You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Rohit Dhamal <ro...@yahoo.com> on 2020/05/13 21:24:52 UTC
Issues in iptables configuration
Dear All,
Greetings,
Being my first mail I feel both nervous and excited to interact with you guys. you guys are really awesome!
I followed this for openmeetings
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
the last rulesudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis was accepted
sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis created a problem and output as below
# sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
iptables: No chain/target/match by that name.
After this in iptables -L, I cannot see the rules.
I set the rules manually from the gufw.
By the way I am using the live iso for OM 5m4.
Moreover in my router I don't have internal port range support in my router. how do I accomplish this?
This was the last instruction and I cannot wait to take openmeetings online!
Thanks and Regards,
Rohit Dhamal
Re: Issues in iptables configuration
Posted by Partha Datta <da...@gmail.com>.
Hello,
The iptables command should be
sudo iptables -A OUTPUT -p udp --match multiport --dports 49152:65535 -j
ACCEPT
There is no chain named OUT, so it is throwing error.
Cheers,
Partha
On Thu, May 14, 2020 at 2:55 AM Rohit Dhamal <ro...@yahoo.com> wrote:
> Dear All,
> Greetings,
> Being my first mail I feel both nervous and excited to interact with you
> guys. you guys are really awesome!
>
> I followed this for openmeetings
>
> https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation
> SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
>
> the last rule
> sudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this was accepted
>
> sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this created a problem and output as below
>
> # sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
> iptables: No chain/target/match by that name.
>
> After this in iptables -L, I cannot see the rules.
> I set the rules manually from the gufw.
> By the way I am using the live iso for OM 5m4.
>
> Moreover in my router I don't have internal port range support in my
> router. how do I accomplish this?
>
> [image: Inline image]
>
>
>
> This was the last instruction and I cannot wait to take openmeetings
> online!
>
> Thanks and Regards,
>
> Rohit Dhamal
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: Issues in iptables configuration
Posted by Tom Vega <tv...@databytechile.com>.
Hello Rohit,
this is what i did on my M3 installation server and works like a charm even
with auto ssl from lets encrypt:
Nginx virtual host
server {
listen 80;
server_name meetings.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name meetings.example.com;
ssl_certificate /etc/letsencrypt/live/
meetings.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/
meetings.example.com/privkey.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/openmeetings.access.log;
location / {
proxy_pass https://localhost:5443;
proxy_set_header host $host;
proxy_http_version 1.1;
proxy_set_header upgrade $http_upgrade;
proxy_set_header connection "upgrade";
}
}
El jue., 14 may. 2020 a las 0:44, Rohit Dhamal (<ro...@yahoo.com>)
escribió:
> Dear guys,
> the problem of the port settings has got solved now. you need to keep the
> internal port in the line 5 blank. I tried many things and now after
> leaving it blank, it took the range automatically. thanks for your concern.
> A final problem remains is that OM can now be accessed only by
> https://yourdomain:8080/openmeetings. the proxy script given at
> stackoverflow, unfortunately does not work. It just lead to the signin page
> and nothing works there. I am not able to find out why this occurs. Any
> tutorial to solve this is highly welcome. It would also be better if we
> could get OM to work just on port 443 alone. This is a big challenge but
> many similar solutions work on only a single port.
>
> Thanks and Regards,
> Rohit Dhamal.
> On Thursday, 14 May, 2020, 10:04:47 am IST, Maxim Solodovnik <
> solomax666@gmail.com> wrote:
>
>
> I'm not very familiar with iptables
> Can someone take a look?
>
> line #5 looks suspicious to me
> it seems port-range is mapped to single port, this doesn't look right
>
>
> Maybe you can start with no restrictions
> check if it works then add restrictions one-by-one, layer-by-layer
>
> On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
>
> Dear All,
> Greetings,
> Being my first mail I feel both nervous and excited to interact with you
> guys. you guys are really awesome!
>
> I followed this for openmeetings
>
> https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation
> SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
>
> the last rule
> sudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this was accepted
>
> sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this created a problem and output as below
>
> # sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
> iptables: No chain/target/match by that name.
