ELOG Forum

Demo Discussion

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG, Page 314 of 808

Not logged in

Find | Login | Help

Full | Summary | Threaded | Collapse | Expand

6457 Entries

Goto page Previous 1, 2, 3 ... 313, 314, 315 ... 806, 807, 808 Next

Re: ELOG and Gmail?, posted by Stefan Ritt on Thu Apr 12 08:57:51 2012

Christopher Lee wrote:

Firstly, as with some of the others recently, I am a complete newb when it comes to linux, Though I refuse to let that stop me and really want to get this working.

Pretty much I have a situation where I have been asked to install ELOG, though I am unable to use port 25 at all and also need to use GMAIL for the SMTP server?
It is also my undertanding from the documentation that ELOG only sends mail via port 25

So, I have setup iptables to forward everything from port 25 and a GMAIL IP address used in ELOG's global config for the SMTP, to a stunnel that redirects everything to GMAIL on port 465.
While getting that right took me almost two days, and that was with tons of help and more than half of it being spoon fed to me (though I have learnt SO SO MUCH from just that).
I am still unable to get ELOG to send emails, even if does now seem to connect

Below is a copy of the log from last night (I have spent most of the day trying to sort it out further, but I get the same error)

So I guess my question is, Is it possible to use GMAIL, with ELOG, based on my current conditions, and does anyone have any idea what I can do to go on from here, as I doubt I am the first one to head down this road?

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

10-Apr-2012 21:45:19 [Chris@1.2.3.4] {logbookA} Email from <chris@server.com> to chris@server.com, SMTP host 173.194.67.108:
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 220 mx.google.com ESMTP XXXXXXXX.XX^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA}
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} EHLO SERVER.COM^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-mx.google.com at your service, [152.106.18.2]^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-SIZE 35882577^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-8BITMIME^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-AUTH LOGIN PLAIN XOAUTH^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250 ENHANCEDSTATUSCODES^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} AUTH LOGIN^M
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Username:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} username@gmail.com
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Password:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} MYXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} 501 5.5.2 Cannot Decode response fl2sm792152wib.2

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Right now I am pretty stuck, and any advice would be greatly appreciated on how to move forward.

Thanks in Advance

As far as I know GMAIL requires SSL for its SMTP connection, which ELOG does not (yet) support. But you can set up your own SMTP server easily. Should be easier than your iptables work.

Re: ELOG and Gmail?, posted by Christopher Lee on Thu Apr 12 14:38:09 2012

Stefan Ritt wrote:

Christopher Lee wrote:

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

As far as I know GMAIL requires SSL for its SMTP connection, which ELOG does not (yet) support. But you can set up your own SMTP server easily. Should be easier than your iptables work.

It does require SSL, though thats where stunnel came in.(Thanks to Sergio for all the help and getting me that far, as well as with all the iptable help :D) .

I was however finally able to get it working just a few minutes ago using GMAIL as the SMTP.

I was able to telnet into smtp.gmail.com over the stunnel, and when I repeated the process that elog goes through from information that I grabbed with TCPdump, everthing would work, until it got to the password that ELOG sends and that was created using : /usr/local/sbin/elogd -t password -c /usr/local/elog/elogd.cfg. When I tried to decode the password, it also gave me errors.

I encoded the password myself, and when I changed the one in [global] to match the one I created instead, ELOG was able to connect and send mail (What I still dont understand is that when I encode my own username to use on telnet, it fails, but the one I got from the tcpdump from elog works.. so its a mixture of the ELOG encoded username, and my own encoded password).

I dont know if it would help if I type up the rest of what we did to get it working here for anyone else for future reference. It does require iptables and stunnel to be installed. Though its a single entry into iptables, and small addition to stunnel.conf once they are running.

Re: ELOG and Gmail?, posted by Christopher Lee on Sat Apr 14 11:10:14 2012

To get it to work required a working installation of IPTABLES and STUNNEL

First is to add the following details into elogd.cfg

/usr/local/elog/elogd.cfg wrote:

SMTP username = username@gmail.com
SMTP host = 173.194.67.108
SMTP Password =

This SMTP IP address is a virtual host from Googles SMTP, Any IP Address could technically be used.

Next is to redirect all traffic to port 25 and the above IP address, to STUNNEL.

Quote:

sudo iptables -t nat -A OUTPUT -p tcp -d 173.194.67.16 -dport 25 -j DNAT --to 127.0.0.1:10555

You can select any port other than 10555 if required. Next you need to modify the STUNNEL config file and add the following.

/etc/stunnel/stunnel.conf wrote:

[elogssl]
client = yes
accept = 10555
connect = smtp.gmail.com:465

Last was the password. For some reason sudo /usr/local/sbin/elogd -t <password> -c /usr/local/elog/elogd.cfg created a password that was unreadable by google.
To recreate your own run the following command:

Quote:

perl -MMIME::Base64 -e 'print encode_base64("\000not.my.re\@l.password")'

Replace "\000not.my.re\@l.password" with the GMAIL password, remember to escape with a \ any @ signs you might have.
Copy the output and add that into the elogd.cfg file in the SMTP Password syntax.

kill the STUNNEL PID if it is running and restart it to to load the new details, also remember to save your IPTABLES for next reboot

And that should be it, so now ELOG uses a port other than 25, and also redirects via SSL to a SMTP like GMAIL.

author field in reply, posted by Aldo Saavedra on Sun Apr 15 22:53:41 2012

Hi,

I was wondering what is the correct way so that the author field when a reply is made shows the author of the
person making the reply.
In version 2.6, the field was filled correctly but since upgrading to ELOG V2.9.1-2435 due to the ssh problem
the field just keeps the author of the original post.

I have a tried a number of subst on reply Author = $long_name with no luck.

Any ideas?

Cheers,
Aldo

Re: create "front page" for a logbook, posted by Rex Tayloe on Tue Apr 17 21:59:43 2012

Stefan Ritt wrote:

Rex Tayloe wrote:

Is there a way to create a "front page" or "table of contents" for a logbook?

While chronological entries are good and what elog was designed for, I find myself wanting a page to summarize important things
and/or link to important files that are somewhere in that logbook. And, I would like to use the features of the elog editor to do (not just point
to another www page that points to the various elog entries). For example, in an analysis logbook, you would like to have one page that
may summarize latest on analysis and point to best/latest plot/drawing of something and not have to re-search for it every time.

I think that start page with cmd to go to entry 1 (how do I do that?) may work. Then I just keep editing entry 1 to point to latest info or
entries. Will this work? Will I run into a size limitiation if I attach too many files to that? Is there a better way?

One could imaging using a wiki to do this, however, I never seem to get to updating our wikis... maybe I should just figure how to
get elog to do it.

Thanks.

Well, if you never get to update your wiki, you will you get to update your summary page? As you know there is no free lunch.

For my analysis logbooks, I do it such that I create an arbitrary entry in the logbook, where I put references to other entries. Using the syntax "elog:<id>" this is very simple like here: elog:67222. Then I put a link to that special page in my browser bookmarks. This puts me one mouse click away from accessing this page. You can link to other elog pages but also to page attachments this way, so no need to put too many attachments into a single page, although there is no limit on that.

Best regards,
Stefan

Thanks for suggestion... it gave me idea for slightly different way to do it. The method you suggest doesnt work that well to share in group (everyone would have to add that link in their bookmarks).. So I added this in config file:
Title image = <img border=0 height=25 src="bulb.png" alt="Summary/TOC entry">
Title image URL = <http:link to my specific elog page/entry num>

That replaces elog help icon with a link to TOC entry which can be any entry number. One could make a custom icon and perhaps play around with adding more than one link (?).

Another thing that could do same thing and maybe more consistent with elog philiosophy would be to add a command that goes to a specific link or entry.... but this current solution works...

Re: author field in reply, posted by A. Tuttle on Wed Apr 18 21:53:26 2012

Look in https://midas.psi.ch/elog/config.html
--
Fun things to set are:
Preset on first reply <attribute> = <string>
and
Preset on reply <attribute> = <string>

password protect a logbook with Apache redirect, posted by Matt Newville on Wed May 2 17:06:35 2012

Hi,

I'm trying to set up elogd, running on port 8080 behind an Apache server on port 80, using mod_proxy to redirect
to the elogd server, and the recommended

Redirect permanent /elogbook http://example.com/elogbook/
ProxyPass /elogbook/         http://example.com:8080/

This works well for non-password-protected logbooks, but for password protected (that I can access fine via port
8080), I keep getting shown the Login page, even with valid username / password.    

Poking around the code, it appears (probably not too surprisingly) that the issue lies in check_login().  
For example, 

   /* if invalid or no session ID, show login page */
  if (!skip_sid_check && !sid_check(sid, user_name)) {
      if (isparam("redir"))
         strlcpy(str, getparam("redir"), sizeof(str));
      else
         strlcpy(str, isparam("cmdline") ? getparam("cmdline") : _cmdline, sizeof(str));
      /* avoid recursive loops with ?cmd=Login */
      if (stristr(str, loc("Login")))
         str[0] = 0;
      /*  added write_logfile here...
          char mstr[250];
          sprintf(mstr, "show_login B %s isparam: %d, cmd: %d, skip_sid_check: %d, sid_check: %d",
                         user_name,  isparam("redir"), isparam("cmdline"), skip_sid_check, sid_check(sid,
user_name));
           write_logfile(lbs, mstr);

        */
      show_login_page(lbs, str, 0);
      return FALSE;
}

and the logfile shows that user_name is blank(!!) and redir, cmdline, skip_sid_check, and sid_check(sid,
user_name) all to be 0.   In fact, isparam("unm") and isparam("upwd") are also 0, which explains why user_name
is blank.   But the log file also shows

LOGIN user "username" (attempt)
LOGIN user "username" (success)

just prior to this!

I'd guess that the form POST methods aren't being forwarded correctly, but I haven't looked at it in any more
detail.   

Is there a way to make this (password protecting logbooks while also using a proxy to Apache) work?

Thanks!

Re: password protect a logbook with Apache redirect, posted by Stefan Ritt on Wed May 2 17:09:25 2012

> Is there a way to make this (password protecting logbooks while also using a proxy to Apache) work?

I use it with the current version and it works fine for me. What you might be missing is the

URL = http://example.com/elogbook/

statement in your elogd.cfg to make this work.

Best regards,
Stefan

Goto page Previous 1, 2, 3 ... 313, 314, 315 ... 806, 807, 808 Next

ELOG V3.1.5-3fb85fa6