Displaying 20 results from an estimated 49 matches for "wforce".
Did you mean:
force
2017 Aug 02
4
Auth Policy Server/wforce/weakforced
Is there explicit documentation available for the (probably trivial)
configuration needed for Dovecot and Wforce? I'm probably missing
something that should be perfectly obvious...
Wforce appears to start without errors. I added a file to dovecot's conf.d:
95-policy.conf:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = this_is_my_super_secret_something
Looking at the Wfo...
2019 May 13
2
dovecot 2.2.36 and wforce
Hi list
I'm trying to setup dovecot 2.2.36 on a Centos6 to communicate with a
wforce daemon on the remote side. wforce is latest released from git
repo. Daemon part is working and I can successfully send queries from
remote systems to wforce via curl
For dovecot I configured in /etc/dovecot/conf.d/95-wforce.conf
> auth_policy_server_url = http://REMOTE_IP:8084/
> auth_polic...
2019 Mar 07
2
how to enable PowerDNS/Weakforced with Fedora and sendmail
So for auth_policy_server_api_header. is the value of our_password come from the hashed response or the plain-text password? What else am I doing wrong?
Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request "/" from 127.0.0.1:56416: Web Authentication failed
curl -X POST -H "Content-Type: application/json" --data '{"login?:?ouruser?, "remote": "127.0.0.1", "pwhash?:?hashed-password?}? http://127.0.0.1:8084/?c...
2017 Aug 04
0
Auth Policy Server/wforce/weakforced
On 8/4/2017 12:48 PM, Daniel Miller wrote:
> On 8/3/2017 6:11 AM, Teemu Huovila wrote:
>>
>> On 02.08.2017 23:35, Daniel Miller wrote:
>>> Is there explicit documentation available for the (probably trivial)
>>> configuration needed for Dovecot and Wforce? I'm probably missing
>>> something that should be perfectly obvious...
>>>
>>> Wforce appears to start without errors. I added a file to dovecot's
>>> conf.d:
>>>
>>> 95-policy.conf:
>>> auth_policy_server_url = http://loca...
2019 May 13
0
dovecot 2.2.36 and wforce
> On 13 May 2019 18:54 Tobi via dovecot <dovecot at dovecot.org> wrote:
>
>
> Hi list
>
> I'm trying to setup dovecot 2.2.36 on a Centos6 to communicate with a
> wforce daemon on the remote side. wforce is latest released from git
> repo. Daemon part is working and I can successfully send queries from
> remote systems to wforce via curl
>
> For dovecot I configured in /etc/dovecot/conf.d/95-wforce.conf
>
> > auth_policy_server_url = http://R...
2017 Aug 03
0
Auth Policy Server/wforce/weakforced
On 02.08.2017 23:35, Daniel Miller wrote:
> Is there explicit documentation available for the (probably trivial) configuration needed for Dovecot and Wforce? I'm probably missing something that should be perfectly obvious...
>
> Wforce appears to start without errors. I added a file to dovecot's conf.d:
>
> 95-policy.conf:
> auth_policy_server_url = http://localhost:8084/
> auth_policy_hash_nonce = this_is_my_super_secret_...
2019 Mar 06
2
how to enable PowerDNS/Weakforced with Fedora and sendmail
I took suggestions from https://forge.puppet.com/fraenki/wforce to set
these in /etc/dovecot/conf.d/95-auth.conf
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = our_password
auth_policy_server_api_header = "Authorization: Basic
hash_from_running_echo-n_base64"
auth_policy_server_timeout_msecs = 2000
auth_policy_hash_mech = sh...
2019 Mar 07
0
how to enable PowerDNS/Weakforced with Fedora and sendmail
In weakforced you have
webserver("0.0.0.0:8084", "THIS-IS-THE-PASSWORD-FOR-WFORCE")
Thus, you make the base64 blob as
~$ echo -n wforce:THIS-IS-THE-PASSWORD-FOR-WFORCE | base64
d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U=
And in dovecot you put
auth_policy_server_api_header = Authorization Basic d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U
Aki
> On 7...
2019 May 22
1
weakforced: Possible to access the ip address of report/allow?
Hi Neil
thanks for the hint with the dovecot config, adding this and I can see that
> ... attrs={local_ip="XX.XX.XX.XX"} ...
is now logged by wforce daemon. Then I tried to access that value from
wforce with the following testcode
> if (#lt.attrs > 0)
> then
> return 7, "ip_local", "ip_local", { test=test }
> end
but even if attrs are set (according to wforce logs), the code above
does not go into if condi...
2019 Mar 07
0
how to enable PowerDNS/Weakforced with Fedora and sendmail
wforce is the username always.
auth_policy_hash_nonce should be set to a pseudorandom value that is
shared by your server(s). Weakforced does not need it for anything.
auth_policy_server_api_header should be set to Authorization: Basic
<echo -n wforce:our_password | base64>
without the < >....
