ClearFoundation Tracker - ClearOS | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0000679 | ClearOS | app-firewall - Firewall | public | 2012-07-11 11:00 | 2012-08-02 19:03 |
| Reporter | dsokoloski | ||||
| Assigned To | dsokoloski | ||||
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | OS | OS Version | |||
| Product Version | 6.2.x | ||||
| Target Version | 6.3.0 | Fixed in Version | 6.3.0 | ||
| Summary | 0000679: MultiWAN Default Routing Required | ||||
| Description | It appears in ClearOS 6.x that default routing rules should be created regardless if syswatch has marked the external interface as off-line. Failure to do so results in an eventual total loss of connectivity if each external interface inevitably fails it's ping tests. | ||||
| Steps To Reproduce | For a dual-WAN set-up: - Edit /etc/syswatch, add two custom ping servers that you can control and restart syswatch. - On the ping servers, add a blocking firewall rule that blocks pings from one of the external interfaces addresses, causing syswatch to mark that interface off-line. The firewall will be restarted by syswatch and all MultiWAN routing will be removed. - Remove the blocking firewall rule so the host can now ping the servers. - It would be expected that syswatch can now contact both ping servers and the MultiWAN environment would be restored. However this will never happen. ICMP pings/replies will be seen on the off-line interface, but for some reason (which is not due to any local firewall rules), the kernel discards them and user-land never sees them. - If you block the second IP address on the ping servers, the same events occur and now the system is totally off-line and will never recover. | ||||
| Additional Information | Experimental fix in SVN r4442. | ||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2012-07-11 11:00 | dsokoloski | New Issue | |||
| 2012-07-11 11:00 | dsokoloski | Status | new => assigned | ||
| 2012-07-11 11:00 | dsokoloski | Assigned To | => dsokoloski | ||
| 2012-07-11 11:02 | dsokoloski | Status | assigned => confirmed | ||
| 2012-07-11 11:02 | dsokoloski | Additional Information Updated | bug_revision_view_page.php?rev_id=10#r10 | ||
| 2012-07-19 13:41 | user2 | Status | confirmed => resolved | ||
| 2012-07-19 13:41 | user2 | Fixed in Version | => 6.3.0 Updates | ||
| 2012-07-19 13:41 | user2 | Resolution | open => fixed | ||
| 2012-08-01 04:55 | user2 | Target Version | 6.3.0 Updates => 6.3.0 | ||
| 2012-08-01 04:56 | user2 | Fixed in Version | 6.3.0 Updates => 6.3.0 | ||
| 2012-08-02 19:03 | user2 | Status | resolved => closed | ||
| There are no notes attached to this issue. |