All,
This is just a follow-up regarding the so-called "Firewall Oddity" which was
caused, in great part, by my lack of patience.
With Lonnie's help, I learned that the problem described below (and which
Lonnie couldn't reproduce) clears following a SECOND reboot during the upgrade
procedure. Since this second reboot, AstLinux 0.7.4 has been running perfectly.
My lessons learned: Be Patient! Troubleshoot first; react later.
Thanks to Lonnie for his capable assistance and to the AstLinux team for
developing and maintaining such a fine product.
Dan
-----Original Message-----
From: "Dan Ryson" <d...@ryson.org>
Sent: Monday, November 29, 2010 11:31am
To: "AstLinux Users Mailing List" <astlinux-users@lists.sourceforge.net>
Subject: Re: [Astlinux-users] Firewall Oddity
Lonnie,
Thanks for coming to my rescue. (Again.)
For the benefit of the list, I'll give a general answer. I'd prefer to
work privately for the specifics.
This is a Net5501 with WAN on Eth0. A NAT'd subnet, exclusive to
phones, is supported on Eth1. Office Internet traffic, along with a
server are on yet another subnet on Eth2. We have a WAN port NAT'd to
the server on Eth2 that didn't work following the upgrade.
Unfortunately, I didn't try to troubleshoot this problem - I just
downgraded to 0.7.3. Given that 0.7.3 doesn't handle the 0.7.4 format,
I'm amazed that the server is working - but it seems to be.
More privately...
Dan
On 11/29/2010 11:12 AM, Lonnie Abelbeck wrote:
> Hi Dan,
>
> In 0.7.4 the web interface uses a new internal format for the Firewall tab
> (uses a ~ instead of a : for a delimiter to handle IPv6 addresses). The
> transition from 0.7.3 to 0.7.4 is handled, but obviously 0.7.3 does not
> handle the new 0.7.4 format. The good news is this is just the internal
> format for the web interface, not the actual AIF variables (provided you
> don't "Save Settings" in 0.7.3).
>
> Please describe the port-forward issue you are having in detail. If you
> don't want to publicly share, send a private email to me. The output of
>
> $ arno-iptables-firewall restart
>
> would be useful for each case if you can, or just 0.7.3's output to start
> with.
>
> Lonnie
>
>
>
> On Nov 29, 2010, at 9:55 AM, Dan Ryson wrote:
>
>> All,
>>
>> First, thank you for all your efforts on 0.7.4. That's an impressive
>> list of changes.
>>
>> I upgraded one PBX to 0.7.4 yesterday, rebooted, and restarted the
>> firewall. Sadly, it appears that at least one port-forward had stopped
>> working.
>>
>> In order to quickly squelch a loud complaint, I downgraded to 0.7.3,
>> rebooted, and again restarted the firewall. Now, the port-forward is
>> working and we're apparently operational. However, when I look at the
>> firewall settings in the web GUI, I find a column of orange "+" signs,
>> along with a list of blank destinations and ports.
>>
>> Before I make matters worse, I thought it might be a good idea to drop a
>> line and seek the sage advise of the list. Any ideas?
>>
>> Thanks.
>>
>> Dan
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Increase Visibility of Your 3D Game App& Earn a Chance To Win $500!
>> Tap into the largest installed PC base& get more eyes on your game by
>> optimizing for Intel(R) Graphics Technology. Get started today with the
>> Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
>> http://p.sf.net/sfu/intelisp-dev2dev
>> _______________________________________________
>> Astlinux-users mailing list
>> Astlinux-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> pay...@krisk.org.
>>
>>
>
> ------------------------------------------------------------------------------
> Increase Visibility of Your 3D Game App& Earn a Chance To Win $500!
> Tap into the largest installed PC base& get more eyes on your game by
> optimizing for Intel(R) Graphics Technology. Get started today with the
> Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
> http://p.sf.net/sfu/intelisp-dev2dev
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
------------------------------------------------------------------------------
Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
------------------------------------------------------------------------------
Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
