Menu
▾
▴
Re: [Astlinux-devel] Duplicate INT and EXT interfaces
|
From: Michael K. <li...@mk...> - 2022-01-29 15:11:22
|
> Am 29.01.2022 um 15:08 schrieb Lonnie Abelbeck <li...@lo...>:
>
> Hi Michael,
>
>> I learned something today. Having the same interface configured on EXT and INT breaks stuff. I realise that the Network Tab pops an error if this is the case but it still writes it in gui.network.conf. So if you click away from the tab and forget about it then when you reboot the system it will be broken.
>
> Yes, I recall writing that code (more than 10 years ago).
>
> During saveNETWORKsettings(...) the checkNETWORKsettings() function could arguably be called at the beginning, resulting in any changes to be lost for these errors:
> --
> } elseif ($result == 100) {
> putHtml('<p style="color: red;">Error in Network Configuration, an Interface is used more than once.</p>');
> } elseif ($result == 101) {
> putHtml('<p style="color: red;">Error in Network Configuration, DMZ requires a LAN to also be defined.</p>');
> } elseif ($result == 102) {
> putHtml('<p style="color: red;">Warning! Firewall is enabled, but not configured, click "Firewall Configuration" and save.</p>');
> } elseif ($result == 103) {
> putHtml('<p style="color: red;">Error in Network Configuration, Invalid Timezone setting.</p>');
> --
> I recall testing this, and quickly decided to move checkNETWORKsettings() to the end of saveNETWORKsettings(...) so the changes (albeit with an error) are saved, with a descriptive error in "red" of what to fix (often a simple fix).
>
> During typical usage, a lot of tedious data is entered in the Network tab, and it is all too easy to mis-select an interface. Having to start over could raise a person's blood pressure.
>
> Not to be flippant, but if a person drives through a "Bridge Out" sign on the road ... it usually doesn't end well. :-)
>
> Lonnie
>
>
>
>> On Jan 28, 2022, at 5:09 PM, Michael Knill <mic...@ip...> wrote:
>>
>> Hi Devs
>>
>> I learned something today. Having the same interface configured on EXT and INT breaks stuff. I realise that the Network Tab pops an error if this is the case but it still writes it in gui.network.conf. So if you click away from the tab and forget about it then when you reboot the system it will be broken.
>> It all started when I was trying to write a firewall rule and it kept popping a firewall error even though it was fine. So I rebooted the system and then it was quite broken. Luckily I could still get into the system and after doing ‘arno-iptables-firewall force-reload’ I found the error. I'm concerned though that it was without a firewall after the reboot:
>>
>> # arno-iptables-firewall status
>> Arno's Iptables Firewall Script v2.0.2-05-astlinux
>> -------------------------------------------------------------------------------
>> Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>> Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
>> pkts bytes target prot opt in out source destination
>>
>> Is this the case?
>>
>> Wondering if it is worth saving the previous network config on each save and after popping an error, the previous network config is reinstated and you are notified of this in the error message.
>>
>> Regards
>>
>> Michael Knill
>> Managing Director
Just an idea: Is it possible to NOT show a "used" NIC in the dropdown menu of the other interfaces (even if not rebooted yet)?
Let's we have 4 NICs, "External interface" is "eth0", then "1st LAN Interface" would show only "eth1,eth2,eth3".
Michael
http://www.mksolutions.info
|
