SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0004427: static routing has higher priority than direct connected zones - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0004427Endian FirewallNetwork related (VPN, uplinks)public2012-08-22 15:502012-10-23 12:43
Reporterluca-endian 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusnewResolutionopen 
PlatformOSOS Version
Product Version2.5 
Target VersionFixed in Version 
Summary0004427: static routing has higher priority than direct connected zones
DescriptionThis is the ip rule output on 2.5 up to date

10: from 192.168.50.131 lookup uplink-uplink2
10: from all to 78.4.59.x/29 lookup main
10: from all to 80.18.144.x/28 lookup main
10: from all to 192.168.50.0/24 lookup main
10: from all to 192.168.1.0/24 lookup main
10: from all to 192.168.60.0/24 lookup main
199: from all fwmark 0x18/0x7f8 lookup uplink-main
199: from all fwmark 0x20/0x7f8 lookup uplink-uplink2
199: from all fwmark 0x28/0x7f8 lookup uplink-uplink1

Behavior is that packets from 192.168.50.131 green ip to other zones are routed to uplink2 :(
Tagspurple
Attached Files

- Relationships

-  Notes
(0008245)
thomas-endian (developer)
2012-10-23 12:32

2.5 ARM, rule 3 and 4 cant never route to the DMZ Zone.

Rule: from all to 10.0.0.0/24 lookup main
must have the high priority.

root@firewall:~ # ip rule show
0: from all lookup local
10: from all fwmark 0x20/0x7f8 lookup gateway-192.168.18.2
10: from 172.30.1.11 lookup gateway-192.168.18.2
10: from 172.30.1.8 lookup gateway-192.168.18.2
10: from all fwmark 0x18/0x7f8 lookup gateway-84.245.143.66
10: from all to 193.158.87.245 lookup gateway-84.245.143.66
10: from all to 193.7.141.232 lookup gateway-84.245.143.66
10: from all to 84.245.143.64/26 lookup main
10: from all to 10.0.0.0/24 lookup main
10: from all to 192.168.18.0/24 lookup main
10: from all to 194.245.0.0/16 lookup uplink-main
10: from all to 172.30.0.0/16 lookup main
199: from all fwmark 0x8/0x7f8 lookup uplink-main
199: from all fwmark 0x10/0x7f8 lookup uplink-uplink1
(0008246)
thomas-endian (developer)
2012-10-23 12:43

I thought the problem is solved with packet efw-network-2.9.7-0.endian33.i586.rpm?

- Issue History
Date Modified Username Field Change
2012-08-22 15:50 luca-endian New Issue
2012-08-22 15:50 luca-endian Tag Attached: purple
2012-10-23 12:32 thomas-endian Note Added: 0008245
2012-10-23 12:43 thomas-endian Note Added: 0008246

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker