FreePBX / issue-tracker

The unified FreePBX issue tracker.
https://www.freepbx.org
GNU General Public License v3.0
12 stars 1 forks source link

[bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin #475

Closed jgrieb111260 closed 1 month ago

jgrieb111260 commented 1 month ago

FreePBX Version

FreePBX 17

Issue Description

When I click on the save button under Intrusion Detection in the System Administrator, the message Cannot Save, Scintillation is in Progress appears at the top of the screen. This problem occurs in both FreePBX 17 installations that I have done.

Operating Environment

FreePBX 17.0.19.13 Asterisk 21.4.3 Firewall 17.0.1.26 Framework 17.0.19.13

Relevant log output

No response

Akarsh04 commented 1 month ago

Hi @jgrieb111260

We were unable to reproduce this issue in our systems. Please provide us with more information, such as the settings on the Intrusion Detection page. Are there any IPs listed under Trusted or Banned IPs?

Is this issue occurring after any specific action?

jgrieb111260 commented 1 month ago

@.***https://www.griebsch.de/

Hello, here is a screenshot of the intrusion detection. It is a new installation with only activation, no configuration yet. There is a blocked IP. The problem also occurs if there are no blocked IPs. The error message appears when clicking on "Save intrusion detection" @.***

@.***

Systemhaus Griebsch GmbH Jörg Griebsch Hasselfelder Weg 3 37445 Walkenried

Fon: 05525 95996990 Fax: 05525 95996919 E-Mail: @.**@.> Web: www.griebsch.dehttp://www.griebsch.de/

Geschäftsführer: Allin Griebsch

HRB 201224 Amtsgericht Göttingen AGB: http://www.griebsch.de/1/agb/

Von: Akarsh04 @.> Gesendet: Mittwoch, 9. Oktober 2024 07:57 An: FreePBX/issue-tracker @.> Cc: Systemhaus Griebsch GmbH @.>; Mention @.> Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

Hi @jgrieb111260https://github.com/jgrieb111260

We were unable to reproduce this issue in our systems. Please provide us with more information, such as the settings on the Intrusion Detection page. Are there any IPs listed under Trusted or Banned IPs?

Is this issue occurring after any specific action?

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2401378295, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLUWQAIWGWBINYO56TDZ2TAR3AVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBRGM3TQMRZGU. You are receiving this because you were mentioned.Message ID: @.**@.>>

jgrieb111260 commented 1 month ago

@.***https://www.griebsch.de/

Hello, Here is a screen video showing the error. I have 3 FreePBX installations and the error occurs in all 3 installations.

Systemhaus Griebsch GmbH Jörg Griebsch Hasselfelder Weg 3 37445 Walkenried

Fon: 05525 95996990 Fax: 05525 95996919 E-Mail: @.**@.> Web: www.griebsch.dehttp://www.griebsch.de/

Geschäftsführer: Allin Griebsch

HRB 201224 Amtsgericht Göttingen AGB: http://www.griebsch.de/1/agb/

Von: Akarsh04 @.> Gesendet: Mittwoch, 9. Oktober 2024 07:57 An: FreePBX/issue-tracker @.> Cc: Systemhaus Griebsch GmbH @.>; Mention @.> Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

Hi @jgrieb111260https://github.com/jgrieb111260

We were unable to reproduce this issue in our systems. Please provide us with more information, such as the settings on the Intrusion Detection page. Are there any IPs listed under Trusted or Banned IPs?

Is this issue occurring after any specific action?

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2401378295, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLUWQAIWGWBINYO56TDZ2TAR3AVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBRGM3TQMRZGU. You are receiving this because you were mentioned.Message ID: @.**@.>>

kguptasangoma commented 1 month ago

Hi @jgrieb111260 can you please check below logs when you see "saving not possible" error ? 1) /var/log/cron 2) fwconsole debug

See if you find any unusual thing in ^ log files.

As we are unable to reproduce so if you are using sysadmin commercial module then I would suggest to open commercial module support ticket so we can ssh to your system to debug this issue further.

Thank you for using Freepbx Kapil

jgrieb111260 commented 1 month ago

@.***https://www.griebsch.de/

Hello, when I click on the save button and get the "saving not possible error" the following is logged in /var/log/cron

2024-10-11T13:10:20.072261+02:00 Test sysadmin-hook[1563140]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned ' 2024-10-11T13:10:28.126445+02:00 Test incrond[56467]: PATH (/var/spool/asterisk/incron) FILE (sysadmin.fail2ban-getbanned) EVENT (IN_CLOSE_WRITE) 2024-10-11T13:10:28.126549+02:00 Test incrond[56467]: (system::sysadmin) CMD (/usr/bin/sysadmin_manager sysadmin.fail2ban-getbanned) 2024-10-11T13:10:28.160013+02:00 Test sysadmin-hook[1563162]: sysadmin hook started - ["\/usr\/bin\/sysadmin_manager","sysadmin.fail2ban-getbanned"] 2024-10-11T13:10:28.169303+02:00 Test sysadmin-hook[1563162]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned ' 2024-10-11T13:10:28.954473+02:00 Test incrond[56467]: PATH (/var/spool/asterisk/incron) FILE (sysadmin.fail2ban-getbanned) EVENT (IN_CLOSE_WRITE) 2024-10-11T13:10:28.954562+02:00 Test incrond[56467]: (system::sysadmin) CMD (/usr/bin/sysadmin_manager sysadmin.fail2ban-getbanned) 2024-10-11T13:10:28.986978+02:00 Test sysadmin-hook[1563180]: sysadmin hook started - ["\/usr\/bin\/sysadmin_manager","sysadmin.fail2ban-getbanned"] 2024-10-11T13:10:28.993678+02:00 Test sysadmin-hook[1563180]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned ' 2024-10-11T13:10:29.560957+02:00 Test incrond[56467]: PATH (/var/spool/asterisk/incron) FILE (sysadmin.fail2ban-getbanned) EVENT (IN_CLOSE_WRITE) 2024-10-11T13:10:29.561060+02:00 Test incrond[56467]: (system::sysadmin) CMD (/usr/bin/sysadmin_manager sysadmin.fail2ban-getbanned) 2024-10-11T13:10:29.592368+02:00 Test sysadmin-hook[1563189]: sysadmin hook started - ["\/usr\/bin\/sysadmin_manager","sysadmin.fail2ban-getbanned"] 2024-10-11T13:10:29.599406+02:00 Test sysadmin-hook[1563189]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned ' 2024-10-11T13:10:30.330274+02:00 Test incrond[56467]: PATH (/var/spool/asterisk/incron) FILE (sysadmin.fail2ban-getbanned) EVENT (IN_CLOSE_WRITE) 2024-10-11T13:10:30.330372+02:00 Test incrond[56467]: (system::sysadmin) CMD (/usr/bin/sysadmin_manager sysadmin.fail2ban-getbanned) 2024-10-11T13:10:30.344592+02:00 Test incrond[56467]: PATH (/var/spool/asterisk/incron) FILE (sysadmin.fail2ban-getbanned) EVENT (IN_CLOSE_WRITE) 2024-10-11T13:10:30.344868+02:00 Test incrond[56467]: (system::sysadmin) CMD (/usr/bin/sysadmin_manager sysadmin.fail2ban-getbanned) 2024-10-11T13:10:30.364392+02:00 Test sysadmin-hook[1563217]: sysadmin hook started - ["\/usr\/bin\/sysadmin_manager","sysadmin.fail2ban-getbanned"] 2024-10-11T13:10:30.371511+02:00 Test sysadmin-hook[1563217]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned ' 2024-10-11T13:10:30.378020+02:00 Test sysadmin-hook[1563223]: sysadmin hook started - ["\/usr\/bin\/sysadmin_manager","sysadmin.fail2ban-getbanned"] 2024-10-11T13:10:30.378102+02:00 Test sysadmin-hook[1563223]: File '/var/spool/asterisk/incron/sysadmin.fail2ban-getbanned' didn't exist. That's unpossible (Are you running incron commands manually?) 2024-10-11T13:10:30.384632+02:00 Test sysadmin-hook[1563223]: Security check passed. Running '/var/www/html/admin/modules/sysadmin/hooks/fail2ban-getbanned '

With fwconsole there is no further information when saving.

This installation is just a test installation to test the FreePBX 17 for my customers before installing it. The commercial sysadmin module is therefore not activated. If you tell me your IP address through which you would like to access my FreePBX, I will open the ssh port for your IP in the firewall and give you the access data. Since this is just a test installation, security is not compromised.

Best regards

Jörg Griebsch

Systemhaus Griebsch GmbH Jörg Griebsch Hasselfelder Weg 3 37445 Walkenried

Fon: 05525 95996990 Fax: 05525 95996919 E-Mail: @.**@.> Web: www.griebsch.dehttp://www.griebsch.de/

Geschäftsführer: Allin Griebsch

HRB 201224 Amtsgericht Göttingen AGB: http://www.griebsch.de/1/agb/

Von: kguptasangoma @.> Gesendet: Donnerstag, 10. Oktober 2024 19:35 An: FreePBX/issue-tracker @.> Cc: Systemhaus Griebsch GmbH @.>; Mention @.> Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

Hi @jgrieb111260https://github.com/jgrieb111260 can you please check below logs when you see "saving not possible" error ?

  1. /var/log/cron
  2. fwconsole debug

See if you find any unusual thing in ^ log files.

As we are unable to reproduce so if you are using sysadmin commercial module then I would suggest to open commercial module support ticket so we can ssh to your system to debug this issue further.

Thank you for using Freepbx Kapil

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2405685125, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLQLH66AS32ARIDILUDZ223CTAVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBVGY4DKMJSGU. You are receiving this because you were mentioned.Message ID: @.**@.>>

kguptasangoma commented 1 month ago

Hi @jgrieb111260

If you have test system where this issue is occurring then please share the credentials to kgupta@sangoma.com so i can ssh to your system to check this issue.

Thanks

jgrieb111260 commented 1 month ago

Hello, please tell me your public IP address through which you want to access the FreePBX so that I can release it in the firewall. Best regards


Von: kguptasangoma @.***> Gesendet: Montag, 14. Oktober 2024 07:03 An: FreePBX/issue-tracker Cc: Systemhaus Griebsch GmbH; Mention Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

Hi @jgrieb111260https://github.com/jgrieb111260

If you have test system where this issue is occurring then please share the credentials to @.**@.> so i can ssh to your system to check this issue.

Thanks

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2409950841, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLVLEFAPKZLTTYD4YOLZ3NGBLAVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBZHE2TAOBUGE. You are receiving this because you were mentioned.Message ID: @.***>

kguptasangoma commented 1 month ago

203.187.254.50 @jgrieb111260

jgrieb111260 commented 1 month ago

@.***https://www.griebsch.de/

Hello,

FreePBX-IP 157.90.234.47

Grafical User Interface User: admin Password: #jG111260%

SSH-Access User: root Password: Jg111260

Systemhaus Griebsch GmbH Jörg Griebsch Hasselfelder Weg 3 37445 Walkenried

Fon: 05525 95996990 Fax: 05525 95996919 E-Mail: @.**@.> Web: www.griebsch.dehttp://www.griebsch.de/

Geschäftsführer: Allin Griebsch

HRB 201224 Amtsgericht Göttingen AGB: http://www.griebsch.de/1/agb/

Von: kguptasangoma @.> Gesendet: Montag, 14. Oktober 2024 08:14 An: FreePBX/issue-tracker @.> Cc: Systemhaus Griebsch GmbH @.>; Mention @.> Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

203.187.254.50 @jgrieb111260https://github.com/jgrieb111260

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2410107546, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLVI2C7UTL7BOFE63V3Z3NOJJAVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMJQGEYDONJUGY. You are receiving this because you were mentioned.Message ID: @.**@.>>

kguptasangoma commented 1 month ago

Hi @jgrieb111260 can you please download below latest firewall module and give a try.

fwconsole ma downloadinstall firewall --tag=17.0.1.28

fwconsole r

Thanks for sharing your system access, I am done with that so please disconnect the server (also change the password as you have shared the password in publicly visible space).

Regards Kapil

jgrieb111260 commented 1 month ago

@.***https://www.griebsch.de/ Hello, The error is resolved with the installation of the firewall update. Thank you for your support.

Best Regards

Systemhaus Griebsch GmbH Jörg Griebsch Hasselfelder Weg 3 37445 Walkenried

Fon: 05525 95996990 Fax: 05525 95996919 E-Mail: @.**@.> Web: www.griebsch.dehttp://www.griebsch.de/

Geschäftsführer: Allin Griebsch

HRB 201224 Amtsgericht Göttingen AGB: http://www.griebsch.de/1/agb/

Von: kguptasangoma @.> Gesendet: Montag, 14. Oktober 2024 09:14 An: FreePBX/issue-tracker @.> Cc: Systemhaus Griebsch GmbH @.>; Mention @.> Betreff: Re: [FreePBX/issue-tracker] [bug]: Saving not possible. Scintillation process is running- Modul Intrusion Detection in System Admin (Issue #475)

Hi @jgrieb111260https://github.com/jgrieb111260 can you please download below latest firewall module and give a try.

fwconsole ma downloadinstall firewall --tag=17.0.1.28

fwconsole r

Thanks for sharing your system access, I am done with that so please disconnect the server (also change the password as you have shared the password in publicly visible space).

Regards Kapil

— Reply to this email directly, view it on GitHubhttps://github.com/FreePBX/issue-tracker/issues/475#issuecomment-2410229688, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLZZOLT6HYVHOZTHQQTPVKTZ3NVMXAVCNFSM6AAAAABPNI3UCGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMJQGIZDSNRYHA. You are receiving this because you were mentioned.Message ID: @.**@.>>