This is my first experience with ISPConfig. I can't get DNS to work. I will describe everything... OS: Ubuntu 16.04 ISPConfig Version: 3.1.6 Output of dig @localhost any mydomain.com: Code: ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @localhost any mydomain.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 15551 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mydomain.com. IN ANY ;; Query time: 3000 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Aug 07 07:20:01 UTC 2017 ;; MSG SIZE rcvd: 45 UFW Firewall is enabled and all standard ports (Including 53 TCP & UDP) are open. Here's IPTables: hastebin.com/oruqinadun.sql Here's UFW: I am to connect to port 53 via telnet using any of the IPs of my server (There are 3 IPs). If I run rndc dumpdb -all && cat /var/cache/bind/named_dump.db I do see mydomain.com zone in the output file named_dump.db. However, some records seem to be missing. I see the A and NS records for ns1 and ns2 and the A record for mydomain.com. I don't see www and the A record for the hostname (web1.mydomain.com) or any other. I do have the proper glue records at my registrar for ns1 and ns2. I keep checking whatsmydns.net/#A/ns1.mydomain.com and for days it has only showed two locations on the other side of the world with the correct IP address for the record. It's not being properly cached at all other places. I think it's some fluke that it works for those 2. My glue records have been in place for going on 3 days now so it's not that. Something is wrong on my server. I have listed my domain and some of the records here as to not post it in the main thread: hastebin.com/vomebarepo.css need help! much appreciated.
At the ISP where you bought the domain, where did you point the NS to? Did you point them to your ISPConfig? Doing a DIG on your domain and the nameservers, i do get a record, but it contains no ip adress. So when browsing to the domain, my system does not know where to go.
At my registrar, I set the glue records to 2 IP addresses of my server: ns1: 173.255.229.167 ns2: 172.104.10.208 In my ISPConfig, I added A records for ns1 and ns2. For my main domain at the registrar, I changed the custom nameservers to my ns1 and ns2.
How long ago did you do this? And are you running mutli-server setup (panel,mail,web,db,dns1,dsn2) or single (panel-web-mail-db-dns1,dns2)?
I did the glue records about 3 days ago. I put the server up a few hours ago. It's 1 server. I'm trying to get it all to work on 1 server before I go and cluster the DNS.
There is a problem in the local dns record. Post a screenshot of the records page of the dns zone that you created. The most common issues are missing A-records for the NS records or you missed to add a dot after a FQDN.
This looks fine so far, it should return the zone when you run this command on the server itself: dig @localhost synthetisoft.com
It doesn't though. I get this: Code: ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @localhost synthetisoft.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1183 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;synthetisoft.com. IN A ;; Query time: 3000 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Aug 08 10:10:32 UTC 2017 ;; MSG SIZE rcvd: 45
Does the zone file of this zne in /etc/bind/ has a .err file ending? Is the zone file included in the /etc/bind/named.conf.local file?
Let's see what we have.... Code: root@web1:/etc/bind# ls -l total 68 -rw-r--r-- 1 root root 2389 Jun 29 13:34 bind.keys -rw-r--r-- 1 root root 237 Jun 29 13:34 db.0 -rw-r--r-- 1 root root 271 Jun 29 13:34 db.127 -rw-r--r-- 1 root root 237 Jun 29 13:34 db.255 -rw-r--r-- 1 root root 353 Jun 29 13:34 db.empty -rw-r--r-- 1 root root 270 Jun 29 13:34 db.local -rw-r--r-- 1 root root 3171 Jun 29 13:34 db.root -rw-r--r-- 1 root bind 616 Aug 7 13:00 Ksynthetisoft.com.+007+15938.key -rw------- 1 root bind 1779 Aug 7 13:00 Ksynthetisoft.com.+007+15938.private -rw-r--r-- 1 root bind 463 Jun 29 13:34 named.conf -rw-r--r-- 1 root bind 490 Jun 29 13:34 named.conf.default-zones -rw-r--r-- 1 root bind 1 Aug 7 08:25 named.conf.local -rw-r--r-- 1 root bind 933 Aug 7 05:49 named.conf.options -rw-r--r-- 1 root bind 867 Aug 7 08:25 pri.synthetisoft.com -rw-r----- 1 bind bind 77 Aug 7 05:48 rndc.key drwxrws--- 2 root bind 4096 Aug 7 05:49 slave -rw-r--r-- 1 root root 1317 Jun 29 13:34 zones.rfc1918 ------------------------ Code: root@web1:/etc/bind# cat pri.synthetisoft.com $TTL 3600 @ IN SOA ns1.synthetisoft.com. admin.synthetisoft.com. ( 2017080719 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 3600 ) ; minimum, seconds ; synthetisoft.com. 3600 A 45.79.179.150 www 3600 A 45.79.179.150 mail 3600 A 45.79.179.150 synthetisoft.com. 3600 NS ns1.synthetisoft.com. synthetisoft.com. 3600 NS ns2.synthetisoft.com. synthetisoft.com. 3600 MX 10 mail.synthetisoft.com. synthetisoft.com. 3600 TXT "v=spf1 mx a ~all" ns1 3600 A 173.255.229.167 ns2 3600 A 172.104.10.208 web1 3600 A 45.79.179.150 ------------------------- named.conf.local is empty. Code: root@web1:/etc/bind# cat named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; --------------------------- Code: root@web1:/etc/bind# cat named.conf // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; if I do rndc dumpdb -all I get the following matches for "synth" in my /var/cache/bind/named_dump.db: Code: synthetisoft.com. 71597 NS ns1.synthetisoft.com. 71597 NS ns2.synthetisoft.com. ; glue ns1.synthetisoft.com. 71597 A 173.255.229.167 ; glue ns2.synthetisoft.com. 71597 A 172.104.10.208 ; glue
