www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Can't add new firewall rules

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
reaperz



Joined: 13 Apr 2012
Posts: 77

PostPosted: Wed Jun 05, 2013 11:56 am    Post subject: Can't add new firewall rules Reply with quote

Hello

My zeroshell box used to work well, but now I am getting trouble trying to add new firewall rules. I got over hundred rules.

When i try to add new rule, I sometimes get "Rule does not exist"

Or if adding is successful, saving new rules gives that kind of error:

"Jun 05 11:24,18 ERROR: Chain INPUT not saved: cp: cannot create regular file _/var/register/system/net/FW/Chains/INPUT/Rules/118/NotD..."

Those are red error messages, that you get on lower side of screen.

so far only fix i have found is to restart the zeroshell router several times. Then I can add new firewall rules. Until some days/weeks later I can't add them again without restarting. Any idea what might be going on? I got enough disk space (200MB free). Also RAM is not a problem (4GB).

I have Zeroshell 1.0 beta16 running 3.2.9 kernel

Any ideas what might be going on and how to fix this?
Back to top
View user's profile Send private message
reaperz



Joined: 13 Apr 2012
Posts: 77

PostPosted: Mon Aug 19, 2013 10:44 am    Post subject: Reply with quote

Has anyone had similar problems? Cause this one is still biting me in the back, have to restart zeroshell router if i want to add rules.
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Sat May 17, 2014 2:36 pm    Post subject: Reply with quote

reaperz wrote:
Has anyone had similar problems? Cause this one is still biting me in the back, have to restart zeroshell router if i want to add rules.


I have the same problem with Release 3.0.0.

When I try to add new rules to the firewall I get the following error and not recorded:

Quote:
May 17 16:24,09 ERROR: Chain INPUT not saved: cp: cannot stat _/var/register/system/net/FW/tmp/Chains/INPUT/Rules/015/ParallelThan': ...
Warning: last changes not saved!


Where is the problem?

I Zeroshell run from a usb stick 3 GB and I have enough free space.
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Sat May 17, 2014 2:42 pm    Post subject: Reply with quote

Do you have an error this path:?
Quote:
_/var/register/system/net/FW/tmp/Chains/INPUT/Rules/015/ParallelThan '

Should have a single quote " ' " instead of an underscore "_" in the beginning of the path?
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Sat May 17, 2014 7:33 pm    Post subject: Reply with quote

I have the same error when trying to delete the firewall changes.

Quote:

May 17 21:31,34 ERROR: Last changes to chain INPUT not cancelled:rm: cannot remove _/var/register/system/net/FW/tmp/Chains/INPUT//Rul...


Where is the problem ?
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Sun May 18, 2014 7:14 am    Post subject: Reply with quote

How could I add rules to the firewall from the console?

Thanks.
Back to top
View user's profile Send private message
redfive



Joined: 27 Aug 2009
Posts: 232

PostPosted: Sun May 18, 2014 1:35 pm    Post subject: Reply with quote

@Yhoni
Sample with INPUT chain, before, issue the command
Code:
 iptables -vL INPUT  --line-number

you will have a look about the existing rules an their exact position (including the LOG's rules) , then assume that you want to add a rule in the 20th line , so
Code:
iptables -I INPUT 20  ..... ....... ....... ........ ...... -j ......

You could add the command in Startup/Cron , Firewall Chain, so, even after a reboot, you'd find the rule applied. Remember that this rule , will be applied always in the 20th position, so you could have to adjust the script if you will remove or add some rules via gui, which are above the newest one inserted by the script.
It should work...
Regards
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Tue May 20, 2014 11:23 am    Post subject: Reply with quote

redfive wrote:
@Yhoni
Sample with INPUT chain, before, issue the command
Code:
 iptables -vL INPUT  --line-number

you will have a look about the existing rules an their exact position (including the LOG's rules) , then assume that you want to add a rule in the 20th line , so
Code:
iptables -I INPUT 20  ..... ....... ....... ........ ...... -j ......

You could add the command in Startup/Cron , Firewall Chain, so, even after a reboot, you'd find the rule applied. Remember that this rule , will be applied always in the 20th position, so you could have to adjust the script if you will remove or add some rules via gui, which are above the newest one inserted by the script.
It should work...
Regards


It works perfect.

Thank you.


Last edited by Yhoni on Tue May 20, 2014 11:39 am; edited 1 time in total
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Tue May 20, 2014 11:38 am    Post subject: Reply with quote

Repeat.

Excuse me.
Back to top
View user's profile Send private message
DrmCa



Joined: 12 Apr 2011
Posts: 208

PostPosted: Tue May 20, 2014 4:45 pm    Post subject: Reply with quote

As firewall web interface works fine for me in v.3 and always worked previously, I would suspect a broken downloaded image, or disk errors on the profile partition. Try downloading the image again, rebuilding your boot media and running disk check.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group