SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2022-07-01 13:54 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0004427 | Endian Firewall | Network related (VPN, uplinks) | public | 2012-08-22 15:50 | 2012-10-23 12:43 | ||||||
| Reporter | luca-endian | ||||||||||
| Assigned To | |||||||||||
| Priority | normal | Severity | minor | Reproducibility | have not tried | ||||||
| Status | new | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.5 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0004427: static routing has higher priority than direct connected zones | ||||||||||
| Description | This is the ip rule output on 2.5 up to date 10: from 192.168.50.131 lookup uplink-uplink2 10: from all to 78.4.59.x/29 lookup main 10: from all to 80.18.144.x/28 lookup main 10: from all to 192.168.50.0/24 lookup main 10: from all to 192.168.1.0/24 lookup main 10: from all to 192.168.60.0/24 lookup main 199: from all fwmark 0x18/0x7f8 lookup uplink-main 199: from all fwmark 0x20/0x7f8 lookup uplink-uplink2 199: from all fwmark 0x28/0x7f8 lookup uplink-uplink1 Behavior is that packets from 192.168.50.131 green ip to other zones are routed to uplink2 :( | ||||||||||
| Tags | purple | ||||||||||
| Attached Files | |||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0008245) thomas-endian (developer) 2012-10-23 12:32 |
2.5 ARM, rule 3 and 4 cant never route to the DMZ Zone. Rule: from all to 10.0.0.0/24 lookup main must have the high priority. root@firewall:~ # ip rule show 0: from all lookup local 10: from all fwmark 0x20/0x7f8 lookup gateway-192.168.18.2 10: from 172.30.1.11 lookup gateway-192.168.18.2 10: from 172.30.1.8 lookup gateway-192.168.18.2 10: from all fwmark 0x18/0x7f8 lookup gateway-84.245.143.66 10: from all to 193.158.87.245 lookup gateway-84.245.143.66 10: from all to 193.7.141.232 lookup gateway-84.245.143.66 10: from all to 84.245.143.64/26 lookup main 10: from all to 10.0.0.0/24 lookup main 10: from all to 192.168.18.0/24 lookup main 10: from all to 194.245.0.0/16 lookup uplink-main 10: from all to 172.30.0.0/16 lookup main 199: from all fwmark 0x8/0x7f8 lookup uplink-main 199: from all fwmark 0x10/0x7f8 lookup uplink-uplink1 |
|
(0008246) thomas-endian (developer) 2012-10-23 12:43 |
I thought the problem is solved with packet efw-network-2.9.7-0.endian33.i586.rpm? |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2012-08-22 15:50 | luca-endian | New Issue | |
| 2012-08-22 15:50 | luca-endian | Tag Attached: purple | |
| 2012-10-23 12:32 | thomas-endian | Note Added: 0008245 | |
| 2012-10-23 12:43 | thomas-endian | Note Added: 0008246 | |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |