-
Nick Howitt wrote:
There does not look like there is anything in the script to cause any looping when creating the firewall rules. It could be the files /etc/netify-fwa.conf or /usr/clearos/apps/netify_fwa/deploy/netify-fwa.sed have duplicate data in them. Can you post them both?
The firewall panic seems because of MultiWAN, perhaps where you have multiwan loaded but only a single WAN IP address showing or something like that. It would take me a while to understand what is going on. It would be better for the devs to look at it.
Sorry for the delay Nick
[nfa]
disable_protocol_rules = false
disable_service_rules = false
file_pid = /run/netify-fwa/netify-fwa.pid
file_reload_lock = /run/netify-fwa/netify-fwa.reload
file_state = /var/lib/netify-fwa/state.dat
rule_ttl = 600
rule_mark_base = 0x900000
syslog_facility = local0
[netify]
node = /var/lib/netifyd/netifyd.sock
service = 0
[service_whitelist]
[protocol_whitelist]
[service_rules]
# Netify FWA rule parser for firewall scriptlet
# Remove rule prefix
s/^rule\[[0-9]*\][[:space:]]*=[[:space:]]*//g
# Remove rule enabled flag from end of rule
s/,1$//g
s/,true$//g
# Substitute commas with spaces
s/,/ /g
-