Mike, I can't reproduce this problem here. Could you rerun the steps below and send me all log lines from vuurmuur.log, error.log and audit.log that were added? I'm hoping to find some clues there!
Cheers, Victor Michael Drons wrote: > Here are the rules from /etc/vuurmuur/textdir/rules -- more rules.conf | grep > bit > RULE=";Portfw service bit from internet.inet to wireless.inside.lan options > log,loglimit=\"30\",logprefix=\"BIT\",in_max=\"16000kbit\",out_max=\"16000kbit\",in_min=\"8400kbit\",out_min=\"8400kbit\"" > RULE=";Accept service bit from internet.inet to wireless.inside.lan options > log,loglimit=\"30\",logprefix=\"BIT\",in_max=\"16000kbit\",out_max=\"16000kbit\",in_min=\"8400kbit\",out_min=\"8400kbit\"" > RULE="Snat service IPSEC from inside.lan to internet.inet options > log,loglimit=\"30\",in_max=\"24000kbit\",out_max=\"24000kbit\",in_min=\"16000kbit\",out_min=\"16000kbit\",prio=\"1\"" > RULE="Accept service IPSEC from inside.lan to internet.inet options > log,loglimit=\"30\",in_max=\"24000kbit\",out_max=\"16000kbit\",in_min=\"16000kbit\",out_min=\"16000kbit\",prio=\"1\"" > RULE="Accept service ssh from any to any options > log,loglimit=\"10\",in_max=\"1000kbit\",out_max=\"1000kbit\",in_min=\"1000kbit\",out_min=\"1000kbit\",prio=\"1\"" > > They are currently disabled: > r...@mdrons:~# iptables -L | grep 19100 > r...@mdrons:~# > -- Expected output > > now enter vuurmuur_conf and enable the 2 rules and press F11. > > r...@mdrons:~# vuurmuur_conf > r...@mdrons:~# iptables -L | grep 19100 > r...@mdrons:~# > -- Stll no rules... I expect iptables to list something. > > > restart vuurmuur: > r...@mdrons:~# /etc/rc.d/vuurmuur restart > Stopping firewall Vuurmuur: > Vuurmuur: stopped. > Vuurmuur_log: stopped. > Stopping firewall Vuurmuur: done. > Starting firewall: Vuurmuur: > Loading Vuurmuur: ok. > Loading Vuurmuur_log: ok. > Starting firewall: Vuurmuur: done > > Now check the iptables: > r...@mdrons:~# iptables -L | grep 19100 > LOG tcp -- anywhere 10.100.10.33 tcp > spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN limit: avg 30/sec burst > 60 state NEW LOG level info prefix `vrmr: PORTFW BIT ' > NEWACCEPT tcp -- anywhere 10.100.10.33 tcp > spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN state NEW > LOG tcp -- anywhere 10.100.10.33 tcp > spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN limit: avg 30/sec burst > 60 state NEW LOG level info prefix `vrmr: ACCEPT BIT ' > NEWACCEPT tcp -- anywhere 10.100.10.33 tcp > spts:1024:65535 dpt:19100 flags:FIN,SYN,RST,ACK/SYN state NEW > > If I disable the rules in vuurmuur_conf and press F11 the rules dont get > removed. > > Thanks, Mike > > > > > > > ----- Original Message ---- > From: Victor Julien <[email protected]> > To: [email protected] > Sent: Friday, February 13, 2009 3:10:18 PM > Subject: Re: [Vuurmuur-users] New Bug in 0.7beta3 ?? > > Hi Mike, can you be a little more specific? What do the rules look like? > > Cheers, > Victor > > Michael Drons wrote: >> If I make a change to a rule and then press F11 to update the rules, I still >> see the rule in the iptables (using iptables -L). But if I restart vuurmuur >> then the rule changes take effect. >> >> Thanks, Mike >> >> >> >> >> >> ------------------------------------------------------------------------------ >> Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA >> -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise >> -Strategies to boost innovation and cut costs with open source participation >> -Receive a $600 discount off the registration fee with the source code: SFAD >> http://p.sf.net/sfu/XcvMzF8H >> _______________________________________________ >> Vuurmuur-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users > > > ------------------------------------------------------------------------------ > Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA > -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise > -Strategies to boost innovation and cut costs with open source participation > -Receive a $600 discount off the registration fee with the source code: SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Vuurmuur-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/vuurmuur-users > > > > > > ------------------------------------------------------------------------------ > Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA > -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise > -Strategies to boost innovation and cut costs with open source participation > -Receive a $600 discount off the registration fee with the source code: SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Vuurmuur-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/vuurmuur-users ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
