ripreg Posted January 13, 2014 Share #1 Posted January 13, 2014 Hi guys. First of all thanks for all your work which is simply awsome! Said that, I want to share my hardware setup so if somebody want to install XPEnology on a computer knows that with this hardware is working and working fine Intel® Atom CPU D2550 @ 1.86GHz ASRock AD2550-ITX (full passive) 2 GB DDR3 1333 Mhz (just one for the moment ) 1 x 2TB WD Green Installation went with no problems, everything work fine - again thanks for your great job. I'm now facing a problem (well actually two) 1) the iptables implementation looks really basic and from what I can remember iptables are compiled with the kernel. My problem is that I cannot use the "connlimit" module and yeah, I tried to copy from another Linux box but with no luck . Do you think is possible to install that module into XPEnology? My goal now is to limit the OUTBOUND http connections number (yeah from my NAS to the internet - long story...) 2) I would like to use the CLI for download station: http://downloadstation.jroene.de/ I followed all the instructions but when I run "downloadstation" I get: Traceback (most recent call last): File "/opt/bin/downloadstation", line 16, in import optparse, sys, os, datetime, time, re, pyPgSQL ImportError: No module named pyPgSQL I'm quite sure I'm missing something really basic but after dealing with this NAS for hours I could be lost a bit thank you for your time. Link to comment Share on other sites More sharing options...
Trantor Posted January 14, 2014 Share #2 Posted January 14, 2014 1) the iptables implementation looks really basic and from what I can remember iptables are compiled with the kernel. My problem is that I cannot use the "connlimit" module and yeah, I tried to copy from another Linux box but with no luck . Do you think is possible to install that module into XPEnology? My goal now is to limit the OUTBOUND http connections number (yeah from my NAS to the internet - long story...) 2) I would like to use the CLI for download station: http://downloadstation.jroene.de/ I followed all the instructions but when I run "downloadstation" I get: Traceback (most recent call last): File "/opt/bin/downloadstation", line 16, in import optparse, sys, os, datetime, time, re, pyPgSQL ImportError: No module named pyPgSQL First of all you need to install bootstrap : http://forum.synology.com/wiki/index.ph ... stall_ipkg Use this one : http://ipkg.nslu2-linux.org/feeds/optwa ... 7_i686.xsh Then you can install iptables ipkg and others packages missing for you CLI (according http://downloadstation.jroene.de/ : python24 py-pgsql py24-mx-base). Link to comment Share on other sites More sharing options...
ripreg Posted January 14, 2014 Author Share #3 Posted January 14, 2014 both problems solved: downloadstation: I was pointing to the wrong python path (2 ver of python installed) iptables: my bad... I had to restart the nas Link to comment Share on other sites More sharing options...
ripreg Posted January 27, 2014 Author Share #4 Posted January 27, 2014 Back again... So I'm acutally having trouble with DLstation CLI 'cause I can't add any link to it. The command completes just fine but I see nothing in DLStation... very odd. Btw I'm a bit lost with iptables: I restarted my NAS and I added this rule: -A OUTPUT -p tcp -m tcp --dport 80 -m state --state NEW,RELATED -m limit --limit 5/min --limit-burst 1 -j DROP Which SHOULD limit the outbound connection to any IPs on port 80 @ 5 per min. The point is the rule is acutally working (hitcount incrementing) but I can see more than 5 connections ATTEMPT per minute: XPenology> netstat -an | grep ":80" tcp 1464 0 192.168.0.9:49483 xy.xy.xy.81:80 CLOSE_WAIT tcp 6 0 192.168.0.9:42483 xy.xy.xy.:80 CLOSE_WAIT tcp 0 0 192.168.0.9:50774 xy.xy.xy.18:80 TIME_WAIT tcp 0 1 192.168.0.9:50788 xy.xy.xy.18:80 SYN_SENT tcp 0 0 192.168.0.9:50763 xy.xy.xy.18:80 TIME_WAIT tcp 1 0 192.168.0.9:34733 xy.xy.xy.81:80 CLOSE_WAIT tcp 0 0 192.168.0.9:50778 xy.xy.xy.18:80 TIME_WAIT tcp 0 0 192.168.0.9:50771 xy.xy.xy.18:80 TIME_WAIT tcp 1 0 192.168.0.9:37473 xy.xy.xy.81:80 CLOSE_WAIT tcp 0 0 192.168.0.9:43438 xy.xy.xy.202:80 ESTABLISHED tcp 0 0 192.168.0.9:50784 xy.xy.xy.18:80 TIME_WAIT tcp 16 0 192.168.0.9:49484 xy.xy.xy.81:80 CLOSE_WAIT tcp 0 0 192.168.0.9:50785 xy.xy.xy.18:80 TIME_WAIT tcp 0 0 192.168.0.9:50779 xy.xy.xy.18:80 ESTABLISHED tcp 0 0 ::%134822437:80 ::%134897295:* LISTEN Well I know that TIME_WAIT doesn't mean there's a connection but it means that my NAS sent a packet to that server which is wrong for me. So my question is: why this rule is working as expected on another linux box but it doesn't work here? Thanks for your help. Link to comment Share on other sites More sharing options...
Recommended Posts