www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Is there a limit in VIRTUAL SERVERS?

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
nikos.frangakis



Joined: 26 Jun 2015
Posts: 5

PostPosted: Fri Jun 26, 2015 11:02 am    Post subject: Is there a limit in VIRTUAL SERVERS? Reply with quote

Hello,

i am adding port forwarding rules in the "VIRTUAL SERVERS" tab.
After around 30 rules, when i add a new rule, it is shown in the table, but is actually overriding the last rule i have added.
However, in the "view" window, i can see all the rules (even if they do not appear in the table.)

Finally, the rules that do not appear in the table, are not surviving a reboot...

Is this a known bug?
Am i doing something wrong?
I am using Release 3.3.2
Thanks
Nikos
Back to top
View user's profile Send private message
nikos.frangakis



Joined: 26 Jun 2015
Posts: 5

PostPosted: Sun Jun 28, 2015 4:49 pm    Post subject: Reply with quote

Hello,
just to report on my problem.

in this folder /var/register/system/net/router/PAT
there is a folder for each rule in the "virtual servers"
the rules had reach the number 100 (although there were big gaps between the numbers)
Every new rule that was created from the web interface in the virtual servers tabs, was overwriting the contents of the "100" folder.

so, i moved the folder to lower numbers and then the creation of new rules was working again.

Disclaimer: i am not sure if this is the correct action to resolve this problem, but this worked for me.

cheers
nikos
Back to top
View user's profile Send private message
Yhoni



Joined: 19 May 2013
Posts: 31

PostPosted: Sat Aug 22, 2015 6:18 pm    Post subject: Reply with quote

nikos.frangakis wrote:
Hello,
just to report on my problem.

in this folder /var/register/system/net/router/PAT
there is a folder for each rule in the "virtual servers"
the rules had reach the number 100 (although there were big gaps between the numbers)
Every new rule that was created from the web interface in the virtual servers tabs, was overwriting the contents of the "100" folder.

so, i moved the folder to lower numbers and then the creation of new rules was working again.

Disclaimer: i am not sure if this is the correct action to resolve this problem, but this worked for me.

cheers
nikos


Ok, mate. Thanks for your work.
Back to top
View user's profile Send private message
sshira



Joined: 28 Jan 2016
Posts: 2

PostPosted: Thu Jan 28, 2016 5:52 pm    Post subject: Reply with quote

Couple of questions. . .
Do you have to reboot for the directory change to take effect?
If you have rules that you have set up over the top of one another do they have to be removed and re-created?
Back to top
View user's profile Send private message
sshira



Joined: 28 Jan 2016
Posts: 2

PostPosted: Thu Jan 28, 2016 11:36 pm    Post subject: Reply with quote

sshira wrote:
Couple of questions. . .
Do you have to reboot for the directory change to take effect?
If you have rules that you have set up over the top of one another do they have to be removed and re-created?


Answered my own questions:
1. When you change the directories path it takes affect immediately from the screen's perspective, however what is actually loaded in the IPTables (if you click on view) won't change until you reboot.

2. The rules that set up and copied over location 100 are interesting, they exist in the running config only (not on disk). So to handle this I went in and added the ones I was missing which puts duplicate entries at the bottom of the view, you may notice these do not get any traffic as the rules that are higher on the list (and don't exist in the "Startup config") are taking the traffic.

I can not reboot my firewall during the day, and have to be careful of downtime even at night, so the next time I get to reboot I expect all will be well, and still exist. Also, I believe that I could restart IPTables to get it to load from the "Startup Config" again without restarting the whole firewall, but I'll have to test that later as well.
It seems to me that if we have the ability to delete on the fly there should be a mechanism to reload at any time as well, i'll have to look in to that.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group