2019 May 14
2
weakforced and GeoIP lookups
...e running configure. GeoIP support is only compiled in if it finds the right libs.
This would be libmaxminddb-dev on Ubuntu for example.
Neil
>> Hi list
>>
>> hope it's okay to ask weakforced questions here as well, but I could not
>> find a dedicated mailinglist for wforce.
>>
>> I want to enable GeoIP lookups in my wforce daemon. In a first step I
>> installed luarocks and lua-compat53 to install mmdblua module.
>> Then I added
>>
>> newGeoIP2DB("country", "/usr/local/share/GeoIP/GeoLite2-Country.mmdb")
>&...
2019 May 22
2
weakforced: Possible to access the ip address of report/allow?
Hi
I wonder if the information about the origin of report or allow can be
accessed somehow. lt.remote gives the IP of the client trying to login
but is there anything in lt which gives the ip of the system that
connects to wforced?
Thanks and have a good one
--
tobi
2017 Sep 27
2
Conditionally disabling auth policy
...`
>
> of course could just skip all checks in that case if really wanted. but
> you probably want to be careful not to skip too many checks otherwise
> the attack moves from your imap port e.g. to your webmailer.
>
>
>
Hi. Yup, I've got my own whitelisting going on, on the wforce side of
things. I'm just looking to forgo the 3 HTTP reqs completely to wforce,
from the dovecot side, if possible. I've got some internal services that
can generate a significant amount of dovecot logins, but it's kind of silly
to keep doing auth policy lookups for those internal serve...
2019 May 14
2
weakforced and GeoIP lookups
...libs.
>>
>> This would be libmaxminddb-dev on Ubuntu for example.
>>
>> Neil
>>
>>>> Hi list
>>>>
>>>> hope it's okay to ask weakforced questions here as well, but I could not
>>>> find a dedicated mailinglist for wforce.
>>>>
>>>> I want to enable GeoIP lookups in my wforce daemon. In a first step I
>>>> installed luarocks and lua-compat53 to install mmdblua module.
>>>> Then I added
>>>>
>>>> newGeoIP2DB("country", "/usr/loca...
2019 Mar 15
0
lua policy for Weakforce and web mail failed login attempts
The good news is I believe I got Weakforce running
1) curl -X GET http://127.0.0.1:8084/?command=ping -u wforce:ourpassword
{"status":"ok"}[
2) after running the sample for loop:
for a in {1..101}; do curl -X POST -H "Content-Type:
application/json" --data '{"login":"ahu", "remote": "127.0.0.1",
"pwhash":"1234'...
2019 Mar 28
0
configuring Dovecot with wforced and auth_policy_server_url with https results in assertion failed
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 28 March 2019 21:52 Robert Kudyba <rkudyba@fordham.edu> wrote:
</div>
<div>
<br>
</div>
<div>
<br>
2017 Sep 28
2
Conditionally disabling auth policy
...at case if really wanted. but
> >> you probably want to be careful not to skip too many checks otherwise
> >> the attack moves from your imap port e.g. to your webmailer.
> >>
> >>
> >>
> > Hi. Yup, I've got my own whitelisting going on, on the wforce side of
> > things. I'm just looking to forgo the 3 HTTP reqs completely to wforce,
> > from the dovecot side, if possible. I've got some internal services that
> > can generate a significant amount of dovecot logins, but it's kind of
> silly
> > to keep doing...
2019 Mar 28
0
configuring Dovecot with wforced and auth_policy_server_url with https results in assertion failed
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 28 March 2019 16:08 Robert Kudyba via dovecot <dovecot@dovecot.org> wrote:
</div>
<div>
<br>
</div>
<div>
2019 Jan 16
2
Dovecot + Weakforced Policy server
Hi Aki,
I've configured in this way:
vm-weakforced:~# printf 'wforce:super' | base64
d2ZvcmNlOnN1cGVy
vm-weakforced:~# cat /etc/dovecot/conf.d/95-policy.conf
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = some random string
auth_policy_server_api_header = "Authorization: Basic d2ZvcmNlOnN1cGVy
With the same result...
> Wforc...
2019 Mar 28
2
configuring Dovecot with wforced and auth_policy_server_url with https results in assertion failed
dovecot-2.3.3-1.fc29.x86_64
Mar 28 10:04:47 auth: Panic: file http-client-request.c: line 283 (http_client_request_unref): assertion failed: (req->refcount > 0)
Mar 28 10:04:47 auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0xe34fb) [0x7fe76e0834fb] -> /usr/lib64/dovecot/libdovecot.so.0(+0xe3597) [0x7fe76e083597] -> /usr/lib64/dovecot/libdovecot.so.0(+0x51207)