Re: Guardian 2 - Correction

["R. W. Rodolico" <rodo@dailydata.net>]

[-- Attachment #1: Type: text/plain, Size: 5651 bytes --]

Do the following:

Open a command prompt on the router, via whatever means you have, and
issue the command:

tail -f /var/log/httpd/error_log

Note the latest timestamp of the entry

Now, open a web browser and browse to the Guardian page, but nothing else.

Copy the text from the command prompt after the timestamp you noted
above. You can send that directly to me if you like, or reply here.

If I can not suggest a fix, I'll be happy to work with you via
messaging, email, or if you're in the US, phone.

Rod

On 07/16/2016 07:42 PM, Mark Coolen wrote:
> I'm still getting nothing but a blank page. Everything else seems to
> still be working fine, but I'm a bit afraid I'll mess something up
> really badly with all this playing around.
> 
> On Sat, Jul 16, 2016 at 7:19 PM, R. W. Rodolico <rodo(a)dailydata.net
> <mailto:rodo(a)dailydata.net>> wrote:
> 
>     A partial fix would be to run the following bash commands. The reason I
>     say partial is because I got the permissions from a different firewall
>     that does not have Guardian installed on it, so it could not determine
>     the correct permissions for any of those directories.
> 
>     This was taken from the output of a perl script I threw together. It is
>     NOT commented (sorry) but pretty straight forward. Simply gets the
>     permissions and ownership from each directory (and parent directory) out
>     of an array based on Matthias' research. I did NOT check to verify the
>     permissions were not already set. The output is simply a list of
>     commands to set permissions from one machine to the same as the
>     permissions on another.
> 
>     The originating script is temporarily stored at
>     http://unixservertech.com/fixPermissions.pl
>     That is a web site in progress. Feel free to download and run it on a
>     machine that has Guardian (after looking at it and making sure I didn't
>     do something stoopid). No guarantee it won't eat your firewall, but I
>     ran it on a production machine, then ran the output on my test router
>     and it appears to have worked.
>     ======================================================
>     chown 0:0 /etc
>     chmod 0755 /etc
> 
>     chown 0:0 /etc/logrotate.d
>     chmod 0755 /etc/logrotate.d
> 
>     chown 0:0 /etc/rc.d
>     chmod 0755 /etc/rc.d
> 
>     chown 0:0 /etc/rc.d/init.d
>     chmod 0755 /etc/rc.d/init.d
> 
>     chown 0:0 /etc/rc.d/init.d/networking
>     chmod 0755 /etc/rc.d/init.d/networking
> 
>     chown 0:0 /etc/rc.d/init.d/networking/red.up
>     chmod 0755 /etc/rc.d/init.d/networking/red.up
> 
>     chown 0:0 /etc/rc.d/init.d/snort
>     chmod 0754 /etc/rc.d/init.d/snort
> 
>     chown 0:0 /etc/rc.d/rc0.d
>     chmod 0755 /etc/rc.d/rc0.d
> 
>     chown 0:0 /etc/rc.d/rc3.d
>     chmod 0755 /etc/rc.d/rc3.d
> 
>     chown 0:0 /etc/rc.d/rc6.d
>     chmod 0755 /etc/rc.d/rc6.d
> 
>     chown 0:0 /opt
>     chmod 0755 /opt
> 
>     chown 0:0 /opt/pakfire
>     chmod 0755 /opt/pakfire
> 
>     chown 0:0 /opt/pakfire/db
>     chmod 0755 /opt/pakfire/db
> 
>     chown 0:0 /opt/pakfire/db/installed
>     chmod 0755 /opt/pakfire/db/installed
> 
>     chown 0:0 /srv
>     chmod 0755 /srv
> 
>     chown 0:0 /srv/web
>     chmod 0755 /srv/web
> 
>     chown 0:0 /srv/web/ipfire
>     chmod 0755 /srv/web/ipfire
> 
>     chown 0:0 /srv/web/ipfire/cgi-bin
>     chmod 0755 /srv/web/ipfire/cgi-bin
> 
>     chown 0:0 /srv/web/ipfire/cgi-bin/ids.cgi
>     chmod 0755 /srv/web/ipfire/cgi-bin/ids.cgi
> 
>     chown 0:0 /usr
>     chmod 0755 /usr
> 
>     chown 0:0 /usr/bin
>     chmod 0755 /usr/bin
> 
>     chown 0:0 /usr/lib
>     chmod 0755 /usr/lib
> 
>     chown 0:0 /usr/lib/perl5
>     chmod 0755 /usr/lib/perl5
> 
>     chown 0:0 /usr/lib/perl5/site_perl
>     chmod 0755 /usr/lib/perl5/site_perl
> 
>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3
>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3
> 
>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/Net
>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/Net
> 
>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi
> 
>     chown 0:0 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
>     chmod 0755 /usr/lib/perl5/site_perl/5.12.3/i586-linux-thread-multi/auto
> 
>     chown 0:0 /usr/sbin
>     chmod 0755 /usr/sbin
> 
>     chown 0:0 /var
>     chmod 0755 /var
> 
>     chown 0:0 /var/ipfire
>     chmod 0755 /var/ipfire
> 
>     chown 0:0 /var/ipfire/backup
>     chmod 0755 /var/ipfire/backup
> 
>     chown 0:0 /var/ipfire/backup/addons
>     chmod 0755 /var/ipfire/backup/addons
> 
>     chown 0:0 /var/ipfire/backup/addons/includes
>     chmod 0755 /var/ipfire/backup/addons/includes
> 
>     chown 0:0 /var/ipfire/langs
>     chmod 0755 /var/ipfire/langs
> 
>     chown 0:0 /var/ipfire/langs/de.pl <http://de.pl>
>     chmod 0644 /var/ipfire/langs/de.pl <http://de.pl>
> 
>     chown 0:0 /var/ipfire/langs/en.pl <http://en.pl>
>     chmod 0644 /var/ipfire/langs/en.pl <http://en.pl>
> 
>     chown 0:0 /var/ipfire/menu.d
>     chmod 0755 /var/ipfire/menu.d
> 
>     chown 0:0 /var/log
>     chmod 0755 /var/log
>     ======================================================
> 
>     --
>     Rod Rodolico
>     Daily Data, Inc.
>     POB 140465
>     Dallas TX 75214-0465
>     214.827.2170 <tel:214.827.2170>
>     http://www.dailydata.net
> 
> 
> 
> 
> -- 
>  _  _           _     ___         _         
>  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
> ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net