bugzilla-daemon | 26 May 11:36 2016

[Bug 9528] XSS security issue in phpwebftp 3.3b

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9528.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"
Bug ID Summary Classification Product Version Hardware OS Status Severity Priority Component Assignee Reporter QA Contact
9528
XSS security issue in phpwebftp 3.3b
Contribs
SME Contribs
8.2
---
---
CONFIRMED
normal
P3
smeserver-phpwebftp
jean-paul <at> leclere.org
tests <at> pialasse.com
contribteam <at> lists.contribs.org

https://packetstormsecurity.com/files/137001/phpwebftp-xss.txt from what i know we use 3.3a, so it might be present too PHPWebFTP ver 3.3b - xss vulnerability , by N_A. N_A [at] tutanota.com Vendor has notified Description ---------------- phpWebFTP enables connections to FTP servers, even behind a firewall not allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection from your web server to the FTP server and transferring the files to your web client over the http protocol Vulnerability ------------- PHPWebFTP ver 3.3b allows malicious code injection due to some variables we can control. This allows an attacker to inject malicious code to carry out XSS attacks upon the program. ----snip , index.php---- $server=$_SESSION['server']; $user=$_SESSION['user']; $password=$_SESSION['password']; $language=$_SESSION['language']; $port=$_SESSION['port']; $passive=$_SESSION['passive']; ----snip , index.php---- further down in the code, the variables are passed without any security/filtering checks: ----snip, index.php---- $ftp = new ftp($server, $port, $user, $password, $passive); $ftp->setMode($mode); $ftp->setCurrentDir($currentDir); ----snip, index.php---- Code injected into the [server] field: <script>alert('executed');</script> This is also possible for the [username],[port] and [field] options. N_A [at] tutanota.com -- Securely sent with Tutanota. Claim your encrypted mailbox today! https://tutanota.com
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - XSS security issue in phpwebftp 3.3b" href="https://bugs.contribs.org/show_bug.cgi?id=9528">Bug 9528</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><table border="1" cellspacing="0" cellpadding="8">
<tr>Bug ID
          <td>
<a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - XSS security issue in phpwebftp 3.3b" href="https://bugs.contribs.org/show_bug.cgi?id=9528">9528</a>
          </td>
        </tr>
<tr>Summary
          <td>XSS security issue in phpwebftp 3.3b
          </td>
        </tr>
<tr>Classification
          <td>Contribs
          </td>
        </tr>
<tr>Product
          <td>SME Contribs
          </td>
        </tr>
<tr>Version
          <td>8.2
          </td>
        </tr>
<tr>Hardware
          <td>---
          </td>
        </tr>
<tr>OS
          <td>---
          </td>
        </tr>
<tr>Status
          <td>CONFIRMED
          </td>
        </tr>
<tr>Severity
          <td>normal
          </td>
        </tr>
<tr>Priority
          <td>P3
          </td>
        </tr>
<tr>Component
          <td>smeserver-phpwebftp
          </td>
        </tr>
<tr>Assignee
          <td>jean-paul <at> leclere.org
          </td>
        </tr>
<tr>Reporter
          <td>tests <at> pialasse.com
          </td>
        </tr>
<tr>QA Contact
          <td>contribteam <at> lists.contribs.org
          </td>
        </tr>
</table>
<p>
        </p>
<div>
        <a href="https://packetstormsecurity.com/files/137001/phpwebftp-xss.txt">https://packetstormsecurity.com/files/137001/phpwebftp-xss.txt</a>

from what i know we use 3.3a, so it might be present too

PHPWebFTP ver 3.3b - xss vulnerability , by N_A.
N_A [at] tutanota.com

Vendor has notified

Description
----------------

phpWebFTP enables connections to FTP servers, even behind a firewall not 
allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection 
from your web server to the FTP server and transferring the files to your web 
client over the http protocol

Vulnerability
-------------

PHPWebFTP ver 3.3b allows malicious code injection due to some variables we 
can control. This allows an attacker to inject malicious code to carry out 
XSS attacks upon the program.

