| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
68712
|
Mon Dec 11 13:16:32 2017 |
 | Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 3.1.2-bd7 | Re: hosts allow | Have you set
Resolve host names = 1
in the config file? If it still does not work, run "elogd -v" from the terminal and watch the output. You should see someting like:
Remote host "mpc1865.psi.ch" matches "ALL" in "Hosts deny". Access denied.
Remote host "mpc1865.psi.ch" matches ".lbl.gov" in "Hosts allow". Access granted.
Regards,
Stefan
| Andreas Luedeke wrote: |
|
Hi Susan,
the documentation states that you should start elogd with the -v option from the command line and look at the output. Did you try this?
You might post the output here to get further help.
Cheers
Andreas
| Susan James wrote: |
|
Hi All,
We're still having trouble with hosts.allow and hosts.deny.
We're trying to allow all of our domain lbl.gov to the access list
for our logbooks. But the combination below is not working.
==========================
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
========================
Can someone help?
| Susan James wrote: |
|
thanks for your quick reply.
the configuration is still not working. See my entry below which denies everyone.
I've tried many different combinations of 'hosts allow and hosts deny'
we want to restrict all our logbooks to only domain lbl.gov
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
Can you help?
| Andreas Luedeke wrote: |
|
Hi Susan,
according to the documentation you need to add "Hosts deny = All" in addition to the "Hosts allow" command.
Here is the relevant excerpt from the documentation (https://midas.psi.ch/elog/config.html#access).
Cheers
Andreas
Hosts allow = <list>Hosts deny = <list>
These two settings can be used to restrict the access to the logbook to certain computers. It is similar to the UNIX hosts.allow and hosts.deny files. The list can consist of individual host names or IP numbers, subnet masks like 123.213. (note the trailing '.') or .mit.edu, or the word All. The following rules are applied:
- Access will be granted when a host matches a pattern in "hosts allow".
- Otherwise, access will be denied when a host matches a pattern in "hosts deny".
- Otherwise, access will be granted.
These rules are applied before any password is checked. To debug problems, start elogd with the "-v" flag, in which case the rule checking is printed on the screen.
| Susan James wrote: |
|
I'm trying to wrap our elog instance to our company domain which is lbl.gov
I add this entry below (without quotes) to elogd.cfg and it's not working. the world can see our logbooks
" Hosts Allow = *.lbl.gov ".
can someone help?
|
|
|
|
|
|
|
68711
|
Fri Dec 8 19:47:04 2017 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Question | Linux | 3.1.2-bd7 | Re: hosts allow | Hi Susan,
the documentation states that you should start elogd with the -v option from the command line and look at the output. Did you try this?
You might post the output here to get further help.
Cheers
Andreas
| Susan James wrote: |
|
Hi All,
We're still having trouble with hosts.allow and hosts.deny.
We're trying to allow all of our domain lbl.gov to the access list
for our logbooks. But the combination below is not working.
==========================
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
========================
Can someone help?
| Susan James wrote: |
|
thanks for your quick reply.
the configuration is still not working. See my entry below which denies everyone.
I've tried many different combinations of 'hosts allow and hosts deny'
we want to restrict all our logbooks to only domain lbl.gov
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
Can you help?
| Andreas Luedeke wrote: |
|
Hi Susan,
according to the documentation you need to add "Hosts deny = All" in addition to the "Hosts allow" command.
Here is the relevant excerpt from the documentation (https://midas.psi.ch/elog/config.html#access).
Cheers
Andreas
Hosts allow = <list>Hosts deny = <list>
These two settings can be used to restrict the access to the logbook to certain computers. It is similar to the UNIX hosts.allow and hosts.deny files. The list can consist of individual host names or IP numbers, subnet masks like 123.213. (note the trailing '.') or .mit.edu, or the word All. The following rules are applied:
- Access will be granted when a host matches a pattern in "hosts allow".
- Otherwise, access will be denied when a host matches a pattern in "hosts deny".
- Otherwise, access will be granted.
These rules are applied before any password is checked. To debug problems, start elogd with the "-v" flag, in which case the rule checking is printed on the screen.
| Susan James wrote: |
|
I'm trying to wrap our elog instance to our company domain which is lbl.gov
I add this entry below (without quotes) to elogd.cfg and it's not working. the world can see our logbooks
" Hosts Allow = *.lbl.gov ".
can someone help?
|
|
|
|
|
|
68710
|
Thu Dec 7 21:54:58 2017 |
| Susan James | sjames@lbl.gov | Question | Linux | 3.1.2-bd7 | Re: hosts allow | Hi All,
We're still having trouble with hosts.allow and hosts.deny.
