Keith Rose | Senior Network & Security Engineer

Engineer by Day, Hacker by Night.

Month: July 2019

Postfix SMTP Sender Routing

Recently, I had need of setting up a postfix “smtp router” to distribute mail from various users among a cluster of outbound relays (on unique exit IP’s, with difference QoS policies applied) Part of the functionality that was desired was the ability to route “priority” users and “bulk” users via different cluster members. Step 1
Read More

Perl Get Active Queue Size (NetXMS/PRTG Use case)

The following Perl script gets the size of the Postfix Active queue and outputs it. (Used for queue monitoring on our NMS via SSH sensors, but might be useful in your environment) #!/usr/bin/env perl use strict; use warnings; use Symbol; sub count { my ($dir) = @_; my $dh = gensym(); my $c = 0;
Read More

Zimbra SASL Errors

If you’re observing errors on your Zimbra servers’ mail-log similar to the one below, and your users are reporting password prompts on ‘sending’ e-mails. Nov 24 17:12:07 areto postfix/smtpd[5528]: warning: SASL authentication failure: cannot connect to saslauthd server: Connection refused Run the following commands under your servers root user. ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd zmcontrol restart
Read More

Proxmox – Remove local LVM

I’m  a big Proxmox fan, having deployed more than 20 systems both at customers and on my home lab this year without drama. However, the Proxmox LVM structure bugs the heck out of me. I prefer to utilize a single LVM Volume due to some weird glitches with LXC images and small root LVM partitions. (Not perfect for production,
Read More

Fortinet/Cisco IPSec VPN – Asterisk Peer Unreachable

Recently, i had to troubleshoot an Asterisk to Asterisk trunk which was running across a site to site IPSec VPN. (Fortinet to Cisco) After running tcpdump “port 5060 and proto UDP” on either end, I discovered traffic from the Cisco end was not reaching the PBX behind the Fortinet. Packet capture on the Fortinet showed
Read More

[Snippet] FreePBX – Strip Incoming Country Code

This short & simple dial-plan removes the 3 digit country code from incoming calls and then pushes it to our FPBX IVR. nano /etc/asterisk/extensions_custom.conf After opening the above ^, modify and paste the below into the bottom of the file. Modify your SIP trunk context to reflect the name below. [trunk-in] exten=>_X.,1,Verbose(Incoming call via SIP
Read More

FreePBX – Yealink Phonebook generator.

After deploying a few PBX’s, you get bored of manually generating the required XML for remote phonebooks on Yealink Handsets. Here’s the first version of the phonebook.xml creation script. (Works on FPBX without any hitches) Observe the notes in the code please. If you’d like a more updated version, please check my github repo here. Once configured, point
Read More

Sophos XG – Irremovable Interfaces!

Occasionally, I’ve found interfaces on the Sophos XG firewall that won’t or can’t be removed. (Sometimes the name shows blank, with nothing in it) DISCLAIMER – THE STEPS BELOW WILL LIKELY VOID YOUR WARRANTY. USE AT YOUR OWN DISCRETION. #1 – SSH into the appliance with the admin user #2 – Select Option 5 “Device
Read More

Sophos – Captive Portal Excess Traffic Over WAN

I have noticed that Sophos 16 seems to have a problem with the way it’s captive portal works. If enabled (firewall policy set to drop), it seems to generate excessive amounts of traffic over my links to the remote branches. Screenshot below shows the traffic when captive portal is enabled, and you can see the massive
Read More

Snippet – Nginx Wildcard Subdomain

This snippet works with Letsencrypt Wildcard certificates! Specify -d *.domain.com to install the certificate when using certbot. Insert into server block. Change domain.com to correct domain. server_name ~^(?<subdomain>.+)\.domain\.com$;  root /var/www/html/domain,com/$subdomain/htdocs;