Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th June 2009, 11:08
Master One Master One is offline
Junior Member
 
Join Date: Mar 2008
Posts: 23
Thanks: 1
Thanked 0 Times in 0 Posts
Question ISPConfig 3: Monitor Module & Logfiles - All setup correctly?

A fresh installation of ISPConfig 3.0.1.3 on Ubuntu Server 9.04 Minimal (as offered as install-image by Hetzner) with all necessary steps according to The Perfect Server - Ubuntu 9.04 [ISPConfig 3] executed.

When I enter the Monitor module "System State (All Servers) >> Show Overview" everything looks OK, except the warning of "Your Virus-protection is OUTDATED!" due to the latest upgrade of ClamAV not being in the Ubuntu repos (so nothing to worry about).

When I enter "System State (All Servers) >> Show System-Log", the log (ISPConfig Protokoll) seems to be empty. Is this normal?

Then the logfiles:

Show Mail-Log
Code:
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Found decoder for .zoo at /usr/bin/zoo
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: No decoder for .lha
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: No decoder for .doc tried: ripole
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Found decoder for .cab at /usr/bin/cabextract
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: No decoder for .tnef
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Internal decoder for .tnef
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Found decoder for .exe at /usr/bin/arj
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Using primary internal av scanner code for ClamAV-clamd
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Jun 26 08:46:58 <HOSTNAME> amavis[2750]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.34, libdb 4.6
Jun 26 08:47:00 <HOSTNAME> spamd[2907]: logger: removing stderr method
Jun 26 08:47:02 <HOSTNAME> spamd[2956]: spamd: server started on port 783/tcp (running version 3.2.5)
Jun 26 08:47:02 <HOSTNAME> spamd[2956]: spamd: server pid: 2956
Jun 26 08:47:02 <HOSTNAME> spamd[2956]: spamd: server successfully spawned child process, pid 3222
Jun 26 08:47:02 <HOSTNAME> spamd[2956]: spamd: server successfully spawned child process, pid 3223
Jun 26 08:47:02 <HOSTNAME> spamd[2956]: prefork: child states: II
Jun 26 08:47:04 <HOSTNAME> authdaemond: modules="authmysql", daemons=5
Jun 26 08:47:04 <HOSTNAME> authdaemond: Installing libauthmysql
Jun 26 08:47:04 <HOSTNAME> authdaemond: Installation complete: authmysql
Jun 26 08:47:05 <HOSTNAME> postfix/master[3510]: daemon started -- version 2.5.5, configuration /etc/postfix
Jun 26 08:50:01 <HOSTNAME> pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 26 08:50:01 <HOSTNAME> pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 26 08:50:01 <HOSTNAME> imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 26 08:50:01 <HOSTNAME> imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 26 08:50:02 <HOSTNAME> postfix/smtpd[3786]: connect from localhost[127.0.0.1]
Jun 26 08:50:02 <HOSTNAME> postfix/smtpd[3786]: lost connection after CONNECT from localhost[127.0.0.1]
Jun 26 08:50:02 <HOSTNAME> postfix/smtpd[3786]: disconnect from localhost[127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 26 08:55:01 <HOSTNAME> postfix/smtpd[3893]: connect from localhost[127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> postfix/smtpd[3893]: lost connection after CONNECT from localhost[127.0.0.1]
Jun 26 08:55:01 <HOSTNAME> postfix/smtpd[3893]: disconnect from localhost[127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 26 09:00:01 <HOSTNAME> pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> postfix/smtpd[3986]: connect from localhost[127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> postfix/smtpd[3986]: lost connection after CONNECT from localhost[127.0.0.1]
Jun 26 09:00:01 <HOSTNAME> postfix/smtpd[3986]: disconnect from localhost[127.0.0.1]
Since amavis was missing some decoders, I just installed lha, ripole, tnef and ytnef, just to be sure. But what about these "Connection", "Disconnected" and "lost connection after CONNECT" messages every 5 minutes? Is this the normal behavior when idle?

Show System-Log
Code:
Jun 26 08:47:05 <HOSTNAME> kernel: [ 79.412564] warning: `pure-ftpd-mysql' uses 32-bit capabilities (legacy support in use)
Jun 26 08:50:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] New connection from localhost
Jun 26 08:50:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] Logout.
Jun 26 08:55:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] New connection from localhost
Jun 26 08:55:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] Logout.
Jun 26 09:00:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] New connection from localhost
Jun 26 09:00:01 <HOSTNAME> pure-ftpd: (?@localhost) [INFO] Logout.
Do these messages from pure-ftpd all 5 minutes show normal behavior?

