Koozali.org: home of the SME Server

External IP Address is undefined.

Offline FreakWent

  • ***
  • 85
  • +0/-0
External IP Address is undefined.
« on: December 15, 2021, 03:52:50 AM »
My SME 10 Server and Gateway is mostly fine, but external services are not available.

However in iptables I see:

Chain InboundTCP_1053 (1 references)
target     prot opt source               destination         
denylog    all  --  0.0.0.0/0           !1.1.1.1             


In the 'review configuration' section of server manager, the external IP field is blank.

However, "ip addr" shows the correct IP address, and the NAT is working fine.

I suspect this is all caused by a slow DHCP transaction, but I'm just guessing really.  I'll set it to static and move on with my life, but if anyone would like me to do more testing, just ask.

Cheers all!

Offline FreakWent

  • ***
  • 85
  • +0/-0
Re: External IP Address is undefined.
« Reply #1 on: December 15, 2021, 04:47:07 AM »
Setting to the MAC address as DHCP identifier triggered a reconfigure/reboot and changing it back again triggered such a reconfig cycle again, but it still had 1.1.1.1 showing in iptables.

Changing it to static resulted in failure, possibly because the remote side didn't accept traffic without a valid DHCP lease, I didn't bother confirming that.

Changing it back from static to dynamic again, however, fixed everything, and all is well -- until next time.....

Offline sages

  • *
  • 169
  • +0/-0
    • http://www.sages.com.au
Re: External IP Address is undefined.
« Reply #2 on: December 15, 2021, 11:02:02 AM »
Huh?

Maybe take a step back and provide a few more clues as to what you are doing, what you expect to see and what you hope to achieve.
...

Offline ReetP

  • *
  • 3,292
  • +5/-0
Re: External IP Address is undefined.
« Reply #3 on: December 15, 2021, 11:36:49 AM »
I have read this a couple of times and am still confused as hell.

Can you please go back and tell us what your problem is, not your attempts at a solution.

Read this: https://xyproblem.info/

Quote
My SME 10 Server and Gateway is mostly fine, but external services are not available.

So go back to the beginning and give us a history of your v10 server.

Clean install, upgrade, how?

What sort of internet connection? DHCP , static, Adsl or whatever?

Have a look in your server manager lower left in Miscellaneous for "Report a bug" and then do "Create configuration report" and post us some of the network details, less things like passwords.

Also run these and post the output:

Code: [Select]
/sbin/e-smith/audittools/newrpms
/sbin/e-smith/audittools/templates

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline Jean-Philippe Pialasse

  • *
  • 2,166
  • +8/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: External IP Address is undefined.
« Reply #4 on: December 15, 2021, 12:34:52 PM »
and check you do not use private server mode !

Offline FreakWent

  • ***
  • 85
  • +0/-0
Re: External IP Address is undefined.
« Reply #5 on: December 17, 2021, 10:41:01 PM »
Sorry for the unclear messaging.  It's working now.  I posted mostly in case it might help others in the future, I suspect that hasn't actually worked as intended.

The server was a new build, the external link uses DHCP and was configured for that.  The external link came up fine, but the firewall rules were incorrect.

NAT was working okay, but the scripts that configure iptables have a default external IP address of 1.1.1.1, here:

/etc/e-smith/templates/etc/rc.d/init.d/masq/00Definitions:        OUTERNET=1.1.1.1 # Put in placeholder address, to ensure correct iptables syntax

I presume that it's supposed to be redefined by some other code that somehow detects the external IP, but that wasn't working.  I never found out why.  Some kind of race condition maybe.

So the firewall was configured to allow external access to email, web services, port forwarding or any other services hosted by the SME server, but only if the destination IP address was 1.1.1.1, which of course it wasn't.

When choosing in the config console to configure the external interface as DHCP, there are two different options to choose from, neither worked.  Lying to SME that the external link was static, then changing it back to DHCP resolved the problem.

Sorry for the vague original messages, I hope that's clearer.

Offline Jean-Philippe Pialasse

  • *
  • 2,166
  • +8/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: External IP Address is undefined.
« Reply #6 on: April 05, 2022, 04:22:23 AM »
found your issue

when using dhcp (both hardware and accoumt) dhclient runs and end to call a hook

SME use the exit hook dhclient-exit-hooks to launch the event to update the IP in db and update firewall

previous to SME10 there was the file  /etc/dhclient-exit-hooks  which was owned by e-smith-base

also there was a copy with same date same size same content, in /etc/dhcp/dhclient-exit-hooks /etc/dhclient-exit-hooks but not owned by any rpm

I can not explain how it is copied there

In SME10 the second copy is missing, and the script  /sbin/dhclient-script  is actually seeking to  /etc/dhcp/dhclient-exit-hooks



see https://bugs.koozali.org/show_bug.cgi?id=11930