Can’t add new firewall rules

[reaperz]

Hello

My zeroshell box used to work well, but now I am getting trouble trying to add new firewall rules. I got over hundred rules.

When i try to add new rule, I sometimes get “Rule does not exist”

Or if adding is successful, saving new rules gives that kind of error:

“Jun 05 11:24,18 ERROR: Chain INPUT not saved: cp: cannot create regular file _/var/register/system/net/FW/Chains/INPUT/Rules/118/NotD…”

Those are red error messages, that you get on lower side of screen.

so far only fix i have found is to restart the zeroshell router several times. Then I can add new firewall rules. Until some days/weeks later I can’t add them again without restarting. Any idea what might be going on? I got enough disk space (200MB free). Also RAM is not a problem (4GB).

I have Zeroshell 1.0 beta16 running 3.2.9 kernel

Any ideas what might be going on and how to fix this?

[reaperz]

Has anyone had similar problems? Cause this one is still biting me in the back, have to restart zeroshell router if i want to add rules.

[Yhoni]

@reaperz wrote:

Has anyone had similar problems? Cause this one is still biting me in the back, have to restart zeroshell router if i want to add rules.

I have the same problem with Release 3.0.0.

When I try to add new rules to the firewall I get the following error and not recorded:

May 17 16:24,09 ERROR: Chain INPUT not saved: cp: cannot stat _/var/register/system/net/FW/tmp/Chains/INPUT/Rules/015/ParallelThan’: …
Warning: last changes not saved!

Where is the problem?

I Zeroshell run from a usb stick 3 GB and I have enough free space.

[Yhoni]

Do you have an error this path:?

_/var/register/system/net/FW/tmp/Chains/INPUT/Rules/015/ParallelThan ‘

Should have a single quote ” ‘ ” instead of an underscore “_” in the beginning of the path?

[Yhoni]

I have the same error when trying to delete the firewall changes.

May 17 21:31,34 ERROR: Last changes to chain INPUT not cancelled:rm: cannot remove _/var/register/system/net/FW/tmp/Chains/INPUT//Rul…

Where is the problem ?

[Yhoni]

How could I add rules to the firewall from the console?

Thanks.

[redfive]

@Yhoni
Sample with INPUT chain, before, issue the command

 iptables -vL INPUT  --line-number

you will have a look about the existing rules an their exact position (including the LOG’s rules) , then assume that you want to add a rule in the 20th line , so

iptables -I INPUT 20  ..... ....... ....... ........ ...... -j ......

You could add the command in Startup/Cron , Firewall Chain, so, even after a reboot, you’d find the rule applied. Remember that this rule , will be applied always in the 20th position, so you could have to adjust the script if you will remove or add some rules via gui, which are above the newest one inserted by the script.
It should work…
Regards

[Yhoni]

@redfive wrote:

@Yhoni
Sample with INPUT chain, before, issue the command

 iptables -vL INPUT  --line-number

you will have a look about the existing rules an their exact position (including the LOG’s rules) , then assume that you want to add a rule in the 20th line , so

iptables -I INPUT 20  ..... ....... ....... ........ ...... -j ......

You could add the command in Startup/Cron , Firewall Chain, so, even after a reboot, you’d find the rule applied. Remember that this rule , will be applied always in the 20th position, so you could have to adjust the script if you will remove or add some rules via gui, which are above the newest one inserted by the script.
It should work…
Regards

It works perfect.

Thank you.

[Yhoni]

Repeat.

Excuse me.

[DrmCa]

As firewall web interface works fine for me in v.3 and always worked previously, I would suspect a broken downloaded image, or disk errors on the profile partition. Try downloading the image again, rebuilding your boot media and running disk check.

[Author]

Posts