I also turned on debug logging but don't see anything in Monitor overview but I do see in System Messages: Code: Aug 8 13:15:52 web1 named[3711]: client 172.217.32.132#36536 (synthetisoft.com): query (cache) 'synthetisoft.com/NS/IN' denied Aug 8 13:15:52 web1 named[3711]: client 172.217.32.141#52627 (synthetisoft.com): query (cache) 'synthetisoft.com/TXT/IN' denied Aug 8 13:15:52 web1 named[3711]: client 74.125.190.6#57494 (synthetisoft.com): query (cache) 'synthetisoft.com/MX/IN' denied Aug 8 13:15:52 web1 named[3711]: client 74.125.190.27#35239 (synthetisoft.com): query (cache) 'synthetisoft.com/SOA/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.129#33390 (synthetisoft.com): query (cache) 'synthetisoft.com/NS/IN' denied Aug 8 13:15:53 web1 named[3711]: client 74.125.190.7#51827 (synthetisoft.com): query (cache) 'synthetisoft.com/TXT/IN' denied Aug 8 13:15:53 web1 named[3711]: client 74.125.190.29#54333 (synthetisoft.com): query (cache) 'synthetisoft.com/MX/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.129#43497 (synthetisoft.com): query (cache) 'synthetisoft.com/SOA/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.142#57719 (synthetisoft.com): query (cache) 'synthetisoft.com/NS/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.137#46322 (synthetisoft.com): query (cache) 'synthetisoft.com/TXT/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.129#64940 (synthetisoft.com): query (cache) 'synthetisoft.com/MX/IN' denied Aug 8 13:15:53 web1 named[3711]: client 74.125.190.7#52674 (synthetisoft.com): query (cache) 'synthetisoft.com/SOA/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.138#36252 (synthetisoft.com): query (cache) 'synthetisoft.com/NS/IN' denied Aug 8 13:15:53 web1 named[3711]: client 172.217.32.137#58836 (synthetisoft.com): query (cache) 'synthetisoft.com/TXT/IN' denied Aug 8 13:15:56 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:15:56 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:15:56 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:15:56 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:15:56 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:16:01 web1 CRON[6368]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:16:01 web1 CRON[6367]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:16:08 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:aa:c1:08:00 SRC=31.162.134.128 DST=172.104.10.208 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=16638 PROTO=TCP SPT=56042 DPT=23 WINDOW=63426 RES=0x00 SYN URGP=0 Aug 8 13:16:16 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:16:16 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:16:16 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:16:16 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:16:16 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:16:33 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=222.188.98.42 DST=173.255.229.167 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=52578 PROTO=TCP SPT=15316 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 8 13:16:36 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:16:36 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:16:36 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:16:36 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:16:36 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:16:56 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=5.141.204.87 DST=45.79.179.150 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=5488 PROTO=TCP SPT=50130 DPT=23 WINDOW=33710 RES=0x00 SYN URGP=0 Aug 8 13:16:58 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:16:59 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:16:59 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:16:59 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:16:59 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:17:01 web1 CRON[6415]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Aug 8 13:17:01 web1 CRON[6416]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:17:01 web1 CRON[6421]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:17:13 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=71.6.146.185 DST=173.255.229.167 LEN=40 TOS=0x08 PREC=0x20 TTL=113 ID=64983 PROTO=TCP SPT=20012 DPT=8443 WINDOW=54239 RES=0x00 SYN URGP=0 Aug 8 13:17:19 web1 postfix/anvil[4408]: statistics: max connection rate 4/60s for (submission:46.183.220.71) at Aug 8 13:07:53 Aug 8 13:17:19 web1 postfix/anvil[4408]: statistics: max connection count 1 for (submission:46.183.220.71) at Aug 8 13:07:38 Aug 8 13:17:21 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=222.209.200.74 DST=45.79.179.150 LEN=44 TOS=0x00 PREC=0x00 TTL=235 ID=40383 PROTO=TCP SPT=57087 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 8 13:17:24 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
