Here are the rules from /etc/vuurmuur/textdir/rules -- more rules.conf | grep
bit
RULE=";Portfw service bit from internet.inet to wireless.inside.lan options
log,loglimit=\"30\",logprefix=\"BIT\",in_max=\"16000kbit\",out_max=\"16000kbit\",in_min=\"8400kbit\",out_min=\"8400kbit\""
RULE=";Accept service bit from internet.inet to wireless.inside.lan options
log,loglimit=\"30\",logprefix=\"BIT\",in_max=\"16000kbit\",out_max=\"16000kbit\",in_min=\"8400kbit\",out_min=\"8400kbit\""
RULE="Snat service IPSEC from inside.lan to internet.inet options
log,loglimit=\"30\",in_max=\"24000kbit\",out_max=\"24000kbit\",in_min=\"16000kbit\",out_min=\"16000kbit\",prio=\"1\""
RULE="Accept service IPSEC from inside.lan to internet.inet options
log,loglimit=\"30\",in_max=\"24000kbit\",out_max=\"16000kbit\",in_min=\"16000kbit\",out_min=\"16000kbit\",prio=\"1\""
RULE="Accept service ssh from any to any options
log,loglimit=\"10\",in_max=\"1000kbit\",out_max=\"1000kbit\",in_min=\"1000kbit\",out_min=\"1000kbit\",prio=\"1\""
They are currently disabled:
r...@mdrons:~# iptables -L | grep 19100
r...@mdrons:~#
-- Expected output
now enter vuurmuur_conf and enable the 2 rules and press F11.
r...@mdrons:~# vuurmuur_conf
r...@mdrons:~# iptables -L | grep 19100
r...@mdrons:~#
-- Stll no rules... I expect iptables to list something.
restart vuurmuur:
r...@mdrons:~# /etc/rc.d/vuurmuur restart
Stopping firewall Vuurmuur:
Vuurmuur: stopped.
Vuurmuur_log: stopped.
Stopping firewall Vuurmuur: done.
Starting firewall: Vuurmuur:
Loading Vuurmuur: ok.
Loading Vuurmuur_log: ok.
Starting firewall: Vuurmuur: done
Now check the iptables:
r...@mdrons:~# iptables -L | grep 19100
LOG tcp -- anywhere 10.100.10.33 tcp
spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN limit: avg 30/sec burst 60
state NEW LOG level info prefix `vrmr: PORTFW BIT '
NEWACCEPT tcp -- anywhere 10.100.10.33 tcp
spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN state NEW
LOG tcp -- anywhere 10.100.10.33 tcp
spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN limit: avg 30/sec burst 60
state NEW LOG level info prefix `vrmr: ACCEPT BIT '
NEWACCEPT tcp -- anywhere 10.100.10.33 tcp
spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN state NEW
If I disable the rules in vuurmuur_conf and press F11 the rules dont get
removed.
Thanks, Mike
----- Original Message ----
From: Victor Julien <[email protected]>
To: [email protected]
Sent: Friday, February 13, 2009 3:10:18 PM
Subject: Re: [Vuurmuur-users] New Bug in 0.7beta3 ??
Hi Mike, can you be a little more specific? What do the rules look like?
Cheers,
Victor
Michael Drons wrote:
> If I make a change to a rule and then press F11 to update the rules, I still
> see the rule in the iptables (using iptables -L). But if I restart vuurmuur
> then the rule changes take effect.
>
> Thanks, Mike
>
>
>
>
>
> ------------------------------------------------------------------------------
> Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
> -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
> -Strategies to boost innovation and cut costs with open source participation
> -Receive a $600 discount off the registration fee with the source code: SFAD
> http://p.sf.net/sfu/XcvMzF8H
> _______________________________________________
> Vuurmuur-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Vuurmuur-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Vuurmuur-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