>
> After this in iptables -L, I cannot see the rules.
> I set the rules manually from the gufw.
> By the way I am using the live iso for OM 5m4.
>
> Moreover in my router I don't have internal port range support in my
> router. how do I accomplish this?
>
> [image: Inline image]
>
>
>
> This was the last instruction and I cannot wait to take openmeetings
> online!
>
> Thanks and Regards,
>
> Rohit Dhamal
>
>
>
> --
> Best regards,
> Maxim
>
Re: Issues in iptables configuration
Posted by Maxim Solodovnik <so...@gmail.com>.
On Fri, 15 May 2020 at 14:26, Rohit Dhamal <ro...@yahoo.com> wrote:
> Dear Tom, Thank you very much for the nginx Configuration. It really works
> magical! I have tested it and found it to be working fantastic. I am very
> thankful to you and all the opemmeetings team for developing such a
> fabulous software. Though I am not a computer person like you guys ( I am
> a Medical Biotechnologist) I am recently finding servers and networking
> very interesting. Would like to learn and contribute to openmeetings and
> server configurations. Where do I begin?
>
You can improve the translation https://poeditor.com/join/project/6UF8Mhql61
:))
> Thanks again.
>
> Regards,
> Rohit Dhamal.
> On Thursday, 14 May, 2020, 11:49:42 am IST, Maxim Solodovnik <
> solomax666@gmail.com> wrote:
>
>
> To get front-end proxy config for 5.0.x please search mailing lists (for
> ex. here https://openmeetings.markmail.org/)
> SO question was for 4.0.x, you can ask new question about 5.0.x I'll share
> Apache config :)
>
> On Thu, 14 May 2020 at 12:44, Rohit Dhamal <ro...@yahoo.com> wrote:
>
> Dear guys,
> the problem of the port settings has got solved now. you need to keep the
> internal port in the line 5 blank. I tried many things and now after
> leaving it blank, it took the range automatically. thanks for your concern.
> A final problem remains is that OM can now be accessed only by
> https://yourdomain:8080/openmeetings. the proxy script given at
> stackoverflow, unfortunately does not work. It just lead to the signin page
> and nothing works there. I am not able to find out why this occurs. Any
> tutorial to solve this is highly welcome. It would also be better if we
> could get OM to work just on port 443 alone. This is a big challenge but
> many similar solutions work on only a single port.
>
> Thanks and Regards,
> Rohit Dhamal.
> On Thursday, 14 May, 2020, 10:04:47 am IST, Maxim Solodovnik <
> solomax666@gmail.com> wrote:
>
>
> I'm not very familiar with iptables
> Can someone take a look?
>
> line #5 looks suspicious to me
> it seems port-range is mapped to single port, this doesn't look right
>
>
> Maybe you can start with no restrictions
> check if it works then add restrictions one-by-one, layer-by-layer
>
> On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
>
> Dear All,
> Greetings,
> Being my first mail I feel both nervous and excited to interact with you
> guys. you guys are really awesome!
>
> I followed this for openmeetings
>
> https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation
> SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
>
> the last rule
> sudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this was accepted
>
> sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this created a problem and output as below
>
> # sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
> iptables: No chain/target/match by that name.
>
> After this in iptables -L, I cannot see the rules.
> I set the rules manually from the gufw.
> By the way I am using the live iso for OM 5m4.
>
> Moreover in my router I don't have internal port range support in my
> router. how do I accomplish this?
>
> [image: Inline image]
>
>
>
> This was the last instruction and I cannot wait to take openmeetings
> online!
>
> Thanks and Regards,
>
> Rohit Dhamal
>
>
>
> --
> Best regards,
> Maxim
>
>
>
> --
> Best regards,
> Maxim
>
--
Best regards,
Maxim
Re: Issues in iptables configuration
Posted by Rohit Dhamal <ro...@yahoo.com>.