----snip , index.php----

    $server=$_SESSION['server'];
    $user=$_SESSION['user'];
    $password=$_SESSION['password'];
    $language=$_SESSION['language'];
    $port=$_SESSION['port'];
    $passive=$_SESSION['passive'];

----snip , index.php----

further down in the code, the variables are passed without any 
security/filtering checks:

----snip, index.php----

    $ftp = new ftp($server, $port, $user, $password, $passive);
    $ftp-&gt;setMode($mode);
    $ftp-&gt;setCurrentDir($currentDir);

----snip, index.php----

Code injected into the [server] field: &lt;script&gt;alert('executed');&lt;/script&gt;
This is also possible for the [username],[port] and [field] options.

N_A [at] tutanota.com

--
Securely sent with Tutanota. Claim your encrypted mailbox today!
<a href="https://tutanota.com">https://tutanota.com</a>
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 26 May 10:55 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"
changed bug 9514
What Removed Added
Status IN_PROGRESS RESOLVED
Resolution --- FIXED

Comment # 16 on bug 9514 from (In reply to Unnilennium from comment #15) > Bad argument `denylog' > Try `iptables -h' or 'iptables --help' for more information. > done > > that is related to the line : > /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog ok this one is related to the fact that my test machine is in server mode. patching the ! to move, Stefano can you try the new rpm ? /usr/bin/plague-client build smeserver-coova-chilli smeserver-coova-chilli-0_3-2_el6_sme contribs9 Package smeserver-coova-chilli enqueued. Job ID: 1179. %changelog * Thu May 26 2016 Jean-Philipe Pialasse <tests <at> pialasse.com> 0.3-2.sme - fix iptables syntax exclamation mark misplaced [SME: 9514] - smeserver-coova-chilli-0.3-MasqUpdate.patch
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed" title="RESOLVED FIXED - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span> changed
              <a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed" title="RESOLVED FIXED - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
          <br><table border="1" cellspacing="0" cellpadding="8">
<tr>What
            Removed
            Added
          </tr>
<tr>
<td>Status</td>
           <td>IN_PROGRESS
           </td>
           <td>RESOLVED
           </td>
         </tr>
<tr>
<td>Resolution</td>
           <td>---
           </td>
           <td>FIXED
           </td>
         </tr>
</table>
<p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed" title="RESOLVED FIXED - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c16">Comment # 16</a>
              on <a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed" title="RESOLVED FIXED - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span>
        (In reply to Unnilennium from <a href="show_bug.cgi?id=9514#c15">comment #15</a>)

<span class="quote">&gt; Bad argument `denylog'
&gt; Try `iptables -h' or 'iptables --help' for more information.
&gt; done
&gt; 
&gt; that is related to the line :
&gt;     /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog</span>
ok this one is related to the fact that my test machine is in server mode.

patching the ! to move,

Stefano can you try the new rpm ?

/usr/bin/plague-client build smeserver-coova-chilli
smeserver-coova-chilli-0_3-2_el6_sme contribs9
Package smeserver-coova-chilli enqueued.  Job ID: 1179.
%changelog
* Thu May 26 2016 Jean-Philipe Pialasse &lt;<a href="mailto:tests <at> pialasse.com">tests <at> pialasse.com</a>&gt; 0.3-2.sme
- fix iptables syntax exclamation mark misplaced [SME: 9514]
- smeserver-coova-chilli-0.3-MasqUpdate.patch
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 25 May 19:27 2016

[Bug 9526] These are the fragments requested for dansguardian

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9526.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"
Bug ID Summary Classification Product Version Hardware OS Status Severity Priority Component Assignee Reporter QA Contact
9526
These are the fragments requested for dansguardian
Contribs
SME Contribs
9.1
---
---
UNCONFIRMED
normal
P3
smeserver-dansguardian-panel
stephen <at> dungog.net
stevesemple <at> lycos.com
contribteam <at> lists.contribs.org

