-
Sorry, i'm too use to it being called openprojects; it's freenode :)
2009-11-05 14:29:09 UTC in Firewall Builder
-
I just started a #fwbuilder-users channel on openprojects irc. I'm not a fwbuilder dev or admin, but I do use it often and if we can get others to lurk on the channel we may have a decent place to bounce questions off other fwbuilder users (hence the -users) :)
Be sure to continue to post issues/problems/questions to the forums as that is the real place to get solid answers from the dev team.
2009-11-05 14:26:06 UTC in Firewall Builder
-
So the issue is that /bin/sh can not handle an empty function. Even if the code is not "good" it needs to have something (which is why I added simple echo command).
The reason it had problems for me is that I manually load modules & interfaces are configured by cluster sw; so those functions were not activated in fwbuilder & therefore empty.
I only patched the skeleton scripts that I used...
2009-11-05 14:17:45 UTC in Firewall Builder
-
OK I found that if I patched the script skeleton and put simple echo statement in the empty functions it would run fine.
dmz@ralfthewise:~/src/fwbuilder/1678/fwbuilder-3.1.0/src$ diff res/configlets/sveasoft/script_skeleton /tmp/script_skeleton 16a17
> echo "Loading Modules" 19a21
> echo "Verifying Interfaces" 38a41
> echo "Configuring Interfaces" 46a50
> echo "IP...
2009-11-05 14:11:56 UTC in Firewall Builder
-
I was just testing fwbuilder 3.1 and the generated fw script had the following error:
236: Syntax error: "}" unexpected
I have 14 firewalls and it is the same error on all of them.
After doing some debugging it seems that sh doesn't like empty functions. For example:
load_modules() {
#Loading Modules
}
verify_interfaces() {
#Verifying Interfaces
}
Gives errors...
2009-11-05 13:55:33 UTC in Firewall Builder
-
Ahh, that's cool.
2009-11-04 15:47:28 UTC in Firewall Builder
-
I just started checking out 3.1 and was curious about the session tracking & clustering features required for the operating system.
For the clustering, should we use heartbeat, pacemaker or keepalived? Or is it up to us? I noticed all of the session details in the cluster config; does that manage the conntrackd config (& cluster sw config) or is that all separate and up to us to...
2009-11-03 21:32:51 UTC in Firewall Builder
-
so the order of loading / interpreting the rules is the fw object rules then it goes through the cluster rules? which one should have final "deny".
2009-11-03 21:12:38 UTC in Firewall Builder
-
I was just looking at the daily release of 3.1 and I am quite impressed with where things are going.
One question, I was using fwbuilder 3.0 with a chain rule for my cluster config and specific rules for access into each specific firewall.
I assume I can still have rules on the individual firewalls on 3.1; but how do the rules get created? Like now my rules are built for the fw then have...
2009-11-02 19:20:49 UTC in Firewall Builder
-
Doh, it's always right after you post something that you realize your typo.
I had a typo in my protocol definition.
ignore prior posting...
btw fwbuilder rocks! Its better than many large scale tools i've used in the past.
2009-06-07 14:25:38 UTC in Firewall Builder
