No data from HaaS


#1

I didn’t look HaaS data for quite long time… Now I found that last data are for 2018-07-12 09:02:37 :wink:

Is there any known problem?

Turris Omnia - rtrom01; Turris OS version 3.11.3 (RC branch, last update approved & OK);
Updater: Data collection checked, SSH Honeypot checked;

Any hint? I wasn’t able to find anything on forum.

BTW, I disabled SSH Honeypot in Forris and enabled it again day ago (ie. uninstalled it and reinstalled it again) - no fresh entries in Honeypot site :frowning:


#2

Old place - https://project.turris.cz/cs/data/3019/show#/ssh/2018-09-11/y

New place - https://haas.nic.cz/device/1836/sessions/

??


#3

Thanks, I do know Haas project page, it’s where I used to check, sometimes, what’s going on :wink: Last data stamp mentioned in my question is from My Honneypot section of HaaS web.

BTW, I checked token of my Omnia router on Detail of router settings - it corresponds to value set in /etc/config/haas.

It seems to me that my problem is simmilar to that of user “aege”, mentioned recently in blog. Could anybody from Turris team (@pepe) have a look?


#4
  • haas proxy proces exist ?


#5

Haas proxy process does exist:

root@turris:~# ps | grep haas
6952 root 26668 S /usr/bin/python2.7 -m haas_proxy -n --pidfile=/tmp/h
11709 root 1108 S grep haas

CPU usage is minimal:

in the morning:
Sun Feb 10 10:33:42 CET 2019
uptime: 10:33:42 up 1 day, 12:20, load average: 0.00, 0.00, 0.00

a while ago:

As to restart of proxy, it’ll need some time to manifest itself… so far no changes…

As to reinstall, it was done day ago, as mentioned in my question :wink:

Ports:


#6

Firewall port forwardig is then problem ! New haas is = proxy. This setting is a remnant (rest) of the old version of Haas… No redirection required for the new Haas-proxy version.

Then try ssh connection to your extern IP … some attack … you will see a record of your experiment after some time

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

root@svr04:~# uname -a
Linux svr04 3.2.0-4-amd64 #1 SMP Debian 3.2.68-1+deb7u1 x86_64 GNU/Linux
root@svr04:~# uname -e
Linux
root@svr04:~#
root@svr04:~#

#7

Removed firewall port forwardig. Restarted haas proxy. No new entry after about 2 hours.

Don’t understand Debian part of your comment.

Moreover, rebooted TO router. Let’s see if this help


#8

Debian window = it is SSH terminal of Honeypot

And your own attack is done? So you prove the functionality of Honeypot.

You can try it to my own honeypot on 93.91.50.207


#9

There is no use to attacking your honeypot :wink: it’ll bring no info to my problem.

I tried to ssh to my TO as admin to no avail.

Rebooted TO router while ago. We’ll see.


#10

SSH as admin ??? To what IP ? What is youre extern IP ? Port 22 is opened ?


#11

ssh to my TO router;-)

According to WhatsMyIp.org it is 62.245.105.204

I think port 22 is open, unfortunately I have to admit I’m not sure where/how to check :frowning:

Sorry, later I found that on above page I can check ports. Unforfunately, it is closed. How can I open it?


#12

Fo test yyoure opened ports try https://www.grc.com/x/ne.dll?bh0bkyd2


#13

Port 22 is closed. Haas is hassle - free. Give yourself a break and … search for a problem elsewhere … step by step.

25 - you operation Mail server?


#14

Thanks for your help and patience.

I’m using TO provided mail, no own mail server.

I’ve thought that when one start using HaaS, it will take care of all needed & don’t require users (lusers!!!) to configure anything - simply check HaaS in Forris and all is smoothly done and running (as it was some time ago, for it was running before, until some update - except need of adding router on HaaS web page).

Maybe someone od Turris team will pass some hint whats happening and what to do (@pepe ?!?)

Thanks again.


#15

Hello,

I think, there was no need to mention me twice within a few hours as I haven’t replied to you during the weekend. I see you might be the second person, who may have the same issue, but they not be related in the end. Also, you won’t hurry up if you post a comment on our blog, because now I need to reply to you here also on the blog.

We haven’t touch haas-proxy since 26th November. I’m running Turris OS 3.11.3 RC3 on my Turris 1.1 at home, and I don’t have your issue. Would you please read our article in our documentation for Error reporting and send us diagnostics?
In this thread, there is no useful information to us, so we cannot look what’s wrong in your case, so it means that I need to reply you in 3 different ways, which isn’t helpful for both sides. There is also a possibility that we will need to cooperate with you as we need to be able to reproduce it, so we can look at it.


#16

Hello @pepe,

enclosed you’ll find diagnostic of my TO router, regarding problem in HaaS. (in email :wink:

Sorry if I annoyed you - I mentioned you in different phases of communication with another user, @JardaB, who was so kind trying to help me. And, moreover, I didn’t expect that you’ll answer me immediately or during weekend, for the problem is in no case pressing.

As to my mentioning HaaS problem both on forum and on HaaS blog, it is link only, thus you don’t need to answer on more places, I hope. Or by supplying link again. Hope I don’t need to elaborate more on this.

As to diagnostic, maybe it would be helpfull if there would be some hint that you have to scroll to end of page to check when this diagnostic is finished, instead to wait eons to see anything… and watch message “Diagnostic “xxx” is being prepared.” over and over.

Please do not understand me wrong: I admire work of Turris team! I only want to clear some problems. As we can see, I’m not only one encountering them (thats why I reported it even on HaaS blog ;-).

Update - later notice:
I’m affraid that problem is in Firewall setting… But, as far as there is stated that you have only to check HaaS checkout in Forris and all will be done - isn’t this be understand that really you don’t need to do anything more and all what is needed will be done in background -any required settings for Firewall etc ?!?


#17

Haas work - problem is solved ? Where was the problem ?


#18

In progress - sent diagnistic to support, got reply, have to check something… I’ll summarize later.


#19

Hello @Pepe

I hope you forgive me naming you again - is there anything new? I wrote to support couple of days ago, there was, unfortunately, no answer…

Is there anything new?

Best regards, Jarek


#20

Solved by switching UPC modem to bridge mode, as adviced by @pepe in direct mail. Surprisingly (maybe not :wink: missed HaaS entries coincided with exchange of UPC modem to new one (Compal) :slight_smile: Unfortunately I was not aware of simmilar discussion on Turris forum couple of years ago :frowning: Thanks a lot for TO team support!!!