We Keep Coding

OpenIO swift deny host headers

OpenIO 7.2.0.
I have an OpenIO with keystone (queens) auth cluster.
By default any user can configure his own acls and public url.
I would like to restrict user only for read and write in containers and objects.
Apparently deny_host_headers can do the job in proxy-server.conf but it not seems to be working -> nothing append.
I didn't find any "super admin" acls.
Any idea ?
My proxy-server.conf ->
# OpenIO managed
[DEFAULT]
use_stderr = False
bind_ip = ip
bind_port = port
workers = 72
max_clients = 1024
user = openio
log_facility = /dev/log
log_header = true
log_level = INFO
log_name = OIO,OPENIO,oioswift,0
eventlet_debug = false
sds_namespace = OPENIO
sds_proxy_url = http://ip:port
sds_default_account = openio
sds_connection_timeout = 5
sds_read_timeout = 35
sds_write_timeout = 35
sds_pool_connections = 500
sds_pool_maxsize = 500
sds_max_retries = 0
sds_tls = False
[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk proxy-logging authtoken keystoneauth proxy-logging copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:gatekeeper]
use = egg:swift#gatekeeper
[filter:healthcheck]
use = egg:oioswift#healthcheck
[filter:proxy-logging]
use = egg:swift#proxy_logging
access_log_headers = false
access_log_headers_only =
[filter:cache]
use = egg:swift#memcache
memcache_servers = ip:port
memcache_max_connections = 10
oio_cache = False
oio_cache_ttl = 0
[filter:bulk]
use = egg:swift#bulk
#[filter:tempurl]
#use = egg:swift#tempurl
#[filter:swift3]
#use = egg:swift3#swift3
#force_swift_request_proxy_log = True
#s3_acl = True
#check_bucket_owner = True
#location = us-east-1
#max_bucket_listing = 1000
#max_multi_delete_objects = 1000
#max_upload_part_num = 10000
#log_s3api_command = False
#bucket_db_enabled = True
#bucket_db_prefix = s3bucket:
#storage_domain = s3.openio.io
#bucket_db_master_name = OPENIO-master-1
#bucket_db_sentinel_hosts = ip:port
#[filter:tempauth]
#use = egg:oioswift#tempauth
#user_demo_demo = DEMO_PASS .admin
[filter:copy]
use = egg:oioswift#copy
object_post_as_copy = False
[filter:container-quotas]
use = egg:swift#container_quotas
[filter:account-quotas]
use = egg:swift#account_quotas
[filter:slo]
use = egg:oioswift#slo
max_manifest_segments = 10000
concurrency = 10
[filter:dlo]
use = egg:swift#dlo
[filter:versioned_writes]
use = egg:oioswift#versioned_writes
allow_versioned_writes = True
[app:proxy-server]
use = egg:oioswift#main
object_post_as_copy = False
allow_account_management = True
account_autocreate = True
sds_chunk_checksum_algo =
deny_host_headers = x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-container-meta-temp-url-key, x-container-meta-temp-url-key-2, x-account-access-control
[filter:authtoken]
auth_type = password
#username = swift
username = user
project_name = user
region_name = region
user_domain_id = domain
memcache_secret_key = memcache_secret_key
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
insecure = True
cache = swift.cache
delay_auth_decision = True
token_cache_time = 300
auth_url = http://ip:port
include_service_catalog = False
www_authenticate_uri = http://ip:port
memcached_servers = ip:port
password = password
revocation_cache_time = 60
memcache_security_strategy = ENCRYPT
project_domain_id = dommain
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = role
reseller_admin_role = role

delay_auth_decision = False in authtoken section in proxy-server.conf file do the job.
delay_auth_decision : delay_auth_decision defaults to False, but leaving it as false will prevent other auth systems, staticweb, tempurl, formpost, and ACLs from working. This value must be explicitly set to True.
Now only files owners can view/create/edit containers/objects -> ACLs and sharing won't works.

