Lonnie,
[I'm taking the thread back onto the list]
Correcting the NAT rules fixed the problem w/ Arno, at least for my local
system. I will trouble shoot the remote box next.
Even after correcting the f/w problem and rebooting, my Sangoma board is still
disconnected:
pbx ~ # wanrouter status
Devices currently active:
wanpipe1
Wanpipe Config:
Device name | Protocol Map | Adapter | IRQ | Slot/IO | If's | CLK | Baud rate |
wanpipe1 | N/A | A200/400/600| 10 | 14 | 0 | N/A | 0
|
Wanrouter Status:
Device name | Protocol | Station | Status |
wanpipe1 | A-ANALOG | N/A | Disconnected |
I should also see a wag i/f via ifconfig and I don't. Any ideas? Especially if
this is a legit problem w/ the beta release, I'd like to help out anyway I can,
but I do need to get the phones online in my house by tomorrow.
-tm
-----Original Message-----
From: Lonnie Abelbeck [mailto:[email protected]]
Sent: Saturday, November 14, 2009 6:01 PM
To: Tom Mazzotta
Subject: Re: [Astlinux-users] Astlinux-0.7 Upgrade?
Tom,
For your NAT -> DMZ, the Destination must be a single IP address not network
notation, so use 192.168.169.101 and not 192.168.169.101/32.
So, click on the " + " by the NAT -> DMZ entries, delete the /32 for the
destination, save settings, and then delete the previous entry... all for each
NAT entry.
Then restart the firewall...
Let me know if that fixes your firewall errors.
Now for the Sangoma, was you 0.7-beta built with wanpipe support? I know
basically nothing about Sangoma hardware, Darrick knows much more than I on
that. But we need to get this working. Could this be related to your firewall
problems?
If you need to revert back, you should be able to use the System tab and
"Revert to Previous" {Firmware}, after the reboot, then follow the same
firewall 'upgrade' procedure for 0.7 to 0.6 as you did form 0.6 to 0.7.
Lonnie
On Nov 14, 2009, at 4:31 PM, Tom Mazzotta wrote:
> Lonnie,
>
> I believe the problem is due to NAT -> DMZ port forwarding rules. Below you
> will find the errors. If I disable the rules and restart the f/w, I do not
> get the "Action Failed" warning. I don't understand why I have the problem;
> my DMZ i/f (eth3) is 192.168.169.1 and I am forwarding ports to an Xbox360 on
> the DMZ at 192.168.169.101. The Xbox is mapped to that IP via its MAC using
> the "DNS Forwarder Hosts" form.
>
> Now the BIG problem is that my Sangoma board no longer functions following
> the upgrade. I have 2x FXO's connected to POTS lines from my cable modem
> service and 2x FXS ports connected to outside doorbell boxes. I can make
> extension calls via SIP without any problem in the house, however, I can't
> make/receive an outside call OR use the intercom on the doorbell boxes. FYI,
> the wanpipe1.conf file that I originally prepared using a FreeBSD system is
> still in the wanpipe directory following the upgrade. Unless I can get this
> fixed pretty quickly, I will need to rollback to 0.6.8. I can only endure the
> screaming from my wife for so long.
>
>
> -----Original Message-----
> From: Lonnie Abelbeck [mailto:[email protected]]
> Sent: Saturday, November 14, 2009 4:20 PM
> To: AstLinux Users Mailing List
> Subject: Re: [Astlinux-users] Astlinux-0.7 Upgrade?
>
> Tom,
>
> No, I need the "arno-iptables-firewall restart" output to dig further.
>
> Lonnie
>
>
> On Nov 14, 2009, at 2:53 PM, Tom Mazzotta wrote:
>
>> Lonnie,
>>
>> I have only two uncommented lines in my user.conf to bridge 2 NIC's for my
>> LAN i/f:
>>
>> BRIDGE0="eth1 eth2"
>> INTIF=br0
>>
>> Could this be the cause of the problem?
>>
>> -tm
>>
>> -----Original Message-----
>> From: Lonnie Abelbeck [mailto:[email protected]]
>> Sent: Saturday, November 14, 2009 12:14 PM
>> To: AstLinux Users Mailing List
>> Subject: Re: [Astlinux-users] Astlinux-0.7 Upgrade?
>>
>> Tom,
>>
>> OK, your firewall has been upgraded properly.
