#2153 2 Bugs in IPF Module

1.210
closed
Jamie Cameron
5
2005-07-09
2005-07-08
Mal
No

System: FreeBSD (i386 ver. 5.4) using latest version of webmin.

Bug 1:
If you choose "Activate at boot" then the script /etc/webmin/init/
webmin-ipfilter.sh is added to /etc/rc.local and /etc/rc.shutdown.
Inside that script, the syntax for the command is wrong.

It is:
/sbin/ipfstat -F a
But ipfstat doesn't allow any "-F" option (at least in FreeBSD), so it
shows an error on startup.

Bug2:
When adding a new rule with a "Packet source -> Hostname or
address" that has an ip address that has a network prefix (example
192.168.1.0/24) using webmin (with Safari in Mac OS X at least), it
gets added in a strange way that ruins the syntax of the ipf rules file,
and prevents ipf from starting at all.
Example:
Try to add rule
"pass in quick on fxp0 from 192.168.1.0/24 to any"
using the GUI and it gets entered in the ipf.conf file as:
"pass in quick on fxp0 from 192.168.1.0 / 24 to any"
(space either side of the slash)

Discussion

  • Jamie Cameron
    Jamie Cameron
    2005-07-09

    • status: open --> closed
     
  • Jamie Cameron
    Jamie Cameron
    2005-07-09

    Logged In: YES
    user_id=129364

    Thanks for pointing these out. Bug 1 is definately an error,
    and will be fixed in the next release of Webmin. Bug 2 is
    odd, as it works OK for me on Solaris .. but since the
    format with no space works too, I will switch to this in the
    next release.

     
  • Mal
    Mal
    2005-07-09

    Logged In: YES
    user_id=1309658

    Great, thank you very much. We all appreciate your hard work on
    Webmin, its awesome.
    Yes, the format with the spaces before and after the slash definately
    doesnt work here. A fix would be nice. Thanks again!