What changed in exim 4.94, after update the line throws an error

I use Vesta control panel, Exim is screwed to it, after update, errors.
2020-12-03 23:45:35 H=mail-wr1-f44.google.com [209.85.221.44] X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<mymail#gmail.com> temporarily rejected RCPT <info#my.com>: failed to expand "${extract{1}{:}{${lookup{$local_part#$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
along the way there are symbolic links. How to zoom out?
/etc/exim/domains/$domain/aliases

Working Exim configuration for Centos 7/8
Search google: Devoleksiy vesta rhel8 exim.conf
Such an odd response because the moderator deleted my response with a link to the working configuration, which will obsolete the error.
If I insert what to replace it will get even more confusing.
######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes
#SPAM_SCORE = 50
#CLAMD = yes
add_environment = <; PATH=/bin:/usr/bin
keep_environment =
disable_ipv6=true
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{${if exists {/usr/local/vesta/ssl/exim.cert.$tls_in_sni} \
{/usr/local/vesta/ssl/exim.cert.$tls_in_sni} \
{/usr/local/vesta/ssl/certificate.crt} \
}} \
{/usr/local/vesta/ssl/certificate.crt} \
}
tls_privatekey = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{${if exists {/usr/local/vesta/ssl/exim.key.$tls_in_sni} \
{/usr/local/vesta/ssl/exim.key.$tls_in_sni} \
{/usr/local/vesta/ssl/certificate.key} \
}} \
{/usr/local/vesta/ssl/certificate.key} \
}
openssl_options = +no_sslv2 +no_sslv3
tls_require_ciphers = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 1s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
accept
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[#%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[#%!] : ^.*/\\.\\./
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission/domain=
deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
deny message = smtp auth requried
sender_domains = +local_domains
!authenticated = *
require verify = recipient
.ifdef CLAMD
warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes
.endif
.ifdef SPAMASSASSIN
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = spamd:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers
#smarthost:
# driver = manualroute
# domains = ! +local_domains
# transport = remote_smtp
# route_list = * smartrelay.vestacp.com
# no_more
# no_verify
dnslookup:
driver = dnslookup
domains = !+local_domains
transport = remote_smtp
no_more
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
autoreplay:
driver = accept
require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
retry_use_local_part
transport = userautoreply
unseen
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
localuser_fwd_only:
driver = accept
transport = devnull
condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/fwd_only}{true}{false}}}}
localuser_spam:
driver = accept
transport = local_spam_delivery
condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}{yes}{no_such_user}}}}
localuser:
driver = accept
transport = local_delivery
condition = ${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}{true}{false}}
catchall:
driver = redirect
headers_add = X-redirected: yes
require_files = /etc/exim/domains/$domain/aliases
data = ${extract{1}{:}{${lookup{*#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}}}}
file_transport = local_delivery
redirect_router = dnslookup
terminate_alias:
driver = accept
transport = devnull
condition = ${lookup{$local_part#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}{true}{false}}
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports
remote_smtp:
driver = smtp
#helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN
dkim_selector = mail
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed
dkim_strict = 0
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}M
quota_warn_threshold = 75%
local_spam_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}"
quota_warn_threshold = 75%
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
userautoreply:
driver = autoreply
file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
from = "${local_part}#${domain}"
headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
to = "${sender_address}"
devnull:
driver = appendfile
file = /dev/null
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite
######################################################################

Omnet++ UDP and beacon sending (inet/examples/wireless/lan80211)

