From: Darren C. <da...@kd...> - 2003-11-28 15:37:30
|
Rob Mattix wrote: >> At 10:08 PM 11/27/2003, you wrote: <SNIP> >>> >>> What exactly happens that you cannot enter more than 8, is there an >>> error code? >>> By chance are there any comma's in your comments that you are >>> adding to your port forwards - there is code in place to remove >>> comma's from the comment field, but it has been modified several >>> times in the last while and maybe it has introduced a bug. >>> >>> Darren >>> --__--__-- >> >> It's not a problem entering them in the web gui, they don't show up >> when I look at the tables directly using the commands you list. >> There are not any comma's, however there are dashes but even the >> ones being inserted have them. >> >> It's just the first 8 rules listed in the gui that are being loaded. >> >> It's strange. Hopefully, I'll get some time later to look deeper. >> Yes, it is strange. There people on the list with 20 or more rules, particularly people who are running voip, varous servers, etc. One of the rules must have something in it that breaks the setportfw. When you find time, go to the command line and do a /usr/local/bin/setportfw if there is an error it will usually complain about it and dump out of the program. This is all I can suggest on debugging at the moment. Darren |
From: Darren C. <da...@kd...> - 2003-11-28 17:04:13
|
Rob Mattix wrote: >> Ok, got it figured out. >> >> For some reason, there was an extra comma in the >> /var/ipcop/portfw/config file in the 12th line, just before the >> comment. >> Don't know why it stopped loading at the 8th rule, but removed it >> with vi and everything works like it's supposed to now. >> >> Thanks for the help and sanity checks!!! >> Great! Another satisfied Ipcop customer - sort of close to 1 billion served :) Darren |
From: Rob M. <ro...@ch...> - 2003-11-28 14:46:06
|
At 10:08 PM 11/27/2003, you wrote: >Rob Mattix wrote: > >> I just recently noticed a problem with my IPCop box. > >> > >> It will only insert 8 rules in the PORTFWACCESS table. This is on > >> both > >> IPCop 1.4 and 1.3 (with fixes 1-5). Haven't had time to check when > >> it stopped working or even if it is fix related. > >> > >> Just wanted to get this out there and see if anyone else has come > >> across this. > >> > >Must be a local problem as I have 12 port forward rules entered in my table, >and all of them show up in the iptables chains: >iptables -t nat -L PORTFW >iptables -L PORTFWACCESS > >What exactly happens that you cannot enter more than 8, is there an error >code? >By chance are there any comma's in your comments that you are adding to your >port forwards - there is code in place to remove comma's from the comment >field, but it has been modified several times in the last while and maybe it >has introduced a bug. > >Darren > > > > >--__--__-- It's not a problem entering them in the web gui, they don't show up when I look at the tables directly using the commands you list. There are not any comma's, however there are dashes but even the ones being inserted have them. It's just the first 8 rules listed in the gui that are being loaded. It's strange. Hopefully, I'll get some time later to look deeper. Thanks, Rob |
From: Rob M. <mai...@ch...> - 2003-11-28 16:45:46
|
Ok, got it figured out. For some reason, there was an extra comma in the /var/ipcop/portfw/config file in the 12th line, just before the comment. Don't know why it stopped loading at the 8th rule, but removed it with vi and everything works like it's supposed to now. Thanks for the help and sanity checks!!! Rob At 09:31 AM 11/28/2003, you wrote: >Rob Mattix wrote: > >> At 10:08 PM 11/27/2003, you wrote: ><SNIP> > >>> > >>> What exactly happens that you cannot enter more than 8, is there an > >>> error code? > >>> By chance are there any comma's in your comments that you are > >>> adding to your port forwards - there is code in place to remove > >>> comma's from the comment field, but it has been modified several > >>> times in the last while and maybe it has introduced a bug. > >>> > >>> Darren > >>> --__--__-- > >> > >> It's not a problem entering them in the web gui, they don't show up > >> when I look at the tables directly using the commands you list. > >> There are not any comma's, however there are dashes but even the > >> ones being inserted have them. > >> > >> It's just the first 8 rules listed in the gui that are being loaded. > >> > >> It's strange. Hopefully, I'll get some time later to look deeper. > >> >Yes, it is strange. There people on the list with 20 or more rules, >particularly people who are running voip, varous servers, etc. > >One of the rules must have something in it that breaks the setportfw. > >When you find time, go to the command line and do a /usr/local/bin/setportfw >if there is an error it will usually complain about it and dump out of the >program. This is all I can suggest on debugging at the moment. > >Darren > > >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.542 / Virus Database: 336 - Release Date: 11/18/2003 |