We're trying to allow all of our domain lbl.gov to the access list
for our logbooks. But the combination below is not working.
==========================
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
========================
Can someone help?
| Susan James wrote: |
|
thanks for your quick reply.
the configuration is still not working. See my entry below which denies everyone.
I've tried many different combinations of 'hosts allow and hosts deny'
we want to restrict all our logbooks to only domain lbl.gov
[ below denies ALL ]
Hosts allow = .lbl.gov
Hosts deny = ALL
[ below denies ALL ]
Hosts deny = ALL
Hosts allow = .lbl.gov
Can you help?
| Andreas Luedeke wrote: |
|
Hi Susan,
according to the documentation you need to add "Hosts deny = All" in addition to the "Hosts allow" command.
Here is the relevant excerpt from the documentation (https://midas.psi.ch/elog/config.html#access).
Cheers
Andreas
Hosts allow = <list>Hosts deny = <list>
These two settings can be used to restrict the access to the logbook to certain computers. It is similar to the UNIX hosts.allow and hosts.deny files. The list can consist of individual host names or IP numbers, subnet masks like 123.213. (note the trailing '.') or .mit.edu, or the word All. The following rules are applied:
- Access will be granted when a host matches a pattern in "hosts allow".
- Otherwise, access will be denied when a host matches a pattern in "hosts deny".
- Otherwise, access will be granted.
These rules are applied before any password is checked. To debug problems, start elogd with the "-v" flag, in which case the rule checking is printed on the screen.
| Susan James wrote: |
|
I'm trying to wrap our elog instance to our company domain which is lbl.gov
I add this entry below (without quotes) to elogd.cfg and it's not working. the world can see our logbooks
" Hosts Allow = *.lbl.gov ".
can someone help?
|
|
|
|
|
68709
|
Wed Dec 6 13:34:56 2017 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | ELOG V3.1.2 | Re: possible DOS vulnerability with negative Content-Length field | I have fixed this issue in the current develop branch of elog.
Stefan
| Christian Herzog wrote: |
|
Hi,
a routine scan revealed a possible DOS attack vector: sending an invalid POST HTTP request with a negative Content-Length field crashes our elog instance, leading to service unavailability.
thanks,
-Christian
--
Dr. Christian Herzog <herzog@phys.ethz.ch> support: +41 44 633 26 68
IT Services Group, HPT H 8 voice: +41 44 633 39 50
Department of Physics, ETH Zurich
8093 Zurich, Switzerland http://nic.phys.ethz.ch/
|
|
|
68708
|
Tue Dec 5 15:30:43 2017 |
 | Christian Herzog | herzog@phys.ethz.ch | Question | Linux | ELOG V3.1.2 | possible DOS vulnerability with negative Content-Length field | Hi,
a routine scan revealed a possible DOS attack vector: sending an invalid POST HTTP request with a negative Content-Length field crashes our elog instance, leading to service unavailability.
thanks,
-Christian
--
Dr. Christian Herzog <herzog@phys.ethz.ch> support: +41 44 633 26 68
IT Services Group, HPT H 8 voice: +41 44 633 39 50
Department of Physics, ETH Zurich
8093 Zurich, Switzerland http://nic.phys.ethz.ch/
|
|
68707
|
Mon Nov 27 22:10:22 2017 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Question | Windows | ELOG V3.1.3-fd7 | Re: Config: conditional coloring of items when 2 conditions are met (and|or) | I am not aware that it is forseen to define logical operators in combination with the Style command. How did you get the idea that this should work?
But you should be able to define multiple Style commands, acting on different format parameter.
| Tim Schelfhout wrote: |
|
Hello,
Trying to color an entry log when 2 conditions are met. Tried
Style Result Hired and Administration NOK = background-color:red
where Result and Administration are Attributes. Anyone?
|
|
|
68706
|
Fri Nov 24 17:29:49 2017 |
 | Michael Cianci | mcianci@lhs.org | Question | Windows | 2.9.2-2475 | Windows 10 | Sorry to bother you with such a simple question, but I am not an IT professional. We just received word that our IT department has plans to update our system to Windows 10 in 2018. Was wondering if our current version of ELOG was compatable with Windows 10? Thank You Very Much For Your Help. |
|
68703
|
Fri Nov 24 08:54:38 2017 |
| Tim Schelfhout | timpieworks@gmail.com | Question | Windows | ELOG V3.1.3-fd7 | Config: conditional coloring of items when 2 conditions are met (and|or) | Hello,
Trying to color an entry log when 2 conditions are met. Tried
Style Result Hired and Administration NOK = background-color:red
where Result and Administration are Attributes. Anyone?
|
|