Created attachment 5513 [details] Fragments for Dansguardian and SME 9.1 As requested. Here are the fragments for SME Linux Dansguardian. The Dansguardian panel was not installing properly for 9.1 and it was requested that providing these files it would move the development of the panel along. I would like to put my best foot forward. BUT this is my first attempt at this. I hope It is correct. I have tried to go over it a couple of times to get it right. Its not as easy as it looks. Added to that making fragments for things your not sure what they do. Thank you.
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_UNCONFIRMED " title="UNCONFIRMED - These are the fragments requested for dansguardian" href="https://bugs.contribs.org/show_bug.cgi?id=9526">Bug 9526</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><table border="1" cellspacing="0" cellpadding="8">
<tr>Bug ID
          <td>
<a class="bz_bug_link 
          bz_status_UNCONFIRMED " title="UNCONFIRMED - These are the fragments requested for dansguardian" href="https://bugs.contribs.org/show_bug.cgi?id=9526">9526</a>
          </td>
        </tr>
<tr>Summary
          <td>These are the fragments requested for dansguardian
          </td>
        </tr>
<tr>Classification
          <td>Contribs
          </td>
        </tr>
<tr>Product
          <td>SME Contribs
          </td>
        </tr>
<tr>Version
          <td>9.1
          </td>
        </tr>
<tr>Hardware
          <td>---
          </td>
        </tr>
<tr>OS
          <td>---
          </td>
        </tr>
<tr>Status
          <td>UNCONFIRMED
          </td>
        </tr>
<tr>Severity
          <td>normal
          </td>
        </tr>
<tr>Priority
          <td>P3
          </td>
        </tr>
<tr>Component
          <td>smeserver-dansguardian-panel
          </td>
        </tr>
<tr>Assignee
          <td>stephen <at> dungog.net
          </td>
        </tr>
<tr>Reporter
          <td>stevesemple <at> lycos.com
          </td>
        </tr>
<tr>QA Contact
          <td>contribteam <at> lists.contribs.org
          </td>
        </tr>
</table>
<p>
        </p>
<div>
        Created <span class=""><a href="attachment.cgi?id=5513" name="attach_5513" title="Fragments for Dansguardian and SME 9.1">attachment 5513</a> <a href="attachment.cgi?id=5513&amp;action=edit" title="Fragments for Dansguardian and SME 9.1">[details]</a></span>
Fragments for Dansguardian and SME 9.1

As requested. Here are the fragments for SME Linux Dansguardian.

The Dansguardian panel was not installing properly for 9.1 and it was requested
that providing these files it would move the development of the panel along. 
I would like to put my best foot forward. BUT this is my first attempt at this.
I hope It is correct. I have tried to go over it a couple of times to get it
right. Its not as easy as it looks. Added to that making fragments for things
your not sure what they do.  
Thank you.
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 24 May 12:54 2016

[Bug 9524] learn is not able to create links when folder already in place

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9524.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"
Bug ID Summary Classification Product Version Hardware OS Status Severity Priority Component Assignee Reporter QA Contact
9524
learn is not able to create links when folder already in place
Contribs
SME Contribs
9.1
---
---
CONFIRMED
normal
P3
smeserver-learn
tests <at> pialasse.com
tests <at> pialasse.com
contribteam <at> lists.contribs.org