continued: Code: Aug 8 13:17:24 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:17:24 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:17:24 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:17:24 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:17:31 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=112.213.88.247 DST=172.104.10.208 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=38130 PROTO=TCP SPT=53762 DPT=2222 WINDOW=19929 RES=0x00 SYN URGP=0 Aug 8 13:17:31 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=201.173.64.62 DST=173.255.229.167 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=20732 PROTO=TCP SPT=65019 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 Aug 8 13:17:46 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:17:46 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:17:46 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:17:46 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:17:46 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:17:52 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=188.158.180.66 DST=172.104.10.208 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=62507 PROTO=TCP SPT=53077 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 8 13:18:01 web1 CRON[6443]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:18:01 web1 CRON[6444]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:18:06 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:18:07 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:18:07 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:18:07 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:18:07 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:18:30 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=31.206.219.44 DST=173.255.229.167 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=12701 PROTO=TCP SPT=42745 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 Aug 8 13:18:31 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:18:31 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:18:31 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:18:33 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:18:33 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:18:50 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:18:50 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:18:50 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:18:50 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:18:50 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:19:01 web1 CRON[6467]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:19:01 web1 CRON[6466]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:19:10 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:aa:c1:08:00 SRC=123.249.12.233 DST=45.79.179.150 LEN=36 TOS=0x00 PREC=0x00 TTL=45 ID=0 DF PROTO=UDP SPT=47442 DPT=123 LEN=16 Aug 8 13:19:12 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:19:12 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:19:12 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:19:12 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:19:12 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:19:14 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:aa:c1:08:00 SRC=51.15.37.31 DST=45.79.179.150 LEN=433 TOS=0x08 PREC=0x20 TTL=50 ID=47788 DF PROTO=UDP SPT=5553 DPT=5095 LEN=413 Aug 8 13:19:23 web1 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=f2:3c:91:fb:bb:02:84:78:ac:57:a8:41:08:00 SRC=91.211.2.108 DST=173.255.229.167 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=35755 PROTO=TCP SPT=48236 DPT=6000 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 8 13:19:37 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:19:38 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:19:38 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:19:38 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:19:38 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:19:56 web1 postfix/submission/smtpd[5930]: warning: unknown[46.183.220.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 8 13:19:56 web1 postfix/submission/smtpd[5930]: lost connection after AUTH from unknown[46.183.220.71] Aug 8 13:19:56 web1 postfix/submission/smtpd[5930]: disconnect from unknown[46.183.220.71] ehlo=2 starttls=1 auth=0/1 commands=3/4 Aug 8 13:19:56 web1 postfix/submission/smtpd[5930]: warning: hostname ip-220-71.dataclub.biz does not resolve to address 46.183.220.71: Name or service not known Aug 8 13:19:56 web1 postfix/submission/smtpd[5930]: connect from unknown[46.183.220.71] Aug 8 13:20:01 web1 CRON[6480]: (root) CMD (/usr/local/ispconfig/server/cron.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:20:01 web1 CRON[6481]: (root) CMD (/usr/local/ispconfig/server/server.sh 2>&1 | while read line; do echo `/bin/date` "$line" >> /var/log/ispconfig/cron.log; done) Aug 8 13:20:01 web1 CRON[6482]: (getmail) CMD (/usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null)
ISPConfig uses the standard Linux cron system of your server and the entries of the server.sh are in the root crontab. You can check and edit the root crontab on a Linux system with the command: crontab -e
The logs you posted are not from ISPConfig, what you posted is the Linux syslog. To debug ISPConfig, follow the debug instructions: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/