Checking subscription is valid

Subscription
1

Afternoon folks - i have a bit of an issue with shorewall not starting on nethserver and in the past issues have been due to a lapsed subscription - however im not able to check the subscription from the server and the subscription service is prompting me for a password (forgotten!) and is then sending an email link to reset password but the email is not being received by the server because the server is on its knees!.. theres an obvious lesson here (for me!) but any assistance confirming i have a valid server subscription would be a useful help

The following error appeared in my email this morning also:

/etc/cron.daily/0yum-daily.cron:

Could not retrieve mirrorlist http://cdn.remirepo.net/enterprise/7/safe/mirror error was

14: curl#6 - ā€œCould not resolve host: cdn.remirepo.net; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=base&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=centos-sclo-rh&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=centos-sclo-sclo&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=epel&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=extras&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=nethserver-base&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=nethserver-updates&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

Could not retrieve mirrorlist https://mirrorlist.nethserver.com/?repo=updates&arch=x86_64&nsversion=7.9.2009&usetier=yes error was

14: curl#6 - ā€œCould not resolve host: mirrorlist.nethserver.com; Unknown errorā€

/etc/cron.daily/nethserver-letsencrypt-certs:

An unexpected error occurred:

ConnectionError: (ā€˜Connection aborted.ā€™, gaierror(-2, ā€˜Name or service not knownā€™)) Please see the logfiles in /var/log/letsencrypt for more details.

/etc/cron.daily/pulledpork:

Error downloading https://rules.emergingthreats.net/open-nogpl/suricata-4.0/emerging.rules.tar.gz.md5: 500 Canā€™t connect to rules.emergingthreats.net:443 [ 500 ]

2

[root@cwprod10v01 ~]# systemctl -l status shorewall
ā— shorewall.service - Shorewall IPv4 firewall
Loaded: loaded (/usr/lib/systemd/system/shorewall.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/shorewall.service.d
ā””ā”€blacklist.conf
/usr/lib/systemd/system/shorewall.service.d
ā””ā”€nethserver-firewall-base.conf
Active: failed (Result: exit-code) since Tue 2023-01-24 14:35:20 GMT; 6min ago
Process: 2351 ExecStart=/usr/sbin/shorewall $OPTIONS start $STARTOPTIONS (code=exited, status=25)
Process: 1962 ExecStartPre=/usr/share/nethserver-blacklist/load-geoips (code=exited, status=0/SUCCESS)
Process: 1089 ExecStartPre=/usr/share/nethserver-blacklist/load-ipsets (code=exited, status=0/SUCCESS)
Main PID: 2351 (code=exited, status=25)

Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: Compiling /etc/shorewall/conntrackā€¦
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: Compiling /etc/shorewall/tunnelsā€¦
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: Compiling MAC Filtration ā€“ Phase 2ā€¦
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: Applying Policiesā€¦
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: Compiling /etc/shorewall/mangleā€¦
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk shorewall[2351]: ERROR: Invalid ACTION ({source) /etc/shorewall/mangle (line 53)
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk systemd[1]: shorewall.service: main process exited, code=exited, status=25/n/a
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk systemd[1]: Failed to start Shorewall IPv4 firewall.
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk systemd[1]: Unit shorewall.service entered failed state.
Jan 24 14:35:20 cwprod10v01.myclearwater.co.uk systemd[1]: shorewall.service failed.
[root@cwprod10v01 ~]# view /etc/shorewall/mangle
[root@cwprod10v01 ~]# ^C
[root@cwprod10v01 ~]#

3

\[root@cwprod10v01 ~]#
[root@cwprod10v01 ~]# cat /etc/shorewall/mangle|head -53

================= DO NOT MODIFY THIS FILE =================

Manual changes will be lost when this file is regenerated.

Please read the developerā€™s guide, which is available

at NethServer official site: https://www.nethserver.org

Shorewall version 4 - Mangle File

For information about entries in this file, type ā€œman shorewall-mangleā€

See http://shorewall.net/traffic_shaping.htm for additional information.

For usage in selecting among multiple ISPs, see

http://shorewall.net/MultiISP.html

See http://shorewall.net/PacketMarking.html for a detailed description of

the Netfilter/Shorewall packet marking mechanism.

####################################################################################################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER PROBABILITY DSCP

PORT(S) PORT(S)

20ndpi

22restore_connmark

Restore the connection mark into the current packet.

RESTORE:F - - -

Restore the connection mark for packets from/to firewall.

Used QoS, IPS and Squid

RESTORE $FW - - - - - 0x00
RESTORE - $FW - - - - 0x00

30ndpi_rules

NDPI is disabled

40priorities

All priority rules are marked inside the post chain.

If FW is the source, rules are moved to output chain.

?COMMENT RULE#16 any
{source:192.168.20.63, proto:-, dest:192.168.10.12, time:-, action:MARK(0x1/0x3f):T, dport:-}

?COMMENT

?COMMENT RULE#18 any
{source:;;, proto:-, dest:-, time:-, action:MARK(0x1/0x3f):T, dport:-}
[root@cwprod10v01 ~]#

4

[root@cwprod10v01 ~]# echo ā€˜{ā€œactionā€:ā€œstartā€,ā€œnameā€:ā€œshorewallā€}ā€™ | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/system-services/update | jq
{
ā€œidā€: ā€œ1674572244ā€,
ā€œtypeā€: ā€œEventFailedā€,
ā€œmessageā€: ā€œAction failedā€
}
[root@cwprod10v01 ~]#

5

shorewall now back online - no idea how or why though!

1 Like
6

If you still have problems with subscription, please send me a private message with the server key and I will check the validity for you.