i have a problem with sending udp datagrams between host's connected to one AccessPoint. Below i show my ned and omnetpp.ini files i use example from inet/examples/wireless/lan80211.
All i want to do is to send beacon frames with some interval and also send UDP datagrams between hosts.
.ned file :
package inet.examples.wireless.lan80211;
import inet.networklayer.autorouting.ipv4.IPv4NetworkConfigurator;
import inet.nodes.inet.WirelessHost;
import inet.nodes.wireless.AccessPoint;
import inet.world.radio.ChannelControl;
network Lan80211
{
parameters:
int numHosts;
submodules:
host[numHosts]: WirelessHost {
#display("r=,,#707070");
wlan[*].mgmtType = "Ieee80211MgmtSTASimplified";
}
ap: AccessPoint {
#display("p=213,174;r=,,#707070");
wlan[*].mgmtType = "Ieee80211MgmtAP";
}
channelControl: ChannelControl {
numChannels = 2;
#display("p=61,46");
}
configurator: IPv4NetworkConfigurator {
config=xml("<config><interface hosts='*' address='145.236.x.x' netmask='255.255.0.0'/></config>");
#display("p=140,50");
}
}
Omnetpp.ini file:
[General]
network = Lan80211
#cmdenv-output-file = omnetpp.log
#debug-on-errors = true
tkenv-plugin-path = ../../../etc/plugins
**.constraintAreaMinX = 0m
**.constraintAreaMinY = 0m
**.constraintAreaMinZ = 0m
**.constraintAreaMaxX = 600m
**.constraintAreaMaxY = 400m
**.constraintAreaMaxZ = 0m
**.debug = true
**.coreDebug = false
**.channelNumber = 1
# channel physical parameters
*.channelControl.carrierFrequency = 2.4GHz
*.channelControl.pMax = 2.0mW
*.channelControl.sat = -110dBm
*.channelControl.alpha = 2
# access point
**.ap.wlan[*].mac.address = "10:00:00:00:00:00" #1=*
**.host[*].**.mgmt.accessPointAddress = "10:00:00:00:00:00"
**.mgmt.frameCapacity = 15
**.mgmt.beaconInterval = 0.04s
# UDP app (host[0] pinged by others)
**.numUdpApps = 2
**.udpApp[1].typename = "UDPBasicApp"
**.udpApp[0].typename = "UDPEchoApp"
**.udpApp[1].localPort = 1000
#**.udpApp[0].destAddresses = "host[0]"
#*Host[*].udpApp[0].typename = "UDPBasicApp"
**.host[0].udpApp[1].destPort = 1000
**.host[1].udpApp[1].destPort = 1000
**.host[0].udpApp[1].destAddresses = "host[1]"
**.host[1].udpApp[1].destAddresses = "host[0]"
**.host[*].udpApp[1].sendInterval = 10ms
# nic settings
**.wlan*.bitrate = 2Mbps
**.mac.address = "auto"
**.mac.maxQueueSize = 14
**.mac.rtsThresholdBytes = 3000B
**.wlan[*].mac.retryLimit = 7
**.wlan[*].mac.cwMinData = 7
**.wlan[*].mac.cwMinBroadcast = 31
**.radio.transmitterPower = 2.0mW
**.radio.carrierFrequency = 2.4GHz
**.radio.thermalNoise = -110dBm
**.radio.sensitivity = -85dBm
**.radio.pathLossAlpha = 2
**.radio.snirThreshold = 4dB
[Config Ping1]
description = "host1 pinging host0"
*.numHosts = 2
[Config Ping2] # __interactive__
description = "n hosts"
I find that when i change the line
wlan[*].mgmtType = "Ieee80211MgmtAP";
in .ned file the datagrams arived from one host to another but then beacon's sending doesn't work.
Also, i get some info from command window during simulation when udp datagram is pending:
** Event #320 T=0.02 Lan80211.host[0].udpApp[1] (UDPBasicApp, id=15), on selfmsg sendTimer' (cMessage, id=10)
** Event #321 T=0.02 Lan80211.host[1].udpApp[1] (UDPBasicApp, id=35), on selfmsgsendTimer' (cMessage, id=21)
** Event #322 T=0.02 Lan80211.host[0].udp (UDP, id=16), on UDPBasicAppData-2' (cPacket, id=304)
Sending app packet UDPBasicAppData-2 over IPv4.
** Event #323 T=0.02 Lan80211.host[1].udp (UDP, id=36), onUDPBasicAppData-2' (cPacket, id=305)
Sending app packet UDPBasicAppData-2 over IPv4.
** Event #324 T=0.02 Lan80211.host[0].networkLayer.ip (IPv4, id=18), on UDPBasicAppData-2' (UDPPacket, id=306)
Sending datagramUDPBasicAppData-2' with dest=145.236.0.2
Routing datagram UDPBasicAppData-2' with dest=145.236.0.2: output interface is wlan0, next-hop address: <unspec>
no next-hop address, using destination address 145.236.0.2 (proxy ARP)
Sending out packet to interface wlan0
** Event #325 T=0.02 Lan80211.host[1].networkLayer.ip (IPv4, id=38), onUDPBasicAppData-2' (UDPPacket, id=307)
Sending datagram UDPBasicAppData-2' with dest=145.236.0.1
Routing datagramUDPBasicAppData-2' with dest=145.236.0.1: output interface is wlan0, next-hop address:
no next-hop address, using destination address 145.236.0.1 (proxy ARP)
Sending out packet to interface wlan0
Any advices?
Thanks,
MB

