereas the accepted syntax is not a dash but a colon.

Steps to reproduce

  • Try to create a port forward with a portrange
  • use a dash as port (start, end) separator

Expected behavior

  • The validator's system will request a colon as a separator "Must be a valid port number or port range (using colon)"

Actual behavior

  • The validator's system requests a dash as a separator "Must be a valid port number or port range (using dash)"

Components

nethserver-firewall-base-ui-3.8.3-1.ns7.noarch NethServer release 7.7.1908 (final)

created time in 3 days

issue commentNethServer/dev

Selected bond mode ignored in Cockpit

now it works flawlessy.

cotosso

comment created time in 6 days

issue commentNethServer/dev

Selected bond mode ignored in Cockpit

I checked the update, now the variable BondOptMode is written but the applied mode is different from the one expected. Please fix the association between dropdown menu in the GUI and the BondOptMode according to this schema:

mode=0 (Balance Round Robin) mode=1 (Active backup) mode=2 (Balance XOR) mode=3 (Broadcast) mode=4 (802.3ad) mode=5 (Balance TLB) mode=6 (Balance ALB)

cotosso

comment created time in 6 days

issue openedNethServer/dev

Bond always in round-robin mode when created from cockpit interface

This problem only occurs when using the cockpit interface, whereas all works flawlessy with the "old" NethGUI interface.

Steps to reproduce

  • Create a bond type logic interface
  • Choose a "mode" different from Balance round-robin (e.g. active-backup)

Expected behavior The created logic interface works in active -backup mode

Actual behavior The created logic interface always works in round-robin mode, regardless of how it was configured

[root@rr ~]# cat /proc/net/bonding/bond0 
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: enp0s3
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:8e:d6:15
Slave queue ID: 0

Slave Interface: enp0s9
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:d7:6f:67
Slave queue ID: 0

The network database is not written accordingly, "BondOptMode " is alway NULL.

[root@rr ~]# db networks show
bond0=bond
    BondOptMode=
    bootproto=none
    gateway=
    ipaddr=192.168.57.114
    netmask=255.255.255.0
    nslabel=
    role=green
enp0s3=ethernet

Components NethServer release 7.7.1908 (final)

nethserver-cockpit-1.3.11-1.ns7.noarch nethserver-cockpit-lib-1.3.11-1.ns7.noarch

created time in 11 days

issue commentnethesis/dev

Flashstart Cockpit UI: add link to flashstart management page

Tested and working

cotosso

comment created time in 19 days

issue openednethesis/dev

Flashstart Cockpit UI: add link to flashstart service management page

NethServer provides an integration with Flashstart content filter. The content filter needs to be managed from a web panel owned by flashstart itself (not directly fomr nethserver).

It could be very useful to have in the Dashboard of teh Flashstart Cockpit UI a link that point to the flashstart webpage.

Best thing would be (if possible) to have a button to reach flashstart management page that automatically does the login with the same user and pass already set in the configuration page of the cockpit panel.


// Acknowledgements

NethServer release 7.7.1908 (final) nethserver-flashstart-2.2.0-1.ns7.noarch

created time in a month

issue commentNethServer/dev

More intuitive behaviour in case of conflit among access rules to cockpit interface(only with firewall installed)

I tested it, now firewall rules override "System-> Settings" access rules as expected

cotosso

comment created time in 2 months

issue openedNethServer/dev

More intuitive behaviour in case of conflit among access rules to cockpit interface(only with firewall installed)

This is not strictly a bug report, this an improvement request in order to have a more intuitive behaviour when the firewall module is installed and NethServer act as gateway.

Access to the cockpit administration interface is regulated by 2 sections:

  • the one in the System-> Settings section
  • the one (Local rules) in the Firewall section (if installed)

In the event that the firewall section is not installed, the problem does not arise, in the case in which instead this module is installed it is possible to create access rules to the cockpit interface also from that section and the rules made on the 2 different sections can go to conflict.

Currently the rules made in the System-> Settings section have priority over those of the firewall section. I believe instead that it is more intuitive for those who have installed the firewall module to create all the rules from the specific section (local rules), so these must have priority over those made on System-> Settings.

Steps to reproduce

  • Enable "Grant access from Wan (Red)" on System-> Settings
  • Create in "Firewall" -> "Local rules" a rule that block traffic from red to firewall on cockpit port

Expected behavior It's not possible to access cockpit interface from red interface

Actual behavior It's still possible to access to cockpit interface from red interface

Components

NethServer release 7.7.1908 (final)

nethserver-firewall-base-ui-3.8.1-1.ns7.noarch nethserver-firewall-base-3.8.1-1.ns7.noarch nethserver-cockpit-1.3.9-1.ns7.noarch nethserver-cockpit-lib-1.3.9-1.ns7.noarch

created time in 2 months

issue commentNethServer/dev

Network recovery console tool

Network tool works as expected

DavidePrincipi

comment created time in 2 months

issue commentNethServer/dev

Improve configuration restore

in the remap interface box physical interfaces are showed in reversed alphabetical order, e.g. enp8s0 enp6s0 enp3s0 enp2s0 enp1s0

can you show them in alphabetical order?

gsanchietti

comment created time in 2 months

issue commentNethServer/dev

OpenVPN tunnel: Wrong protocol written in the client configuration file

The exported json file for the client has a variable called Protocol and its value is tcp-server instead of tcp-client

cotosso

comment created time in 2 months

issue openedNethServer/dev

OpenVPN tunnel: Wrong protocol written in the client configuration file

Steps to reproduce

  • Configure an OpenVPN tunnel SERVER working with TCP protocol (default is UDP)
  • Export client configuration for the NethServer client
  • import file configuration in the client

Expected behavior

The vpn between 2 NethServers starts flawlessy

Actual behavior

The VPN doesn't starts

Components NethServer release 7.7.1908 (final)

openvpn-2.4.7-1.el7.x86_64 nethserver-vpn-ui-1.2.3-1.ns7.noarch nethserver-openvpn-1.9.0-1.ns7.noarch


created time in 2 months

issue openedNethServer/dev

missing pppoe interface when creating a port forward

This behavior happens when we have a MultiWAN environment with a PPPoE interface.

Steps to reproduce

  • Configure a system with at least 2 red interface, one of them must be a PPPoE
  • Try to create a port forward valid only for traffic incoming from PPPoE interface

Expected behavior

The port forward modify panel must allows to create a port forward on all interfaces or on a single red interface/alias. Actually red interface are identified by their main ip address

Actual behavior All works as described above except that it is not possible to enable a port forward ONLY for the PPPoE interface, only ip address from ethernet cards are showed in the panel.

Components

NethServer release 7.7.1908 (final) nethserver-firewall-base-ui-3.7.3-1.ns7.noarch nethserver-firewall-base-3.7.3-1.ns7.noarch


created time in 2 months

issue commentNethServer/dev

Improve configuration restore

Test case 1 The test went successfully and the restore was successful. I used a backup of a machine without subscription in a new community machine. This test also applies to case 6 so case 6 is ok. Test case 2 tested and working Test case 3 tested and working

gsanchietti

comment created time in 2 months

issue commentNethServer/dev

Improve configuration restore

when choosing the backup file to restore the web interface label shows a bad extension:

Choose file (*.tgz.gz) whereas configuration backups are in tar.xz format

gsanchietti

comment created time in 2 months

issue commentNethServer/dev

Improve configuration restore

There is a typo in /usr/libexec/nethserver/api/system-backup/read line 287, an "H" is missing ( close F;)

gsanchietti

comment created time in 2 months

issue commentNethServer/dev

Wrong units passed to fireQoS

marcin-github thank you for the clarification, now it makes sense to me. the problem involve only classes defined by kbps and not the ones defined by %. Fix should be easy to do, just substitute kbit instead of kbps in the fireqos.conf for these classes.

marcin-github

comment created time in 3 months

issue commentNethServer/dev

Wrong units passed to fireQoS

It seems to me that everything is working fine, probably the speed units used in FireQOS generated this misunderstanding.

