Hello,
I have 2 nearly identical installed eFas. One is running on Rocky Linux release 8.5 (Green Obsidian) an one on CentOS Stream release 8.
Both are running eFa version 4.0.4-32.
The one installed on CentOS can mark mails as SPAM via the eFa-learn.php link. The other one only displays the login page with the message 'the login page has timed out'.
I don't know where to get the corresponding infos to discover the problem on the Rocky-eFa.
Ulrich.
Where/how to debug eFa-learn
Re: Where/how to debug eFa-learn
Hello,
if it might help, here are some entries of the http logs:
ssl_access_log:
2a02:8070:1c3:d180c6e8:80e1:8417 - - [08/Apr/2022:10:26:09 +0200] "GET /mailscanner/eFa-learn.php?mid=4KYY5s6BDFzCBtr&r=7b1e81001ca77b07f340 HTTP/1.1" 302 -
2a02:8070:1c3:d180c6e8:80e1:8417 - - [08/Apr/2022:10:26:09 +0200] "GET /mailscanner/login.php?error=pagetimeout HTTP/1.1" 200 3055
ssl_request_log:
[08/Apr/2022:10:26:09 +0200] 2a02:8070:1c3:d180c6e8:80e1:8417 TLSv1.3 TLS_AES_128_GCM_SHA256 "GET /mailscanner/eFa-learn.php?mid=
4KYY5s6BDFzCBtr&r=7b1e81001ca77b07f340 HTTP/1.1" -
[08/Apr/2022:10:26:09 +0200] 2a02:8070:1c3:d180c6e8:80e1:8417 TLSv1.3 TLS_AES_128_GCM_SHA256 "GET /mailscanner/login.php?error=pa
getimeout HTTP/1.1" 3055
Ulrich.
if it might help, here are some entries of the http logs:
ssl_access_log:
2a02:8070:1c3:d180c6e8:80e1:8417 - - [08/Apr/2022:10:26:09 +0200] "GET /mailscanner/eFa-learn.php?mid=4KYY5s6BDFzCBtr&r=7b1e81001ca77b07f340 HTTP/1.1" 302 -
2a02:8070:1c3:d180c6e8:80e1:8417 - - [08/Apr/2022:10:26:09 +0200] "GET /mailscanner/login.php?error=pagetimeout HTTP/1.1" 200 3055
ssl_request_log:
[08/Apr/2022:10:26:09 +0200] 2a02:8070:1c3:d180c6e8:80e1:8417 TLSv1.3 TLS_AES_128_GCM_SHA256 "GET /mailscanner/eFa-learn.php?mid=
4KYY5s6BDFzCBtr&r=7b1e81001ca77b07f340 HTTP/1.1" -
[08/Apr/2022:10:26:09 +0200] 2a02:8070:1c3:d180c6e8:80e1:8417 TLSv1.3 TLS_AES_128_GCM_SHA256 "GET /mailscanner/login.php?error=pa
getimeout HTTP/1.1" 3055
Ulrich.
Re: Where/how to debug eFa-learn
OK, after some digging in the code and testing some modifications I foud out, that the problem ist the part about resolving the trusted networks in the eFa-learn.php file.
Especially the IPv6 part.
If i comment out the whole part the link from the mail is working.
And there is also a thinking error about checking the networks. If the client IP is not in the first IPv4 or IPv6 range of the /etc/sysconfig/eFa_trusted_networks file, the script dies ...
Ulrich.
Especially the IPv6 part.
If i comment out the whole part the link from the mail is working.
And there is also a thinking error about checking the networks. If the client IP is not in the first IPv4 or IPv6 range of the /etc/sysconfig/eFa_trusted_networks file, the script dies ...
Ulrich.
Re: Where/how to debug eFa-learn
Okay, one step further.
I changed the code to get any line in 'trusted_networks' checked.
This is working for IPv4. But IPv6 addresses or ranges are not recognized.
So there seems to be a problem with the ipv6_in_range function.
I changed the code to get any line in 'trusted_networks' checked.
This is working for IPv4. But IPv6 addresses or ranges are not recognized.
So there seems to be a problem with the ipv6_in_range function.
Re: Where/how to debug eFa-learn
After many tests and some code changes the eFa-learn script is now working with trusted_networks ...