the functionality to link other folter to the junkmail one, is limited by the aspect hat if the folder actually exists before learn runs, it is not able to link the two. a way would be to check if the location exsits and is a not a link but a folder, then to : 1- move its subcontent ( ie in cur and new) to junkmail 2- delete it and its remaining content ( cur, tmp new) 3- finally create the link
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - learn is not able to create links when folder already in place" href="https://bugs.contribs.org/show_bug.cgi?id=9524">Bug 9524</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><table border="1" cellspacing="0" cellpadding="8">
<tr>Bug ID
          <td>
<a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - learn is not able to create links when folder already in place" href="https://bugs.contribs.org/show_bug.cgi?id=9524">9524</a>
          </td>
        </tr>
<tr>Summary
          <td>learn is not able to create links when folder already in place
          </td>
        </tr>
<tr>Classification
          <td>Contribs
          </td>
        </tr>
<tr>Product
          <td>SME Contribs
          </td>
        </tr>
<tr>Version
          <td>9.1
          </td>
        </tr>
<tr>Hardware
          <td>---
          </td>
        </tr>
<tr>OS
          <td>---
          </td>
        </tr>
<tr>Status
          <td>CONFIRMED
          </td>
        </tr>
<tr>Severity
          <td>normal
          </td>
        </tr>
<tr>Priority
          <td>P3
          </td>
        </tr>
<tr>Component
          <td>smeserver-learn
          </td>
        </tr>
<tr>Assignee
          <td>tests <at> pialasse.com
          </td>
        </tr>
<tr>Reporter
          <td>tests <at> pialasse.com
          </td>
        </tr>
<tr>QA Contact
          <td>contribteam <at> lists.contribs.org
          </td>
        </tr>
</table>
<p>
        </p>
<div>
        the functionality to link other folter to the junkmail one, is limited by the
aspect hat if the folder actually exists before learn runs, it is not able to
link the two.

a way would be to check if the location exsits and is a not a link but a
folder, then to :
1- move its subcontent ( ie  in cur and new) to junkmail
2- delete it and its remaining content ( cur, tmp new)
3- finally create the link
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 15:58 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 15 on bug 9514 from changing to /etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli20input /sbin/iptables -A IN_FROM_CHILLI ! -s $net -j denylog and to /etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom /sbin/iptables -A FORWARD_FROM_CHILLI ! -s $net -j denylog /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog remove three errors leaving only Bad argument `denylog' Try `iptables -h' or 'iptables --help' for more information. done that is related to the line : /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c15">Comment # 15</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span>
        changing to 
/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli20input

    /sbin/iptables -A IN_FROM_CHILLI ! -s $net -j denylog

and to
/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom

    /sbin/iptables -A FORWARD_FROM_CHILLI ! -s $net -j denylog
    /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog

remove three errors leaving only 

Bad argument `denylog'
Try `iptables -h' or 'iptables --help' for more information.
done

that is related to the line :
    /sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 15:40 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 14 on bug 9514 from increminated lines are in /etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli20input /sbin/iptables -A IN_FROM_CHILLI -s ! $net -j denylog and in /etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom /sbin/iptables -A FORWARD_FROM_CHILLI -s ! $net -j denylog /sbin/iptables -A FORWARD_FROM_CHILLI -o ! \$OUTERIF -j denylog
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c14">Comment # 14</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span>
        increminated lines are in 
/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli20input

    /sbin/iptables -A IN_FROM_CHILLI -s ! $net -j denylog

and in 
/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom

    /sbin/iptables -A FORWARD_FROM_CHILLI -s ! $net -j denylog
    /sbin/iptables -A FORWARD_FROM_CHILLI -o ! \$OUTERIF -j denylog
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 15:32 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 13 on bug 9514 from # service masq restart Shutting down IP masquerade and firewall rules: Done! Enabling IP masquerading: Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`). Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`). Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`). Bad argument `denylog' Try `iptables -h' or 'iptables --help' for more information. done
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c13">Comment # 13</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span>
        # service masq restart

Shutting down IP masquerade and firewall rules:         Done!

Enabling IP masquerading: Using intrapositioned negation (`--option ! this`) is
deprecated in favor of extrapositioned (`! --option this`).
Using intrapositioned negation (`--option ! this`) is deprecated in favor of
extrapositioned (`! --option this`).
Using intrapositioned negation (`--option ! this`) is deprecated in favor of
extrapositioned (`! --option this`).
Bad argument `denylog'
Try `iptables -h' or 'iptables --help' for more information.
done
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 11:20 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 12 on bug 9514 from hi there Daniel already found the errors I was referring to.. I saw those messages during boot I did not make any big test.. I installed and configured chilli on a VM with 3 nic (IIRC SME must be in server and gateway mode).. the privare one was on a internal net (using virtualbox), the WAN one was in bridge, the 3rd in a different private subnet.. I attached another VM (a windoes client) to the latter.. it got the right IP from chilli subnet (10.x.y.z), but it can not surf the net via browser.. the same client, in the LAN subnet (and a different IP) had no problems to surf.. did not test anything more.. I still have the VM laying around, I have to find it (and the time) and try again..
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c12">Comment # 12</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:zamboni <at> mind-at-work.it" title="Stefano Zamboni &lt;zamboni <at> mind-at-work.it&gt;"> <span class="fn">Stefano Zamboni</span></a>
</span>
        hi there

Daniel already found the errors I was referring to.. I saw those messages
during boot

I did not make any big test.. I installed and configured chilli on a VM with 3
nic (IIRC SME must be in server and gateway mode).. the privare one was on a
internal net (using virtualbox), the WAN one was in bridge, the 3rd in a
different private subnet..
I attached another VM (a windoes client) to the latter.. it got the right IP
from chilli subnet (10.x.y.z), but it can not surf the net via browser..
the same client, in the LAN subnet (and a different IP) had no problems to
surf..

did not test anything more.. I still have the VM laying around, I have to find
it (and the time) and try again..
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 11:05 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 11 on bug 9514 from with 2 more network interface ( and still in server only mode I got) : # ps aux | grep chilli 395 2006 0.0 0.0 41508 328 ? Ss 04:19 0:00 /usr/sbin/chilli -c /etc/chilli.conf --pidfile=/var/run/chilli.pid root 3113 0.0 0.0 103312 840 pts/0 S+ 04:21 0:00 grep chilli ]# ifconfig eth0 Link encap:Ethernet HWaddr 36:10:D4:75:D1:57 inet addr:192.168.56.49 Bcast:192.168.56.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:201 errors:0 dropped:0 overruns:0 frame:0 TX packets:215 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:49904 (48.7 KiB) TX bytes:20811 (20.3 KiB) eth2 Link encap:Ethernet HWaddr 8A:29:FC:7C:BC:2A UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:2 errors:0 dropped:0 overruns:0 frame:0 TX packets:1 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:118 (118.0 b) TX bytes:42 (42.0 b) Interrupt:11 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:144 errors:0 dropped:0 overruns:0 frame:0 TX packets:144 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:12894 (12.5 KiB) TX bytes:12894 (12.5 KiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.1.0.1 P-t-P:10.1.0.1 Mask:255.255.255.0 UP POINTOPOINT RUNNING MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Stefano if you could get back on the error you found, I can not test further with my ccurrent VM without AP
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c11">Comment # 11</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:tests <at> pialasse.com" title="Unnilennium &lt;tests <at> pialasse.com&gt;"> <span class="fn">Unnilennium</span></a>
</span>
        with 2 more network interface ( and still in server only mode I got) :

# ps aux | grep chilli
395       2006  0.0  0.0  41508   328 ?        Ss   04:19   0:00
/usr/sbin/chilli -c /etc/chilli.conf --pidfile=/var/run/chilli.pid
root      3113  0.0  0.0 103312   840 pts/0    S+   04:21   0:00 grep chilli
]# ifconfig
eth0      Link encap:Ethernet  HWaddr 36:10:D4:75:D1:57
          inet addr:192.168.56.49  Bcast:192.168.56.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:201 errors:0 dropped:0 overruns:0 frame:0
          TX packets:215 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:49904 (48.7 KiB)  TX bytes:20811 (20.3 KiB)

eth2      Link encap:Ethernet  HWaddr 8A:29:FC:7C:BC:2A
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:118 (118.0 b)  TX bytes:42 (42.0 b)
          Interrupt:11

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:144 errors:0 dropped:0 overruns:0 frame:0
          TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:12894 (12.5 KiB)  TX bytes:12894 (12.5 KiB)

tun0      Link encap:UNSPEC  HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.1.0.1  P-t-P:10.1.0.1  Mask:255.255.255.0
          UP POINTOPOINT RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Stefano if you could get back on the error you found, I can not test further
with my ccurrent VM without AP
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 10:12 2016

[Bug 9522] warning on screen during boot

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9522.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"
Bug ID Summary Classification Product Version Hardware OS Status Severity Priority Component Assignee Reporter QA Contact
9522
warning on screen during boot
Contribs
SME Contribs
9.1
---
---
CONFIRMED
normal
P3
smeserver-freepbx
daniel <at> firewall-services.com
tests <at> pialasse.com
contribteam <at> lists.contribs.org

at the end of boot sequence you can read: Starting system message bus [OK] /etc/amportal.conf: line 624: reg: command not found /etc/amportal.conf: line 785: http://feeds.feedburner.com/InsideTheAsterisk: No such file or directory the line 624 and previous: # Alt for Footer Logo # Default Value: FreePBX&reg; BRAND_FREEPBX_ALT_FOOT=FreePBX&reg; the line 785 and previous: # RSS Feeds # Default Value: http://www.freepbx.org/rss.xml\nhttp://feeds.feedburner.com/InsideTheAsterisk RSSFEEDS=http://www.freepbx.org/rss.xml http://feeds.feedburner.com/InsideTheAsterisk seems like a upstream (freepbx issue, this is not a major issue)
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - warning on screen during boot" href="https://bugs.contribs.org/show_bug.cgi?id=9522">Bug 9522</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><table border="1" cellspacing="0" cellpadding="8">
<tr>Bug ID
          <td>
<a class="bz_bug_link 
          bz_status_CONFIRMED " title="CONFIRMED - warning on screen during boot" href="https://bugs.contribs.org/show_bug.cgi?id=9522">9522</a>
          </td>
        </tr>
<tr>Summary
          <td>warning on screen  during boot
          </td>
        </tr>
<tr>Classification
          <td>Contribs
          </td>
        </tr>
<tr>Product
          <td>SME Contribs
          </td>
        </tr>
<tr>Version
          <td>9.1
          </td>
        </tr>
<tr>Hardware
          <td>---
          </td>
        </tr>
<tr>OS
          <td>---
          </td>
        </tr>
<tr>Status
          <td>CONFIRMED
          </td>
        </tr>
<tr>Severity
          <td>normal
          </td>
        </tr>
<tr>Priority
          <td>P3
          </td>
        </tr>
<tr>Component
          <td>smeserver-freepbx
          </td>
        </tr>
<tr>Assignee
          <td>daniel <at> firewall-services.com
          </td>
        </tr>
<tr>Reporter
          <td>tests <at> pialasse.com
          </td>
        </tr>
<tr>QA Contact
          <td>contribteam <at> lists.contribs.org
          </td>
        </tr>
</table>
<p>
        </p>
<div>
        at the end of boot sequence you can read:
Starting system message bus                    [OK]
/etc/amportal.conf: line 624: reg: command not found
/etc/amportal.conf: line 785: <a href="http://feeds.feedburner.com/InsideTheAsterisk">http://feeds.feedburner.com/InsideTheAsterisk</a>: No
such file or directory

the line 624 and previous:
# Alt for Footer Logo
# Default Value: FreePBX&amp;reg;
BRAND_FREEPBX_ALT_FOOT=FreePBX&amp;reg;

the line 785 and previous:
# RSS Feeds
# Default Value:
<a href="http://www.freepbx.org/rss.xml%5Cnhttp://feeds.feedburner.com/InsideTheAsterisk">http://www.freepbx.org/rss.xml\nhttp://feeds.feedburner.com/InsideTheAsterisk</a>
RSSFEEDS=<a href="http://www.freepbx.org/rss.xml">http://www.freepbx.org/rss.xml</a>
<a href="http://feeds.feedburner.com/InsideTheAsterisk">http://feeds.feedburner.com/InsideTheAsterisk</a>

seems like a upstream (freepbx issue, this is not a major issue)
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>
bugzilla-daemon | 23 May 10:04 2016

