Mantis - ISSUES

0003089: SMTP, POP3 proxy and IDS counters not updated correctly

When leaving the GUI open in a browser the counters are not reset properly after 24 hours and numbers keep adding up.

Only a full refresh of the page shows the correct numbers again.

0003088: mail routing changes are not applied

Seems that the button "save changes and restart" doesn't trig the smtp proxy restart so the changes are not really applied.

0002852: Dell R210 server with Broadcom's BCM5716 network chipset not detecting

When trying to install, it appears that the interfaces on a Dell R210 are not detecting. I did some research and found this:

http://blog.akkaya.de/jpabel/2010/01/22/NetXtreme-II-BCM5716-on-Ubuntu-8-04 [^]

Could someone create a fix for this?

0003087: squid hard disk cache can't be zero

The user can set Cache size on harddisk (MB) * to 0 resulting in a FATAL: storeAufsDirParse error causing the termination of Squid cache.

From restartproxy.py:

init_cache_dir /var/spool/squid... /etc/init.d/squid: line 55: 512 Aborted $SQUID -z -F -D >>/var/log/squid/squid.out 2>&1
Starting squid: /etc/init.d/squid: line 54: 514 Aborted $SQUID $SQUID_OPTS >>/var/log/squid/squid.out 2>& [FAILED]

Log from: /var/log/squid/squid.out

FATAL: storeAufsDirParse: invalid size value
Squid Cache (Version 2.6.STABLE22): Terminated abnormally.

0003083: ncsa proxy password change doesn't work

The page is completely spoiled and doesn't work, you always get "Username does not exist"

See the screen shot.

0003082: Services, QoS, Rules, always shows high priority even if you select meduim or low.

after applying rules on QoS, like high priority for an ip, after applying if you go back to check it shows high priority, but medium or what ever you have selected will be applied.

0002943: After upgrade 2.3 to 2.4 , network statistics are not displayed

After a upgrade of 2.3 to a 2.4 , with efw-upgrade (community version) the old statistics on network traffic graphs aren't displayed. The new graphs (new statistics) are also not appear.

thx
KR

0003081: Endian Firewall sends icmp redirects

The following configuration causes the Endian to send icmp-redirects:
1. traffic enters the Endian Firewall from networ A
2. the Endians default gateway G is located in network A
3. the traffic is destined to network B behind gateway W

This is bad because
1. if icmp redirects are accepted, the Endian Firewall is bypassed for the affected traffic.
a) Meaning that the affected traffic is longer being inspected.
b) Meaning that in case the Endian is used for IP-masquerading (NAT), the affected traffic is no longer being NATed, interrupting connectivity.
2. icmp redirects are not always honored by the client meaning traffic patterns become somewhat unpredictable.

0002709: sometimes if uplink reconnects connections remain in connection tracking table with old information causing the service to stop

We have an 3CX VoIP PBX that registers VoIP-Provider using standard SIP. This works correctly. When the RED-interface get a new IP from dsl-provider after reconnect, the voip-provider can not be registered by the pbx.

A wireshark capture on the server shows that the packets by the pbx are correctly, but on the endian we can not see any incoming answer.

We tried different setups, one xen-based environment, one virtualbox environment and also a pysical environment.

This problem only occurs with the endian. Other Firewalls and Router does not have this problem.

Please help and thanks for effort.

0003077: Sometimes the browser return a loop error

See the screenshot.

It happened at least 3 times with different test system firefox and chrome.

With some sort of restart it disappeared but...

0003076: Login page is not available

Customer claims that the hotspot login page is not available.. :(

The error is attached.

(this is the Studentato/Dormitorio customer Macro X1 with about 200 hotspot users)

0003075: Could not install endian 2.4 on HP DL360 G5

Hello

I try to install endian 2.4 on HP DL360G5

I did

mknod -m 660 /dev/cciss/c0d01 b 104 1
mknod -m 660 /dev/cciss/c0d02 b 104 2
mknod -m 660 /dev/cciss/c0d03 b 104 3
mknod -m 660 /dev/cciss/c0d04 b 104 4
mknod -m 660 /dev/cciss/c0d05 b 104 5

installation done successfully
but when server start it has panic!!!

is there any solution?

0002667: IDS is not starting if after disable an enable it again

First time we start IPS/Snort it would be started and shows correct at the dashboard with status ON.

Now we disable Snort and it would be stop and shows a correct status OFF at dashboard.

Now we enable Snort once again. We doesn´t see if it starts or not. Also the status at dashboard still shows OFF. Pressing save and restart button doesn´t change anything.

Also after reenabling Snort the "Automatically fetch SNORT rules" is disabled.

If we enable "Automatically fetch SNORT rules" and do a "save and restart" the gui shows a message that snort would be starting.

Now the status at dashboard is ON.

So i think there would be something wrong within the scripts for starting snort.

0003065: Unable to activate SSH Access from GUI

On a fresh installation i was not able to activate SSH access from the gui

0001716: Auto blocking IP based on SNORT logs

An optional module which
1/monitors the SNORT log,
and can take action when it detects certain violations (like a portscan, or a very critical alert/attack is happening)
by automatically blocking (thus adapting the firewall rules) the abusive IP address or even complete CDIR block

2/Add to that the ability (an extra option) to easily enter a list of CIDR to be blocked proactively (in an easier way then creating firewall rules for every few CDIR blocks)

the 2nd option comes from the need by a lot of people to be able to quickly block e.g. the China, Korean, Nigerian CDIR blocks from a source like this (http://www.okean.com/sinokoreacidr.txt) [^]

it would be great added feature making EFW an even stronger firewall

I would appreciate the feedback on how this feature request will be received/considered

thanks

0003061: Proxy not block all category selected

hello
Dansguardian does not block the categories selected in the gui
content filtering does not appear in the updated version 2.4
Is there a procedure to update the blacklists dansguardian?
thanks

The category blocked ara sex , ads. Stop

Thanks

0002998: Static Routes doesn´t work

I configured a static route at the gui but it doesn´t work.

Also a route print doesn´t show the entry

If i do a manual route add it works perfect.

route add -net 10.48.248.0/24 gw 10.48.16.9

Also i doesn´t understand why the same entry automatically at policy routing is created that i configured at static routes in the gui.

0003060: AD authentication doesn't work

Using same parameters (working) used in 2.2 and 2.3 release for AD auth, the proxy simply doesn't work! The browser doesn't ask me login form and displays ACCESS DENIED message for the requested URL, saying also:"Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. "

0003059: spam admin wrong syntax

Jul 12 00:06:19 efw-xx-xx amavis[26286]: (26286-06) (!)SEND via SMTP: postmaster@efw-xx-xx.localdomain -> <luca@xx.com>,ENVID=AM..201007
11T220619Z@efw-xx-xx.localdomain 501 5.1.7 Failed, id=26286-06, from MTA([127.0.0.1]:10025): 501 5.1.7 Bad sender address syntax
Jul 12 00:06:19 efw-xx-xx amavis[26286]: (26286-06) (!)FAILED to notify admin: 501 5.1.7 Failed, id=26286-06, from MTA([127.0.0.1]:10025): 501 5.1.7 B
ad sender address syntax

0003057: Port forwarding / Destination NAT rules do not get applied

When trying to add a new Port forwarding / Destination NAT rule, the green apply bubble appears with the following message:

Port forwarding / Destination NAT rules have been changed and need to be applied in order to make the changes active

After pressing the button, the orange bubble, with the "rules have been applied" appears with the green one below and the rules do not take effect. You must restart the EFW so the rules get applied, and the green bubble does not appear until you add another rule.

0002953: Kernel Panic during installation in a VM

I tryed to install Endian in some VM's

Virutal Box 3.2.0
"Kernel panic - not syncing : Fatal exception in interrupt"

and on

VirtualPC 6.0.156.0
"Kernel panic - not syncing : Attempted to kill the idle task"

0003017: Disk usage section in the Status Information GUI needs some work

Lay-out of disk usage needs to be improved.
Columns are not straight under each other.
Also some elements have a bar graph and others do not.

The numbers for size and free+used do not add up. Free+used is always less than size.

0003041: Can't connect to firewall using IPSEC Road Warrior

When I try to connect to the firewall from windows 7 64 bit, the system log throws out this message "System - 2010-07-02 16:06:30 - pluto (30209) | no connection found" 3 times, and I get error 809 (Could not connect) on the windows VPN client

The firewall shows the IPSEC service as running, and I've rebooted several times. I can port forward and connect to other services in the network through the firewall.

I've tried both a PSK and a Certificate based connection, both have the same error.

I really would like to get this working, any help is appreciated.

0002641: SMTP Proxy not responding from external

i setup a smtp proxy configuration with red active. but a telnet to port 25 to red doesn´t work. absolutly no resonse. i checked again and again.

only solution to get the smtp proxy to accept mails from outside is to add a system access rule from any to red on port 25.

now all works fine.

could it be the the system rules are buggy.
show attached image

0003053: Problems when editing or adding hosts

After upgrading from 2.2 and 2.3 to 2.4, we detected that when you tried to edit or add a host in Network -> Edit Hosts, the system lets you input the information for the host, or edit the information, but after you press "update", the hosts table looses the IP information of all hosts. Example:

1. Original Table

IP Hostname Domain
192.168.0.1 example domain.com

After pressing "update"

2. Table looses information

IP Hostname Domain
example domain.com

We have already tried in two different installs, one upgraded from 2.2 to 2.4 and the second one from 2.3 to 2.4