SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
|Anonymous | Login||2021-11-27 02:10 UTC|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003779||Endian Firewall||Firewall (iptables)||public||2011-05-19 16:15||2011-09-06 09:06|
|Target Version||Fixed in Version|
|Summary||0003779: Firewall set scripts "iptables: Resource temporarily unavailable"|
|Description||The system have about 4200 VPN rules, if we make a setvpnfw.py the script need about 60 sec for the reload (Macro X1). If we change in this time other rules, e.g. DNAT, we get an |
iptables: Resource temporarily unavailable.
Result: The DNAT rules are not in the IPtables.
Same problem in rc.netwizard.reload / rc.firewall. The VPNfw impaired the IPTABLES_HOOK_DIR=/etc/firewall/hooks.
Result: Incorrect IPtables, e.g. setxtaccess
|Tags||No tags attached.|
maybe I am wrong but did you verify this even on other systems right?
Can you confirm this?
Thanks in advance!
I verified this on the system with Thomas and to resume the issue:
When to many VPN rules (3500 for example) are in there when the scripts are restarted (example after a network configuration wizard) the script (obviously) take way TO much to execute resulting in "iptables: Resource temporarily unavailable" , this caused because when another script try to use the netfilter interface which is already in use by the script.
In my opinion , yes this is confirmed , the only thing is that the number of the systems using 3000+ rules it's not high fortunately.
|2011-05-19 16:15||thomas-endian||New Issue|
|2011-07-08 10:44||lorenzo-endian||Note Added: 0006923|
|2011-07-08 10:44||lorenzo-endian||Assigned To||=> ardit-endian|
|2011-07-08 10:44||lorenzo-endian||Status||new => feedback|
|2011-07-12 09:37||ardit-endian||Note Added: 0006951|
|2011-09-06 09:06||lorenzo-endian||Assigned To||ardit-endian => peter-endian|
|2011-09-06 09:06||lorenzo-endian||Status||feedback => confirmed|
|Copyright © 2000 - 2012 MantisBT Group|