Posts by Jadawin

  • Domain edit error and can't activate debug mode

    Quote from Nuxwin


    Why run the imscp-setup script?


    This is for the second problem I have. I tried to activate the debug mode. How can I activate it? Setting it in imscp.conf has no effect. It just won't display the infobar on the management interface :(


    Quote from Nuxwin


    In such case, you should either trigger a new backend request through the frontEnd (debugger interface) or run the request manager (perl /var/www/imscp/engine/imscp-rqst-mngr). Of course, in both cases, you must set status of entities that cause the problem to 'tochange'.


    I did exactly that via frontend. This worked.


    Quote from Nuxwin


    Anyway, more info are needed:


    You edited the domain from which interface? Admin interface? Reseller interface?
    What was the property did you tried to edit exactly?


    Ok I think I was too tired this morning :)
    Over the admin interface. I tried to edit a domain, which domain doesn't matter, I tried several and it happens on all of them. Also on newly created domains.
    It also doesn't matter which property I update. I tried to update the number of email accounts a user can have => error. Mail storage => error. Number of subdomains => error.

  • Domain edit error and can't activate debug mode

    Hi


    I can't change a domains properties. On save I get this error:

    Code
    1. An error has been encountered
    4. An exception with the following message has been thrown in file /var/www/imscp/gui/library/iMSCP/Database.php (Line: 463):
    7. There is no active transaction


    Happens on git master from last week and from this morning.


    If I change properties directly in the database and set domain_status on tochange and execute the request daemon it works without any problems.



    I can't give any more infos. I can't activate the debug mode. :(
    In imscp.conf I set DEBUG = 1. Then executed imscp-setup -d. But nothing helped...

  • Mail autoconfiguration for Thunderbird and Outlook

    Quote from TheCry


    Nice feature.. But i think it is better to use a plugin for your solution.
    So you don't need to change the templates


    I have my own git repo for changes like this.
    But if I'm motivated enough some day I will do the work and would also do a suitable UI with some options... (configuring a configuration for autoconfiguration to configure a mail account in a mail client, yay xD)


    Quote from tracer


    I had issues with a customer who had a similar config, as the TLS certs won't match the URL, unless you have a wildcard cert.


    Then you can go with the domain, Outlook looks also in http://domain.ch/autodiscover/autodiscover.xml

  • Mail autoconfiguration for Thunderbird and Outlook

    With this howto mail settings get automatically configured if a user sets up an email account in Thunderbird or Outlook 2007+.


    If the user has the email account [email protected], the mail clients look in different locations:
    Thunderbird looks for settings in:
    http://autoconfig.emaildomain.ch/mail/config-v1.1.xml
    http://emaildomain.ch/.well-kn…nfig/mail/config-v1.1.xml
    Outlook looks for settings in:
    https://autodiscover.emaildoma…discover/autodiscover.xml
    https://emaildomain.ch/autodiscover/autodiscover.xml


    Since I have a DNS wildcard for every domain to the server I use autoconfig.*/autodiscover.*.


    1. edit 00_master_ssl.conf (or whatever your first SSL virtual host is)
    Add this alias in the "SECTION custom" block:

    Code
    1. Alias /autodiscover/autodiscover.xml /var/www/imscp/gui/public/autodiscover/autodiscover.php


    2. Put the files autodiscover/autodiscover.php and mail/config-v1.1.xml (see attachment) in the imscp public folder (or to the htdocs folder from the first virtualhost):
    /var/www/imscp/gui/public/autodiscover/autodiscover.php
    /var/www/imscp/gui/public/mail/config-v1.1.xml
    And adjust them to your needs. (I configured TLS and mail.emaildomain.ch with IMAP/SMTP)


    3. reload apache:
    service apache2 reload


    4. done ;)



    [size=large]You need to do this howto every time you update imscp!
    [/size]


    Notes:
    - Both Thunderbird and Outlook display a certificate warning for the SMTP/IMAP domain, since there is probably no valid certificate for mail.emaildomain.ch. You can also use admin.yourdomain.ch as IMAP/SMTP server if you have a valid SSL certificate for it.
    - Outlook also shows a SSL warning for autodiscover.emaildomain.ch
    - You can also configure POP3 instead of IMAP, see the documentation for the correct settings.
    - You can also setup a seperate vhost with "Serveralias autoconfig.* autodiscover.*" and PHP configured. This one wouldn't be deleted on imscp updates but needs a bit tinkering.