SPEED UNITS
       In FireQOS, speeds can be expressed in the following units:

       #bps   # bytes per second

       #kbps; #Kbps
              # kilobytes per second

       #mbps; #Mbps
              # megabytes per second

       #gbps; #Gbps
              # gigabytes per second

       #bit   # bits per second

       #kbit; #Kbit; #
              # kilobits per second (default)
  • fireqos configuration on nethserver always make use of kbits units.
  • on nethserver web interface there is a label "... (kbps)"

Is very common to indicate kilobits per second with kbit/s or kb/s (or kbps) whereas the capital B is used to indicate bytes -> kB/s.

marcin-github

comment created time in 3 months

issue commentNethServer/dev

Cockpit firewall dashboard: service status color

tested and working as expected

cotosso

comment created time in 3 months

issue commentNethServer/dev

Cockpit dashboard: wrong path loaded in applications

I tested the update and now it works as expected.

edospadoni

comment created time in 3 months

issue openedNethServer/dev

Icon colors and meaning in services section (cockpit Firewall Dashboard)

The dashboard of the firewall section shows among many other things also the active services (hotspots, IPS etc.) Currently the enabled services are indicated with a green checked icon, while the non-enabled services are indicated with a red X icon This kind of red icon may suggest that some services are not working properly because the red X icon is also used in other panels to indicate an alarm (eg: provider down).

Proposed solution I propose to replace these red icons with some more neutral ones (for example the gray "-" sign) to indicate that the functionality is not active but there isn't any problem to solve.

NethServer release 7.7.1908 (final) nethserver-firewall-base-ui-3.7.2-1.ns7.noarch

created time in 3 months

issue commentNethServer/dev

Firewall: informative description for MAC validation (IP/MAC binding)

I checked it and now it worked as expected

andre8244

comment created time in 3 months

issue commentNethServer/dev

Dedalo: remove bandwidth columns in Dashboard page

Tested : ok

andre8244

comment created time in 4 months

pull request commentNethServer/nethserver-dedalo

Removed columns in Dashboard page

Tested: ok

andre8244

comment created time in 4 months

fork cotosso/docs

NethServer documentation

www.nethserver.org

fork in 4 months

fork cotosso/docs

NethServer documentation

www.nethserver.org

fork in 4 months

issue commentNethServer/dev

Cockpit: restore of backup-config failed

tested on different hardwares and NIC configurations, it worked as expected.

edospadoni

comment created time in 4 months

pull request commentNethServer/nethserver-cockpit

Replace nic vendor name by arp hostname

At this point I think that is good to leave it that way.

stephdl

comment created time in 4 months

pull request commentNethServer/nethserver-cockpit

Replace nic vendor name by arp hostname

thank you for the clarifications!

case 1: I agree very much on the description field and the functionality is already fine. The fact was that It could be a good thing (but not very sure about that) to see both the name of the builder and the arp name (just in case the arp name has been modified and it's unclear, so we can look at the builder name to have some more information). But I think you can leave it as it is.

case2: I understood why some hosts that are solved but do not appear in the panel. These hosts are not really present in the output of arp -a. It is necessary that they exchange a minimum of traffic with nethserver (even a ping is sufficient) and at that point they are shown in the output of arp -a and also in the web panel.

stephdl

comment created time in 4 months

pull request commentNethServer/nethserver-cockpit

Replace nic vendor name by arp hostname

I tried the update and it works fine. I note only 2 small things (see also attachment).

  1. I would put the name obtained by arp instead of the host name (dx column) which is still empty because it is not defined in the db, so we will see both the vendor and the name arp.

  2. I have a case in which the name arp is solved in some way, but on the interface it is not shown.

However, it is already OK this way too.

Sistema - nsec-primary nethesis it  4  (1)

stephdl

comment created time in 4 months

issue commentNethServer/dev

Statistics on OpenVPN connections

I tried the test cases, everything worked fine for me.

andre8244

comment created time in 4 months

more