From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Testing Issues with core165 Development Build: next/cad86575
Date: Fri, 11 Mar 2022 16:28:53 +0000
Message-ID: <5B9713D0-5822-4A0F-BE8A-A98019A8F72E@ipfire.org>
In-Reply-To: <24603ae9-dc06-4f58-a26f-eb413033db4d@yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7411918498339401007=="
List-Id: <development.lists.ipfire.org>

--===============7411918498339401007==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello,

I tried to reproduce this and I can=E2=80=99t.

Could you please send the output of =E2=80=9Ciptables -L -nv=E2=80=9D to help=
 me debug this?

-Michael

> On 8 Mar 2022, at 20:13, Charles Brown <cab_77573(a)yahoo.com> wrote:
>=20
> Just tried again with next/2022-03-08 09:59:43 +0000-32ce7ab4/x86_64
> It seems simple to reproduce.  See attached log.
> At initial boot after fresh install, cannot ping local private address gate=
way -- DROP_HOSTILE
> After editing settings in /var/ipfiire/optionsfw/settings -- changing DROPH=
OSTILE to off -- and rebooting, things worked as expected.
> I then changed DROPHOSTILE setting to on and rebooted -- resulting again wi=
th DROP_HOSTILE when pinging my local gateway.
>=20
>=20
> On 3/8/2022 9:47 AM, Michael Tremer wrote:
>> Hello Charles,
>>=20
>>> On 7 Mar 2022, at 12:26, Charles Brown <cab_77573(a)yahoo.com> wrote:
>>>=20
>>> Did a fresh install of core165 Development Build: next/cad86575
>>>=20
>>> 1) Private Network is =E2=80=98Hostile=E2=80=99 =E2=80=93 should it be?
>> No, it shouldn=E2=80=99t.
>>=20
>>> Initially, I had no access to red zone.  All traffic was getting DROP_HOS=
TILE.
>>> My test setup has gateway through a 192.168 private network. Could not pi=
ng my 192.168 gateway without disabling the =E2=80=9Cdrop hostile=E2=80=9D fe=
ature. Somehow I thought that private network range would not be considered =
=E2=80=98hostile=E2=80=99.
>> Do you have some log files so I can look at what matched?
>>=20
>> What build are you running?
>>=20
>> -Michael
>>=20
>>> 2) Web page ids.cgi stops loading after header
>>> The page header down through "Intrusion Prevention System <?>" is display=
ed and then stops -- nothing else on the page
>>> Log in httpd error shows as:
>>>   "Unable to read file /var/ipfire/suricata/ignored at /var/ipfire/genera=
l-functions.pl line 883. "
>>> I went to the directory and created the 'ignored' file and chowned it to =
nobody:nobody.
>>> That allowed the page to complete loading
>>>=20
>>> -cab
>>>=20
> <hostile_private_net.log>


--===============7411918498339401007==--