Search results

That is not normal in a so simple firewall. Is it possible that you put here the policy load script generated by the firewall compilation process? And can you copy and paste the output of the ip a command executed in your firewall?

We have firewalls over the VMware hypervisor. The hypervisor should not be the problem. Why have you created this custom "catchall" rule if you already have the default catch-all rule? Is this a stateful firewall or stateless? The screenshot is for the input policy?

Can you put here screenshots of your firewall policy?

Forget about it, if it is a fresh Linux install it not should be the origin of the problem. I think that the tcpdump command output will be useful for analyze the problem.

We usually use vm as firewalls over Proxmox hypervisors. I think that the problem is not here. Maybe you are receiving out-of-order packages ... In the log I see an ACK SYN packet that can come from a previous TCP flow already closed in the firewall, is it possible? Have you altered the TCP...

Hi, I would like to help you in the resolution of this problem, but for it I need more information and feedback. It is not normal this problem in a so simple stateful firewall like the one you have. May you answer the questions of my previous post? Maybe a tcpdump trace will help. Can you run...

Is the communication form your firewall with the MySQL server working? Have you compiled and installed the policy in the firewall? Can you attach the policy script?

Hi, This is not OUTBOUND traffic, it is INBOUND. Look at this part of your log: IN=ens18 OUT= If this where OUTBOUND traffic the OUT field will have the name of the OUTBOUND traffic interface. For some reason the original host is using the TCP port 3306 as source port.

Ok, you are welcome.

We will analyze the problems you comment. Nevertheless have in mind that the firewall policy apply and the import process is not a bidirectional process, you will not get exactly the same result when you import the policy firewall applied.

Ok, great, then your problem is already solved, isn't it?

Execute now this query: insert into fwc_tree values(0,'COUNTRIES',NULL,0,'COF',NULL,NULL,1); After this, logout and login again to your FWCloud console. Now you will be able to see again the content of the OBJECTS tree, but the COUNTRIES tree will be empty. For solve it, repair the OBJECTS tree...

This a problem that we have detected with the update procedure in some installations. We are preparing a new release of FWCloud-UI that will allow repair the tree, but it is not ready yet. I'm going to explain you how to solve it manually, this way you will not have to wait until the next...

Your are welcome! :-) If you need more help don't hesitate contact us again bye means of our forum.

As you can see in the supplied traffic sample, your Docker container is trying to access the DNS server with IP 192.168.1.1, which is located in your LAN. You have to allow this traffic in your FORWARD policy. This is your current FORWARD policy: You must add a new FORWARD rule before the...

You have to analyze where your DNS traffic is being sent and where is it stopped. For it you can use network traffic analysis tools like tcpdump. For example, you can use the next tcpdump command for see all the DNS traffic coming from your Docker container: tcpdump -n -i docker0 port 53 Can...

Ok, it's done. Thank you very much for the feedback.

We have already fixed this bug and it will be solved in the next FWCloud-API patch release that we will publish very soon. We would like to mention you in the CHANGELOG.md file as the bug reporter for both, this one and the other one that you reported related with the FWCloud-Installer script...

Thanks for the report. We will reproduce it in development environment, solve it and add the fix to the next FWCloud release. Nevertheless, it is always important that you take a careful review of the imported policy in order to make sure yourself that the policy has been imported right as, in...

Hi Jeremy, We have already fixed the bug and published the new version of FWCloud-Installer. If you need any help with FWCloud, please don't hesitate in contacting us again. Thank you very much for the report.