    Documentation:
    https://developer.mozilla.org/…rbird%2FAutoconfiguration
    http://technet.microsoft.com/e…507%28v=office.14%29.aspx
    (The TLS option is undocumented for Outlook, I found it somewhere on the internet...)

    Files

  • imscp iptables template

    Here you go:


    Keep in mind, you need shorewall6 for ipv6 traffic / ip6tables.



    shorewall.conf:
    Mostly standard config, except "ADMINISABSENTMINDED" activated (see file routestopped), "ACCOUNTING" is deactivated (imscp does it already), "IP_FORWARDING" activated (for ssh forwarding and vpn)

    Code
    1. ################################################################################# Shorewall Version 4 -- /etc/shorewall/shorewall.conf## For information about the settings in this file, type "man shorewall.conf"## Manpage also online at http://www.shorewall.net/manpages/shorewall.conf.html################################################################################ S T A R T U P E N A B L E D###############################################################################STARTUP_ENABLED=Yes################################################################################ V E R B O S I T Y###############################################################################VERBOSITY=1################################################################################ L O G G I N G###############################################################################LOGFILE=/var/log/messagesSTARTUP_LOG=/var/log/shorewall-init.logLOG_VERBOSITY=2LOGFORMAT="Shorewall:%s:%s:"LOGTAGONLY=NoLOGRATE=LOGBURST=LOGALLNEW=BLACKLIST_LOGLEVEL=MACLIST_LOG_LEVEL=infoTCP_FLAGS_LOG_LEVEL=infoSMURF_LOG_LEVEL=infoLOG_MARTIANS=Yes################################################################################ L O C A T I O N O F F I L E S A N D D I R E C T O R I E S###############################################################################IPTABLES=IP=TC=IPSET=PERL=/usr/bin/perlPATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbinSHOREWALL_SHELL=/bin/shSUBSYSLOCK=""MODULESDIR=CONFIG_PATH=/etc/shorewall:/usr/share/shorewallRESTOREFILE=IPSECFILE=zonesLOCKFILE=################################################################################ D E F A U L T A C T I O N S / M A C R O S###############################################################################DROP_DEFAULT="Drop"REJECT_DEFAULT="Reject"ACCEPT_DEFAULT="none"QUEUE_DEFAULT="none"NFQUEUE_DEFAULT="none"################################################################################ R S H / R C P C O M M A N D S###############################################################################RSH_COMMAND='ssh ${root}@${system} ${command}'RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'################################################################################ F I R E W A L L O P T I O N S###############################################################################IP_FORWARDING=OnADD_IP_ALIASES=NoADD_SNAT_ALIASES=NoRETAIN_ALIASES=NoTC_ENABLED=InternalTC_EXPERT=NoTC_PRIOMAP="2 3 3 3 2 3 1 1 2 2 2 2 2 2 2 2"CLEAR_TC=YesMARK_IN_FORWARD_CHAIN=NoCLAMPMSS=NoROUTE_FILTER=YesDETECT_DNAT_IPADDRS=NoMUTEX_TIMEOUT=60ADMINISABSENTMINDED=YesBLACKLISTNEWONLY=YesDELAYBLACKLISTLOAD=NoMODULE_SUFFIX=koDISABLE_IPV6=NoBRIDGING=NoDYNAMIC_ZONES=NoPKTTYPE=YesNULL_ROUTE_RFC1918=NoMACLIST_TABLE=filterMACLIST_TTL=SAVE_IPSETS=NoMAPOLDACTIONS=NoFASTACCEPT=NoIMPLICIT_CONTINUE=NoHIGH_ROUTE_MARKS=NoUSE_ACTIONS=YesOPTIMIZE=0EXPORTPARAMS=YesEXPAND_POLICIES=YesKEEP_RT_TABLES=NoDELETE_THEN_ADD=YesMULTICAST=NoDONT_LOAD=AUTO_COMMENT=YesMANGLE_ENABLED=YesUSE_DEFAULT_RT=NoRESTORE_DEFAULT_ROUTE=YesAUTOMAKE=NoWIDE_TC_MARKS=NoTRACK_PROVIDERS=NoZONE2ZONE=2ACCOUNTING=NoDYNAMIC_BLACKLIST=YesOPTIMIZE_ACCOUNTING=NoLOAD_HELPERS_ONLY=NoREQUIRE_INTERFACE=NoFORWARD_CLEAR_MARK=YesSMURF_DISPOSITION=DROP################################################################################ P A C K E T D I S P O S I T I O N###############################################################################BLACKLIST_DISPOSITION=DROPMACLIST_DISPOSITION=REJECTTCP_FLAGS_DISPOSITION=DROP#LAST LINE -- DO NOT REMOVE


