Modify

Opened 9 years ago

Closed 8 years ago

Last modified 4 years ago

#5105 closed defect (fixed)

Firewall is broken

Reported by: Weedy <weedy2887@…> Owned by: jow
Priority: high Milestone: Barrier Breaker 14.07
Component: base system Version:
Keywords: Cc:

Description

Firewall is not setup properly at boot time anymore (and or hotplug scripts are shitting themselves). It needs to be restarted after ppp0 is up (yay hotplug).

# diff -u bah4 bah
--- bah4	Sun May 10 21:26:53 2009
+++ bah	Sun May 10 21:30:19 2009
@@ -1,44 +1,43 @@
-Chain INPUT (policy ACCEPT 400 packets, 25357 bytes)
+Chain INPUT (policy ACCEPT 21 packets, 1198 bytes)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain FORWARD (policy DROP 0 packets, 0 bytes)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain OUTPUT (policy ACCEPT 164 packets, 14899 bytes)
+Chain OUTPUT (policy ACCEPT 3 packets, 192 bytes)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain MINIUPNPD (1 references)
- pkts bytes target     prot opt in     out     source               destination         
-
 Chain forward (1 references)
  pkts bytes target     prot opt in     out     source               destination         
+   27  3221 zone_lan_forward  all  --  br-lan *       0.0.0.0/0            0.0.0.0/0           
+    0     0 zone_wan_forward  all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
 
 Chain forwarding_lan (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain forwarding_rule (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain forwarding_wan (1 references)
@@ -46,6 +45,8 @@
 
 Chain input (1 references)
  pkts bytes target     prot opt in     out     source               destination         
+   48  3353 zone_lan   all  --  br-lan *       0.0.0.0/0            0.0.0.0/0           
+  188 11604 zone_wan   all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
 
 Chain input_lan (1 references)
  pkts bytes target     prot opt in     out     source               destination         
@@ -56,70 +57,80 @@
 Chain input_wan (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain miniupnpd_wan_rule (0 references)
- pkts bytes target     prot opt in     out     source               destination         
-    0     0 MINIUPNPD  all  --  ppp0   !ppp0   0.0.0.0/0            0.0.0.0/0           
-
 Chain output (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain output_rule (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain reject (1 references)
+Chain reject (5 references)
  pkts bytes target     prot opt in     out     
 
 Chain syn_flood (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain zone_lan (0 references)
+Chain zone_lan (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain zone_lan_ACCEPT (2 references)
  pkts bytes target     prot opt in     out     source               destination         
+   48  3353 ACCEPT     all  --  br-lan *       0.0.0.0/0            0.0.0.0/0           
+   12  4150 ACCEPT     all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0           
 
 Chain zone_lan_DROP (0 references)
  pkts bytes target     prot opt in     out     source               destination         
+    0     0 DROP       all  --  br-lan *       0.0.0.0/0            0.0.0.0/0           
+    0     0 DROP       all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0           
 
 Chain zone_lan_MSSFIX (0 references)
  pkts bytes target     prot opt in     out     source               destination         
+    0     0 TCPMSS     tcp  --  *      br-lan  0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x02 TCPMSS clamp to PMTU 
 
 Chain zone_lan_REJECT (1 references)
  pkts bytes target     prot opt in     out     source               destination         
+   14   728 reject     all  --  br-lan *       0.0.0.0/0            0.0.0.0/0           
+    0     0 reject     all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0           
 
-Chain zone_lan_forward (0 references)
+Chain zone_lan_forward (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
-Chain zone_wan (0 references)
+Chain zone_wan (1 references)
  pkts bytes target     prot opt in     out     source               destination         
 
 Chain zone_wan_ACCEPT (2 references)
  pkts bytes target     prot opt in     out     source               destination         
+    0     0 ACCEPT     all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
+   21  2997 ACCEPT     all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           
 
 Chain zone_wan_DROP (0 references)
  pkts bytes target     prot opt in     out     source               destination         
+    0     0 DROP       all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
+    0     0 DROP       all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           
 
 Chain zone_wan_MSSFIX (1 references)
  pkts bytes target     prot opt in     out     source               destination         
+   11   592 TCPMSS     tcp  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x02 TCPMSS clamp to PMTU 
 
 Chain zone_wan_REJECT (2 references)
  pkts bytes target     prot opt in     out     source               destination         
+  188 11604 reject     all  --  ppp0   *       0.0.0.0/0            0.0.0.0/0           
+    0     0 reject     all  --  *      ppp0    0.0.0.0/0            0.0.0.0/0           
 
-Chain zone_wan_forward (0 references)
+Chain zone_wan_forward (1 references)
  pkts bytes target     prot opt in     out     source               destination         
     0     0 forwarding_wan  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     0     0 zone_wan_REJECT  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Attachments (0)

Change History (5)

comment:1 Changed 9 years ago by jow

  • Owner changed from developers to jow

Looks like it's miniupnp related

comment:2 Changed 9 years ago by Weedy <weedy2887@…>

agreed

comment:3 Changed 9 years ago by Weedy <weedy2887@…>

WHY HELLO THAR!
Has this been fixed yet?

comment:4 Changed 8 years ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Should be fixed since r17680.

comment:5 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.