From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Testing Issues with core165 Development Build: next/cad86575 Date: Fri, 18 Mar 2022 09:14:21 +0000 Message-ID: In-Reply-To: <5afcbc79-59da-9c57-e1f7-9627e103b76f@yahoo.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2671098802159965029==" List-Id: --===============2671098802159965029== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable > On 17 Mar 2022, at 19:34, Charles Brown wrote: >=20 > As with my comment below on Mar 11, the issue was no longer present in the = c165 test builds. Surely this is not a current issue or you would have been h= earing more noise about it That is the way to go :) > Thanks for looking into it anyway, > -Charles >=20 > On 3/17/2022 10:52 AM, Michael Tremer wrote: >> Hello Charles, >>=20 >> Apologies for the late reply. I believe that this change should make your = problem go away: >>=20 >> https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3D12cd388967= 95836c3f4e2c8a661b2c36d444d89a >>=20 >> Could you please test again with one of the latest builds? >>=20 >> Best, >> -Michael >>=20 >>> On 11 Mar 2022, at 23:40, Charles Brown wrote: >>>=20 >>> True, it is not reproducible with latest c165 build. >>> However, I punted back to "core165 Development Build: next/cad86575" to t= est my sanity, the glitch was quite reproducible. >>> Logs are attached: /var/log/messages; the (a) iptables output at first b= oot; the (b) iptables output after changing hostile fw option to off and rebo= oting >>> . >>>=20 >>> On 3/11/2022 10:28 AM, Michael Tremer wrote: >>>> Hello, >>>>=20 >>>> I tried to reproduce this and I can=E2=80=99t. >>>>=20 >>>> Could you please send the output of =E2=80=9Ciptables -L -nv=E2=80=9D to= help me debug this? >>>>=20 >>>> -Michael >>>>=20 >>>>> On 8 Mar 2022, at 20:13, Charles Brown wrote: >>>>>=20 >>>>> Just tried again with next/2022-03-08 09:59:43 +0000-32ce7ab4/x86_64 >>>>> It seems simple to reproduce. See attached log. >>>>> At initial boot after fresh install, cannot ping local private address = gateway -- DROP_HOSTILE >>>>> After editing settings in /var/ipfiire/optionsfw/settings -- changing D= ROPHOSTILE to off -- and rebooting, things worked as expected. >>>>> I then changed DROPHOSTILE setting to on and rebooted -- resulting agai= n with DROP_HOSTILE when pinging my local gateway. >>>>>=20 >>>>>=20 >>>>> On 3/8/2022 9:47 AM, Michael Tremer wrote: >>>>>> Hello Charles, >>>>>>=20 >>>>>>> On 7 Mar 2022, at 12:26, Charles Brown wrote: >>>>>>>=20 >>>>>>> Did a fresh install of core165 Development Build: next/cad86575 >>>>>>>=20 >>>>>>> 1) Private Network is =E2=80=98Hostile=E2=80=99 =E2=80=93 should it b= e? >>>>>> No, it shouldn=E2=80=99t. >>>>>>=20 >>>>>>> Initially, I had no access to red zone. All traffic was getting DROP= _HOSTILE. >>>>>>> My test setup has gateway through a 192.168 private network. Could no= t ping my 192.168 gateway without disabling the =E2=80=9Cdrop hostile=E2=80= =9D feature. Somehow I thought that private network range would not be consid= ered =E2=80=98hostile=E2=80=99. >>>>>> Do you have some log files so I can look at what matched? >>>>>>=20 >>>>>> What build are you running? >>>>>>=20 >>>>>> -Michael >>>>>>=20 >>>>>>> 2) Web page ids.cgi stops loading after header >>>>>>> The page header down through "Intrusion Prevention System " is dis= played and then stops -- nothing else on the page >>>>>>> Log in httpd error shows as: >>>>>>> "Unable to read file /var/ipfire/suricata/ignored at /var/ipfire/ge= neral-functions.pl line 883. " >>>>>>> I went to the directory and created the 'ignored' file and chowned it= to nobody:nobody. >>>>>>> That allowed the page to complete loading >>>>>>>=20 >>>>>>> -cab >>>>>>>=20 >>>>> >>> --===============2671098802159965029==--