    zones:
    just ignore the vpn part

    Code
    1. ## Shorewall version 4.0 - Sample Zones File for one-interface configuration.# Copyright (C) 2006 by the Shorewall Team## This library is free software; you can redistribute it and/or# modify it under the terms of the GNU Lesser General Public# License as published by the Free Software Foundation; either# version 2.1 of the License, or (at your option) any later version.## See the file README.txt for further details.#-----------------------------------------------------------------------------# For information about entries in this file, type "man shorewall-zones"################################################################################ZONE TYPE OPTIONS IN OUT# OPTIONS OPTIONSfw firewallnet ipv4vpn ipv4


    interfaces:

    Code
    1. ## Shorewall version 4.0 - Sample Interfaces File for one-interface configuration.# Copyright (C) 2006 by the Shorewall Team## This library is free software; you can redistribute it and/or# modify it under the terms of the GNU Lesser General Public# License as published by the Free Software Foundation; either# version 2.1 of the License, or (at your option) any later version.## See the file README.txt for further details.#------------------------------------------------------------------------------# For information about entries in this file, type "man shorewall-interfaces"################################################################################ZONE INTERFACE BROADCAST OPTIONSnet eth0 - logmartians,nosmurfsvpn tun0 detect dhcp,optional- lo - ignore


    policy:

    Code
    1. # For information about entries in this file, type "man shorewall-policy"################################################################################SOURCE DEST POLICY LOG LEVEL LIMIT:BURST$FW net ACCEPT$FW vpn ACCEPTvpn net ACCEPTvpn $FW ACCEPT# The FOLLOWING POLICY MUST BE LASTall all REJECT


    params:
    I once had multiple IPs (each with different open ports) and configured them here

    Code
    1. # file gets executed by shIP_0=myipv4


    rules:
    - in a single ip setup you just need to write $FW instead of $FW:$IP_0
    - standard ports are the imscp services except mysql but includes ssh port 22 and all the SSL ports for mail and http.
    - if your server serves DNS for some domains, open port 53
    - set the proftpd passive ports to what is configured in your proftpd.conf
    - the rules file for ipv6 is really the same but the icmp protocol is named "ipv6-icmp"


    Code
    1. #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK# PORT PORT(S) DEST LIMIT GROUPSECTION ALLSECTION ESTABLISHEDSECTION RELATEDSECTION NEW# all -> all# Policy: rejectACCEPT all all icmp# internet -> server# policy: rejectCOMMENT Standard portsACCEPT net $FW:$IP_0 tcp 21,22,25,80,110,143,443,465,587,993,995#ACCEPT net $FW:$IP_0 tcp,udp 53COMMENT proftpd passive portsACCEPT net $FW:$IP_0 tcp 60000:65535COMMENT ejabberdACCEPT net $FW:$IP_0 tcp 5222,5269,8010COMMENT MinecraftACCEPT net $FW:$IP_0 tcp 25565COMMENT VNCACCEPT net $FW:$IP_0 tcp 5901:5909COMMENT openVPNACCEPT net $FW:$IP_0 tcp,udp 1194


    routestopped:
    if you stop* shorewall/shorewall6, the rules here are activated.
    if you activate ADMINISABSENTMINDED, then open connections stay active, otherwise they would be cut off. The server can also make new connections to the internet.

    Code
    1. #INTERFACE HOST(S) OPTIONS PROTO DEST SOURCE
    2. # PORT(S) PORT(S)
    3. eth0 - source,dest,notrack tcp 22


    * stopping shorewall means stopping all the traffic from/to the server. It's somehow an emergency brake. But be aware, this does not help against UDP DDOS attacks.



    Hope it helps ;)

  • Cannot receive email - User unknown in local recipient table

    Quote from krok


    Why do you use a relay SMTP ?
    domain from = eyrie.in
    smtp = google.com


    Google Mailservers are responsible for mail so I think this shouldn't be the problem...



    Now the server seems completly down....


    Post the new logfiles as soon as the server is up again ;)

  • Unable to send or receive mail on i-mscp

    The latest log entries show connection timeouts but DNS works fine...



    Do you run a firewall or something?
    Or you may be blocked by Google, but I don't think so...
    Have you tried sending to another adress? like trashmail.net or similar...



    Beside that, in what timezone do you live? :)