Dear Tom, Thank you very much for the nginx Configuration. It really works magical! I have tested it and found it to be working fantastic. I am very thankful to you and all the opemmeetings team for developing such a fabulous software. Though I am not a computer person like you guys ( I am a Medical Biotechnologist) I am recently finding servers and networking very interesting. Would like to learn and contribute to openmeetings and server configurations. Where do I begin?Thanks again.
Regards,
Rohit Dhamal.
On Thursday, 14 May, 2020, 11:49:42 am IST, Maxim Solodovnik <so...@gmail.com> wrote:
To get front-end proxy config for 5.0.x please search mailing lists (for ex. here https://openmeetings.markmail.org/)SO question was for 4.0.x, you can ask new question about 5.0.x I'll share Apache config :)
On Thu, 14 May 2020 at 12:44, Rohit Dhamal <ro...@yahoo.com> wrote:
Dear guys,
the problem of the port settings has got solved now. you need to keep the internal port in the line 5 blank. I tried many things and now after leaving it blank, it took the range automatically. thanks for your concern.
A final problem remains is that OM can now be accessed only by https://yourdomain:8080/openmeetings. the proxy script given at stackoverflow, unfortunately does not work. It just lead to the signin page and nothing works there. I am not able to find out why this occurs. Any tutorial to solve this is highly welcome. It would also be better if we could get OM to work just on port 443 alone. This is a big challenge but many similar solutions work on only a single port.
Thanks and Regards,
Rohit Dhamal.
On Thursday, 14 May, 2020, 10:04:47 am IST, Maxim Solodovnik <so...@gmail.com> wrote:
I'm not very familiar with iptablesCan someone take a look?
line #5 looks suspicious to meit seems port-range is mapped to single port, this doesn't look right
Maybe you can start with no restrictionscheck if it works then add restrictions one-by-one, layer-by-layer
On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
Dear All,
Greetings,
Being my first mail I feel both nervous and excited to interact with you guys. you guys are really awesome!
I followed this for openmeetings
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
the last rulesudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis was accepted
sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis created a problem and output as below
# sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
iptables: No chain/target/match by that name.
After this in iptables -L, I cannot see the rules.
I set the rules manually from the gufw.
By the way I am using the live iso for OM 5m4.
Moreover in my router I don't have internal port range support in my router. how do I accomplish this?
This was the last instruction and I cannot wait to take openmeetings online!
Thanks and Regards,
Rohit Dhamal
--
Best regards,
Maxim
--
Best regards,
Maxim
Re: Issues in iptables configuration
Posted by Maxim Solodovnik <so...@gmail.com>.
To get front-end proxy config for 5.0.x please search mailing lists (for
ex. here https://openmeetings.markmail.org/)
SO question was for 4.0.x, you can ask new question about 5.0.x I'll share
Apache config :)
On Thu, 14 May 2020 at 12:44, Rohit Dhamal <ro...@yahoo.com> wrote:
> Dear guys,
> the problem of the port settings has got solved now. you need to keep the
> internal port in the line 5 blank. I tried many things and now after
> leaving it blank, it took the range automatically. thanks for your concern.
> A final problem remains is that OM can now be accessed only by
> https://yourdomain:8080/openmeetings. the proxy script given at
> stackoverflow, unfortunately does not work. It just lead to the signin page
> and nothing works there. I am not able to find out why this occurs. Any
> tutorial to solve this is highly welcome. It would also be better if we
> could get OM to work just on port 443 alone. This is a big challenge but
> many similar solutions work on only a single port.
>
> Thanks and Regards,
> Rohit Dhamal.
> On Thursday, 14 May, 2020, 10:04:47 am IST, Maxim Solodovnik <
> solomax666@gmail.com> wrote:
>
>
> I'm not very familiar with iptables
> Can someone take a look?
>
> line #5 looks suspicious to me
> it seems port-range is mapped to single port, this doesn't look right
>
>
> Maybe you can start with no restrictions
> check if it works then add restrictions one-by-one, layer-by-layer
>
> On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
>
> Dear All,
> Greetings,
> Being my first mail I feel both nervous and excited to interact with you
> guys. you guys are really awesome!