[Bug 9514] smeserver-coova-chilli update

Please DO NOT REPLY to this mail or send email to the developers about this bug.

Please follow-up to Bugzilla via Bug 9514.

Have you checked the Frequently Asked Questions (FAQ)?

Please also take the time to read "How to Report Bugs Effectively"

Comment # 10 on bug 9514 from (In reply to Unnilennium from comment #8) > May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation > (`--option ! this`) is deprecated in favor of extrapositioned (`! --option > this`). > May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation > (`--option ! this`) is deprecated in favor of extrapositioned (`! --option > this`). > May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation > (`--option ! this`) is deprecated in favor of extrapositioned (`! --option > this`). > May 23 03:58:22 sme9x64 esmith::event[3130]: Bad argument `denylog' > May 23 03:58:22 sme9x64 esmith::event[3130]: Try `iptables -h' or 'iptables [...] > I do not see any firewall error. Not that I have no AP connected. Yes, you have firewall related errors. Note however that without the eth2 interface, you won't get anything working (coova daemon won't be able to start)
You are receiving this mail because:
  • You are the QA Contact for the bug.
<div>
Please DO NOT REPLY to this mail or send email to the developers about this bug.<br><br>
Please follow-up to Bugzilla via <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">Bug 9514</a>.<br><br>
Have you checked the <a href="http://wiki.contribs.org/SME_Server:Documentation:FAQ">Frequently Asked Questions (FAQ)</a>?<br><br>
Please also take the time to read "<a href="http://www.chiark.greenend.org.uk/~sgtatham/bugs.html">How to Report Bugs Effectively</a>"<br><p>
        </p>
<div>
            <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514#c10">Comment # 10</a>
              on <a class="bz_bug_link 
          bz_status_IN_PROGRESS " title="IN_PROGRESS - smeserver-coova-chilli update" href="https://bugs.contribs.org/show_bug.cgi?id=9514">bug 9514</a>
              from <span class="vcard"><a class="email" href="mailto:daniel <at> firewall-services.com" title="Daniel B. &lt;daniel <at> firewall-services.com&gt;"> <span class="fn">Daniel B.</span></a>
</span>
        (In reply to Unnilennium from <a href="show_bug.cgi?id=9514#c8">comment #8</a>)

<span class="quote">&gt; May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation
&gt; (`--option ! this`) is deprecated in favor of extrapositioned (`! --option
&gt; this`).
&gt; May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation
&gt; (`--option ! this`) is deprecated in favor of extrapositioned (`! --option
&gt; this`).
&gt; May 23 03:58:22 sme9x64 esmith::event[3130]: Using intrapositioned negation
&gt; (`--option ! this`) is deprecated in favor of extrapositioned (`! --option
&gt; this`).
&gt; May 23 03:58:22 sme9x64 esmith::event[3130]: Bad argument `denylog'
&gt; May 23 03:58:22 sme9x64 esmith::event[3130]: Try `iptables -h' or 'iptables</span>

[...]

<span class="quote">&gt; I do not see any firewall error. Not that I have no AP connected.</span>

Yes, you have firewall related errors. Note however that without the eth2
interface, you won't get anything working (coova daemon won't be able to start)
        </div>

      <span>You are receiving this mail because:</span>

      <ul>
<li>You are the QA Contact for the bug.</li>
      </ul>
</div>

Gmane