Rules Not Applying

  • desertrat

    desertrat - 2010-08-11

    With the latest fwbuilder 4.1.0 running on a Ubuntu 10.04 gateway with two NICs (for internal and external), rules do not seem to be taking effect. For example, setting a block on say ssh port 22 for all sources, destinations, and interfaces still allows outside computers to connect to internal machines via ssh.

    While the firewall has been working great in the past, now any changes I make seem to make no difference at all! Blocking or not blocking anything does nothing. Compiling the firewall reports successful, installing the firewall reports successful… but nothing changes.

    Any suggestions? Thanks!

  • Vadim Kurland

    Vadim Kurland - 2010-08-11

    there could be some other rule that permits it above the one that should block ssh. Or you could have used an option "permit ssh from management workstation" in the firewall settings dialog.

    I assume that all obvious errors have been ruled out, such as you actually install on the same firewall you use for testing and there is no other firewall script running on it and so on.

  • desertrat

    desertrat - 2010-08-11

    Thank you for your input!

    I use the search functionality of fwbuilder to verify that there are not rules with the same port that are permitting access. In addition, the final rule is set to block everything. ssh is an example, but I have also tried 3306 (mysql), http (80), https (443), 3389 (rdp), etc… Every time I strip out all traces of the ports, place a specific rule that blocks all access to these ports…. and nothing… the ports are still accessible outside of the network.

    fwbuilder is the only firewall utility on the gateway, and the gateway is just a standard 10.04 server install with iptables.

    Other ideas? Thank you!

  • desertrat

    desertrat - 2010-08-11

    Issue appears to be resolved. For some reason, under the firewall > Firewall Settings > Installer > "A command that installer should execute on the firewall in order to activate the policy…" had this:

    sudo _firewall_name.fw

    After removing that command, the rules now take effect.

    Thank you for your help!


Log in to post a comment.