Show ISPC Cron-Log
Code:
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
What about these getmail messages, which repeat themselves all over?

Show Clamav-Log: All looking good, except "Not loading PUA signatures.", whatever that means. Does anybody know?

Show RKHunter-Log: All looking good, except 4 warnings
Code:
/usr/bin/awk                                      [ Warning ]
Warning: The file properties have changed:
         File: /usr/bin/awk
         Current hash: 22d642d0b17926f529007e87ceb285526d49e40a
         Stored hash : 98a26834b3be4feb92d1db861490800742805128
/usr/bin/gawk                                     [ Warning ]
Warning: The file '/usr/bin/gawk' exists on the system, but it is not present in the rkhunter.dat file.
/usr/sbin/unhide                                  [ Warning ]
Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file.
/usr/sbin/unhide-linux26                          [ Warning ]
Warning: The file '/usr/sbin/unhide-linux26' exists on the system, but it is not present in the rkhunter.dat file.

System checks summary
=====================

File properties checks...
Files checked: 125
Suspect files: 4

Rootkit checks...
Rootkits checked : 110
Possible rootkits: 0

Applications checks...
Applications checked: 4
Suspect applications: 0
I guess, that's nothing to worry about, nevertheless it would be nice, if this could be fixed, because if you configure an email address in /etc/rkhunter.conf, it will inform you about these warnings every time the system is checked. Any idea?

Show fail2ban-Log
Code:
fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.3
fail2ban.server : ERROR Unexpected communication error
fail2ban.jail : INFO Creating new jail 'ssh'
fail2ban.jail : INFO Jail 'ssh' uses poller
fail2ban.server : ERROR Unexpected communication error
fail2ban.filter : INFO Added logfile = /var/log/auth.log
fail2ban.server : ERROR Unexpected communication error
fail2ban.filter : INFO Set maxRetry = 6
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.filter : INFO Set findtime = 600
fail2ban.server : ERROR Unexpected communication error
fail2ban.actions: INFO Set banTime = 600
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.server : ERROR Unexpected communication error
fail2ban.jail : INFO Jail 'ssh' started
fail2ban.server : ERROR Unexpected communication error
That's the snippet since the latest restart, which I did just now. Does fail2ban need to be configured, or is it supposed to work right out of the box? Is there any more info, what to do, to get it working on an installation with a typical ISPConfig 3 setup?

I know, that kind of stuff is not really ISPConfig related, since ISPConfig only shows the logs, but nevertheless it would be nice to get some recommendations. This is my first real-life experience with ISPConfig 3, and I just want to be sure, that everything is setup correctly, before I start using it.
Reply With Quote
Sponsored Links
  #2  
Old 27th June 2009, 19:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Quote:
Originally Posted by Master One View Post
Show ISPC Cron-Log
Code:
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
Error: configuration file /etc/getmail/*.conf does not exist
/usr/share/getmail4/getmailcore/baseclasses.py:26: DeprecationWarning: the sets module is deprecated
import sets
What about these getmail messages, which repeat themselves all over?
This happens because you didn't configure any fetchmail account in ISPConfig; this is nothing to worry about.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 10th July 2009, 18:51
danielborene danielborene is offline
Junior Member
 
Join Date: Jun 2009
Posts: 24
Thanks: 7
Thanked 2 Times in 1 Post
 
Default

To fix the error messages you're getting in your fail2ban.lo you need to upgrade your python version to 2.5
follow the steps below.

2009-06-19 21:07:28,487 fail2ban.server : ERROR Unexpected communication error
It's related to the python version, some type o incompatibility with ubuntu 9.04, this is what you had to do to fix this error:

1. Install python2.5 ( sudo aptitude install python2.5 )
2. edit file /usr/bin/fail2ban-server , change the very first line "#!/usr/bin/python" to "#/usr/bin/python2.5"
3. restart fail2ban


Go click on the link below, it will help you setup fail2ban for your ftp server as well.
http://howtoforge.net/forums/showthread.php?t=36791
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Loads of mysql connections to dbispconfig StrikerNL General 2 5th March 2009 14:31
suse 10.2 perfect setup without ISPCONFIG hjlopes Installation/Configuration 1 21st August 2008 20:21
ISPConfig Logfiles (2147483647 bytes) ISPConfigFan General 7 29th April 2008 22:37
ISPConfig 2.3.2-dev released till General 9 4th June 2007 10:46
Which IP's to use for ISPConfig setup skeeta Installation/Configuration 3 4th September 2005 08:30


All times are GMT +2. The time now is 09:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.