SilvanScherrer
commented
3 months ago are you sure both firewall are set up equal? As it sounds a bit strange it works on one and doesnt work on the other. Can you please compare both configurations?
Open ecomstation opened 4 months ago
SilvanScherrer
commented
3 months ago are you sure both firewall are set up equal? As it sounds a bit strange it works on one and doesnt work on the other. Can you please compare both configurations?
ecomstation
commented
3 months ago yes the VM multi-core (4 or 6 cores) is the one with the issue the one running on single core includes works correctly
it's not a memory problem, since if i copy and paste all the rules in the include file in the "firerule.cnf" everything work but my firerule.cnf becomes unreadable (too much stuff) and it becomes difficult to update the antispam rules since i use the same include file on both VMs
ecomstation
commented
1 month ago 3 months passed without a solution or a fix i have other 2 FW here to update from 4.2.2(b) to 4.2.3 of course i will wait to upgrade for a solution to the include rule file issue
regards
massimo
SilvanScherrer
commented
1 month ago try to see if it still happens, when you have the same setup on both. Means just use one cpu in the VM. This is meant as a test only.
ecomstation
commented
3 weeks ago i will try, but this is a production server
anyway don't you have a tool or a debug log to activate and see what happens in details? Injioy FW don't write anything, it just stop answering all tcp/ip communications and display SYN_SENT or packate dropped by ACL on the console windows
I don't have a debug log to unsterand what happes in details, i repeat
Hi all,
eCS 2.2b Vbox VM, 6 (or 4) cores, 4GB ram virtualaddresslimit 3072 mmlem nic driver
if i add an include rule file the firewall stop all tcp/ip communications, even ping on the internet public IP do not work anymore.
in firerule.cnf at the top (but even if added in other places) with this line:
include <firewall/spam.cnf>
the fire rule is big about 290KB, but even with only just one rule do the same behaviour even with a very simple one eg:
CHIUSURA_spammer_now_armenia_su
Comment = "chiude spammer peso now-armenia-su 19-4-2024",
Destination-Port = "25",
Source = "95.181.151.26",
Destination = "My_IP",
Rule-Action = Deny,
Direction = Incoming
what defy any technical explanation is that the same spam.cnf rule file is working perfectly on the other VM (Injoy fw 4.2.2, same OS, same nic driver, same virtualaddresslimit, etc. but this VM only run 1 core)
what i see on the remote console of the firewall is that every kind of communications go into "packet dropped by firewall ACL and the name of the rule" (eg. the one i copied here) in the Dropped Packets window.