>
> I followed this for openmeetings
>
> https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation
> SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
>
> the last rule
> sudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this was accepted
>
> sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this created a problem and output as below
>
> # sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
> iptables: No chain/target/match by that name.
>
> After this in iptables -L, I cannot see the rules.
> I set the rules manually from the gufw.
> By the way I am using the live iso for OM 5m4.
>
> Moreover in my router I don't have internal port range support in my
> router. how do I accomplish this?
>
> [image: Inline image]
>
>
>
> This was the last instruction and I cannot wait to take openmeetings
> online!
>
> Thanks and Regards,
>
> Rohit Dhamal
>
>
>
> --
> Best regards,
> Maxim
>
--
Best regards,
Maxim
Re: Issues in iptables configuration
Posted by Rohit Dhamal <ro...@yahoo.com>.
Dear guys,
the problem of the port settings has got solved now. you need to keep the internal port in the line 5 blank. I tried many things and now after leaving it blank, it took the range automatically. thanks for your concern.
A final problem remains is that OM can now be accessed only by https://yourdomain:8080/openmeetings. the proxy script given at stackoverflow, unfortunately does not work. It just lead to the signin page and nothing works there. I am not able to find out why this occurs. Any tutorial to solve this is highly welcome. It would also be better if we could get OM to work just on port 443 alone. This is a big challenge but many similar solutions work on only a single port.
Thanks and Regards,
Rohit Dhamal.
On Thursday, 14 May, 2020, 10:04:47 am IST, Maxim Solodovnik <so...@gmail.com> wrote:
I'm not very familiar with iptablesCan someone take a look?
line #5 looks suspicious to meit seems port-range is mapped to single port, this doesn't look right
Maybe you can start with no restrictionscheck if it works then add restrictions one-by-one, layer-by-layer
On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
Dear All,
Greetings,
Being my first mail I feel both nervous and excited to interact with you guys. you guys are really awesome!
I followed this for openmeetings
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
the last rulesudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis was accepted
sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j ACCEPTthis created a problem and output as below
# sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
iptables: No chain/target/match by that name.
After this in iptables -L, I cannot see the rules.
I set the rules manually from the gufw.
By the way I am using the live iso for OM 5m4.
Moreover in my router I don't have internal port range support in my router. how do I accomplish this?
This was the last instruction and I cannot wait to take openmeetings online!
Thanks and Regards,
Rohit Dhamal
--
Best regards,
Maxim
Re: Issues in iptables configuration
Posted by Maxim Solodovnik <so...@gmail.com>.
I'm not very familiar with iptables
Can someone take a look?
line #5 looks suspicious to me
it seems port-range is mapped to single port, this doesn't look right
Maybe you can start with no restrictions
check if it works then add restrictions one-by-one, layer-by-layer
On Thu, 14 May 2020 at 04:25, Rohit Dhamal <ro...@yahoo.com> wrote:
> Dear All,
> Greetings,
> Being my first mail I feel both nervous and excited to interact with you
> guys. you guys are really awesome!
>
> I followed this for openmeetings
>
> https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/152111934/Installation
> SSL certificates and Coturn for OpenMeetings 5.0.0-M4 on Ubuntu 18.04.pdf
>
> the last rule
> sudo iptables -A INPUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this was accepted
>
> sudo iptables -A OUT -p udp --match multiport --dports 49152:65535 -j
> ACCEPT
> this created a problem and output as below
>
> # sudo iptables -A OUT -p udp --match multiport --dports 49152 -j ACCEPT
> iptables: No chain/target/match by that name.
>
> After this in iptables -L, I cannot see the rules.
> I set the rules manually from the gufw.
> By the way I am using the live iso for OM 5m4.
>
> Moreover in my router I don't have internal port range support in my
> router. how do I accomplish this?
>
> [image: Inline image]
>
>
>
> This was the last instruction and I cannot wait to take openmeetings
> online!
>
> Thanks and Regards,
>
> Rohit Dhamal
>
--
Best regards,
Maxim