>>
>> Here is the deal... 0.7 uses Arno's firewall 1.9.x, whereas 0.6 used Arno's
>> firewall 1.8.x which have different variable definitions and formats. It is
>> critical that in the 0.6 to 0.7 transition a Firewall sub-tab "Save
>> Settings" is performed before the {Upgrade/Restart Firewall}. This is a
>> once-in-a-lifetime thing, for only the 0.6 to 0.7 transition of the firewall.
>>
>> One of the new features of the new 1.9.x Arno firewall script, if any of the
>> variable definitions generates an iptables error, that error result code
>> will return on a firewall start or restart, which is why you are seeing
>> "Action Failed".
>>
>> To be absolutely sure, do a Firewall sub-tab "Save Settings" and then
>> "{Restart Firewall} |x| Confirm" and see if you are still getting an "Action
>> Failed".
>>
>> If there is still an error, go to the command line and issue...
>>
>> $ arno-iptables-firewall restart
>>
>> and either post the output here, or me privately... obscuring any IP's you
>> don't want to share.
>>
>>
>> If by chance you entered any Arno script variables in the Network tab ->
>> User System Variables: (user.conf) then that could be the problem, and they
>> would have to be updated to 1.9.x format manually.
>>
>> Lonnie
>>
>>
>> On Nov 14, 2009, at 9:24 AM, Tom Mazzotta wrote:
>>
>>> Darrick,
>>>
>>> I did a "save" on the firewall page following the upgrade from 0.6.8 to 0.7
>>> as documented in the post I read from the email archive. However, when I
>>> upgraded from 0.6.7 to 0.6.8 last week I don't recall ever saving on the
>>> firewall page (and I didn't make any firewall changes during that time
>>> period). Did I need to do a save at that time? Could that have caused the
>>> problem?
>>>
>>> -tm
>>>
>>> -----Original Message-----
>>> From: Darrick Hartman [mailto:[email protected]]
>>> Sent: Saturday, November 14, 2009 2:40 AM
>>> To: AstLinux Users Mailing List
>>> Subject: Re: [Astlinux-users] Astlinux-0.7 Upgrade?
>>>
>>> Tom,
>>>
>>> After you upgrade the firewall, make sure you 'save' your firewall rules
>>> on the firewall page. Then restart the firewall.
>>>
>>> Darrick
>>>
>>> Tom Mazzotta wrote:
>>>> FYI, I upgraded two net5501's from 0.6.8 to 0.7 using the procedure
>>>> documented in the mail archive. However, for the step: "Firewall sub-tab
>>>> -> {Upgrade/Restart Firewall} |x| Confirm" I got an "Action Failed" result
>>>> in both cases. After rebooting astlinux the system seems to be running,
>>>> however, should I be concerned about the failure during this procedure? Is
>>>> there any way to check if the firewall was upgraded properly?
>>>>
>>>> -----Original Message-----
>>>> From: Lonnie Abelbeck [mailto:[email protected]]
>>>> Sent: Friday, November 13, 2009 10:46 AM
>>>> To: AstLinux Users Mailing List
>>>> Subject: Re: [Astlinux-users] Astlinux-0.7 Upgrade?
>>>>
>>>>
>>>> On Nov 13, 2009, at 9:29 AM, Tom Mazzotta wrote:
>>>>
>>>>> Is there a way to upgrade from 0.6.8 to 0.7 (via GUI or CLI) at this
>>>>> point, or do we need to re-flash the image and restore our config from a
>>>>> backup?
>>>>>
>>>>> Sorry if this has already been covered on the list in a post that I
>>>>> missed.
>>>>
>>>>
>>>> Tom,
>>>>
>>>> Yes, you can very easily upgrade from 0.6.x to 0.7, the link below is the
>>>> GUI method posted previously.
>>>>
>>>> http://sourceforge.net/mailarchive/message.php?msg_name=BACD0145-6BAB-4671-A409-2F6C9C4C5F40%40lonnie.abelbeck.com
>>>>
>>>> Lonnie
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
>> trial. Simplify your report design, integration and deployment - and focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now. http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> Astlinux-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> [email protected].
>>
>>
>> ------------------------------------------------------------------------------
>> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
>> trial. Simplify your report design, integration and deployment - and focus
>> on
>> what you do best, core application coding. Discover what's new with
>> Crystal Reports now. http://p.sf.net/sfu/bobj-july
>> _______________________________________________
>> Astlinux-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> [email protected].
>>
>>
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now. http://p.sf.net/sfu/bobj-july
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
>
>
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
