Author Topic: 14.04 Firewall / Port forwarding  (Read 4003 times)

brononius

  • Guru
  • ****
  • Posts: 454
  • Trying to keep it simple and centralized...
    • View Profile
    • OnIrIa - linuxMCE blog
14.04 Firewall / Port forwarding
« on: June 04, 2015, 03:04:10 pm »
Is it possible that there's an issue with the port forwarding in the firewall part?
When I add a rule to forward port 10100 towards 192.168.111.100:80 , it's not being added.

It doesn't show up in my iptables either...


Code: [Select]
dcerouter_1044981:~# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  192.168.111.0/24    !192.168.111.0/24 
Version: linuxMCE 1404, running virtual on ESXi

Orbiters: ASUS eeePAD, Nexus 5, Huwai, web
Automation: EIB technology, KNX IP ROUTER 750
Phones: Cisco 7912-7940-7960
Camera's: Foscam POE

phenigma

  • LinuxMCE God
  • ****
  • Posts: 1749
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #1 on: June 05, 2015, 12:11:28 am »
Anything is possible, none of the firewall aspects have been tested in 1404 by anyone that I know of.  Alblasco is the man to speak with about any firewall issues.

J.

danr677

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #2 on: June 05, 2015, 03:24:49 am »
I think it could be a general problem, I can't add input rules (e.g. ssh ) in the firewall with the latest 2 iso images for 12.04.

phenigma

  • LinuxMCE God
  • ****
  • Posts: 1749
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #3 on: June 05, 2015, 09:30:09 am »
Shitty.  Can you make a ticket for Alblasco and reference this thread so he has some background to work with?

J.

ps.  Thanks for testing and reporting!

brononius

  • Guru
  • ****
  • Posts: 454
  • Trying to keep it simple and centralized...
    • View Profile
    • OnIrIa - linuxMCE blog
Re: 14.04 Firewall / Port forwarding
« Reply #4 on: June 05, 2015, 09:55:32 am »
Version: linuxMCE 1404, running virtual on ESXi

Orbiters: ASUS eeePAD, Nexus 5, Huwai, web
Automation: EIB technology, KNX IP ROUTER 750
Phones: Cisco 7912-7940-7960
Camera's: Foscam POE

Alblasco1702

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #5 on: July 24, 2015, 12:58:12 pm »
Bronius,

 i prepared a fix can you test it on 14.04 please?

Cheers -FR-

darkwizard864

  • Veteran
  • ***
  • Posts: 127
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #6 on: July 24, 2015, 08:29:20 pm »
still the same thing in 12.04
iptables -vnL
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
1824K 7695M BLOCKLIST  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x29
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x3F
    1  1500 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x00
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x06
    1    40 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x03/0x03
    1    40 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x11/0x01
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x37
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1
  14M   20G ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
1939M  805G ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
 412K   51M ACCEPT     udp  --  eth1   *       0.0.0.0/0            0.0.0.0/0            /* Allow_DHCP */
 107K   27M ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
 322K   43M ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0
 104K 5314K ACCEPT     all  --  eth1   *       192.168.80.0/24      0.0.0.0/0            /* Allow_Local_Network */
    0     0 REJECT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 REJECT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 REJECT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0              reject-with icmp-port-unreachable
    0     0 REJECT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0              reject-with icmp-port-unreachable

Chain FORWARD (policy DROP 0 packets, 0 bytes)

brononius

  • Guru
  • ****
  • Posts: 454
  • Trying to keep it simple and centralized...
    • View Profile
    • OnIrIa - linuxMCE blog
Re: 14.04 Firewall / Port forwarding
« Reply #7 on: August 10, 2015, 09:17:11 am »
i prepared a fix can you test it on 14.04 please?

Sorry for the late response, I was on holiday...

How can I test it for you?
Version: linuxMCE 1404, running virtual on ESXi

Orbiters: ASUS eeePAD, Nexus 5, Huwai, web
Automation: EIB technology, KNX IP ROUTER 750
Phones: Cisco 7912-7940-7960
Camera's: Foscam POE

huh

  • Guru
  • ****
  • Posts: 245
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #8 on: August 10, 2015, 04:54:09 pm »
I think Alblasco1702 got this fixed a little earlier today- advanced firewall shows correctly now on my 12.04 install and there's a pending fix available on the next update that should do the rest.  Maybe wait a few days, grab the update and watch the magic?!?

Alblasco1702

  • Regular Poster
  • **
  • Posts: 45
    • View Profile
Re: 14.04 Firewall / Port forwarding
« Reply #9 on: August 17, 2015, 04:12:27 pm »
bronius you can test it now when you update and upgrade.
the fixes should be in by now.

Cheers

-FR-