Hi,
I have found a bug with the ipfw module.
If I install rule with command line and if this rule include a table when I click to "revert configuration" button, rule appear well, but after I can't "apply configuration" the error message is:
Failed to apply configuration : /sbin/ipfw add 00010 deny ip from table(1) to any failed :
To reproduce the bug try this:
Clean all rule with command line with:
ipfw -q -f flush
insert this rule with command line:
ipfw table 1 add 127.0.0.2
ipfw add 10 deny ip from 'table(1)' to any
and then click to "revert configuration" on the webmin interface, rule appear.
Finaly click to "apply configuration".
My system is:
FreeBSD 9.1
Webmin 1.660
What happens if you run :
ipfw add 10 deny ip from "table(1)" to any
as root from the shell .. does that succeed, and if not what error message do you get?
this command ( ipfw add 10 deny ip from "table(1)" to any ) works fine.
What if you run the command :
ipfw /etc/webmin/ipfw/ipfw.rules
(assuming that /etc/webmin/ipfw/ipfw.rules is the file you manually added the rule to)
If i try your command I have this error:
root@xxxxx:/root # ipfw /usr/local/etc/webmin/ipfw/ipfw.rules
Line 1: bad command `deny'
rules in this file are:
00010 deny ip from table(1) to any
65535 allow ip from any to any
Do you have quotes around table(1) or not? If so, you should remove them from the ipfw.rules file - they aren't necessary, even though they are needed if you add that rule from the command line.
table(1) isn't quoted but this the problem.
When I quote table(1) in the file all works fine, but if table(1) isn't quoted in the file I have an error when i try to click "apply configuration" on webmin interface.
And when I click to "revert button" on the interface, rules added on the file but table(1) isn't quoted so when i click "apply configuration" error appear.
Ok, I am doing some tests with this now. Are you running IPFW version 1 or 2 there? The version should be displayed at the top of the "BSD Firewall" module.
Version 1
otherwise is it possible to add a button to edit directly the file (/usr/local/etc/webmin/ipfw/ipfw.rules) which store the ipfw configuration such as other module than apache, sendmail etc...
Ok, I see the bug that causes this now - this will be fixed in the next Webmin release.