kannel status denied in playSMS

I'm trying to use playSMS on ubuntu Server 14.04.
I've installed playSMS like show here and I've configurated Kannel like show here.
My /etc/Kannel/kannel.conf is:
# CORE
group = core
admin-port = 13000
admin-password = playsms
status-password = playsms
log-file = /var/log/kannel/kannel.log
log-level = 0
access-log = /var/log/kannel/access.log
smsbox-port = 13001
store-type = file
store-file = /var/log/kannel/kannel.store
smsbox-max-pending = 100
# SMSBOX
group = smsbox
bearerbox-host = localhost
bearerbox-port = 13001
sendsms-port = 13131
sendsms-chars = "0123456789+"
log-file = /var/log/kannel/smsbox.log
log-level = 0
global-sender = "isi dengan sms center"
access-log = /var/log/kannel/access.log
#SMSC MODEM GSM
group = smsc
smsc = at
port = 13013
host = localhost
smsc-id = modex
modemtype = auto
device = /dev/ttyUSB0
sms-center = "+393359609600"
speed = 230400
# GROUP MODEM
group = modems
id = siemens_mc35i
name = "SIEMENS MC35i"
detect-string = "SIEMENS"
detect-string2 = "MC35i"
init-string = "AT+CNMI=1,2,0,1,1"
speed = 230400
enable-hwhs = "AT\\Q3"
need-sleep = true
# SENDSMS-USER
group = sendsms-user
default-smsc = default
username = playsms
password = playsms
max-messages = 10
concatenation = true
# SMS SERVICE 'default'
group = sms-service
keyword = default
accept-x-kannel-headers = true
max-messages = 0
assume-plain-text = true
catch-all = true
get-url = "http://localhost/playsms/index.php?app=call&cat=gateway&plugin=kannel&access=geturl&t=%t&q=%q&a=%a&Q=%Q"
But when I login in playsms application my sms go into queque and I can see they in Outgoing SMS with yellow box.
If i go to Administration -> Manage gateway -> Kannel -> Manage kannel, the kannel status is denied.
Someone can help me please?

make sure your Kannel is running, you can do ps ax and tail Kannel log to see whether or not the Kannel runs properly.
ps ax | grep box
tail -f /var/log/kannel/kannel.log
once you know that Kannel is running then login to your playSMS web, through menu: Administration -> Manage gateway -> Kannel -> Manage kannel, you need to set Kannel admin port and Kannel admin password, which according to your kannel.conf they are:
admin-port = 13000
admin-password = playsms

try to check this link url of kannel status in the browser :
there is the link :
http://localhost:13000/status?password=playsms

How to send and receive USSD by using kannel

I am new in USSD but i am already sending message using Kannel 1.5.4 since long.
I want send/receive USSD request by using kannel. I have smpp v5 account for the same.
It's better if anyone help me by configuration file.
my configuration file is:
#SMSC CONNECTIONS
group = smsc
smsc = smpp
smsc-id = USSD-ACC
host= 10.*.*.*
port= 1234
transceiver-mode=true
smsc-username = "USER"
smsc-password = "PWD"
system-type = ""
interface-version=34
source-addr-ton=5
source-addr-npi=0
dest-addr-ton=0
dest-addr-npi=1
max-pending-submits=10
wait-ack=600
wait-ack-expire=0x01
# SMSBOX SETUP
group = smsbox
bearerbox-host = localhost
sendsms-port = 12345
sendsms-chars = "0123456789 +-"
log-file = "/tmp/kannel_smsbox.log"
log-level = 3
# SERVICES
group = sms-service
keyword = default
get-url = "http://localhost/request.php?MNO=%p&SHORTCODE=%P&CONTENT=%a"
name="*123#"
max-messages=0
group = sendsms-user
username = ussd
password = ussd
user-deny-ip = *.*.*.*"
user-allow-ip = "127.0.0.1"
max-messages = 5
concatenation = true
default-sender = "123"

Seems like you need to use smpp-tlv section to pass ussd_service_op TLV to/from USSDC.
See this link for configuration examples: