Luka1
join:2001-10-30
Index, WA
| [Kerio 2.x] Edit conf file, outside kerio ?
Is there any way to edit a .conf file, without opening it in the firewall ?
I created two rules that contain too many ports. The firewall just hangs when trying to load up. It just keeps showing the error messages for those two rules having too many ports listed, over and over and over again.
I successfully loaded an old conf file by renaming files while the firewall was not running.
But that particular conf file had gotten quite extensive and was a good personal fit. I'd like to have it back.
Only way I can see, is if I can edit that conf file somehow and remove those two rules. Then load it back up into the running firewall.
Any ideas ?
I guess I should add here that I need a free solution. Not some costly app. Thank you. |
|
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
| Here's the catch... Kerio 2.x was a superb piece of work, and knows how to defend itself... meaning that, if you change the disk copy of the rules with the firewall running, it'll check the file, at shutdown, notice it doesn't match the copy in memory, assume it's been tampered with, and overwrite it with the... same ruleset you started with. What you have to do is stop the firewall service manually, copy in the edited ruleset, then restart the firewall service or reboot... that's been discussed, before. Also, note, the rulestes are encrypted... I used to know how to decrypt and re-encrypt them, but I've pretty much encrpted that part of my brain, using the "passage of time" algorithm  --- somebody may be able to help, though. Meanwhile, best practice, I've found, is to always keep a recent backup copy on the disk. That way, you can always import and resave the backup as your default ruleset, with minimal loss... wish you luck, hope you can work something out...
--
Semper Eadem
--
Ils ont change ma chanson ma
Ils ont change ma chanson
C'est la seule chose que je peuz faire
Et ce n'est pas bon ma
Ils ont change ma chanson.
... |
|
Luka1
join:2001-10-30
Index, WA
| Thank you for the reply.
Yes, I already figured all that, out.
I could not start the firewall back up because of those two bad rules. It would get to the point where it was loading up the ruleset, then went into a forever loop, repeating the error messages for those rules, first one, then the other then back to the first, then back to the second... Etc...
The way I got my firewall back was to use msconfig to cause the firewall not to try to start on startup. Rebooted the computer.
Then with the firewall not running. I deleted the current conf file. Renamed my most recent backup to the same name as the file I just deleted...
Then started it manually. It started just fine. But man, I had a lot of work trying to catch up on the changes I'd made since that backup.
I have not gotten anywhere near being caught up.
I'd like to know how to unencrypt the file that is causing problems, edit it to remove those two rules, then re-encrypt it so I can use it again. |
|
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA | reply to Luka1
I'll see if I can locate the instructions for decryption... if so, I'll post them for you... |
|
Luka1
join:2001-10-30
Index, WA | Thank you.
 |
|
noway1
join:2004-11-29
| reply to Luka1
Start the registry editor (start)(run) enter "regedit"
Find the following key:
HKEY_LOCAL_MACHINE\Software\Kerio\Personal Firewall
Click on [edit][new]
Choose "DWORD Value"
Enter "EncrDisabled" as the name of the new key
Click on [edit][modify] and enter "1"(hex) as the value
Reboot |
|
ezdsl
join:2002-03-13
Austin, TX | The only problem with this registry change is that KPF will try to load, now assume a non-encrypted conf file, but user has encrypted conf files, right? |
|
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
| reply to Luka1
No, that's it... Kerio will decrypt the file, when it restarts, but it will also warn you that your file's not encrypted, at every start up, until you remove the key or change it to "0", then it will re-encrypt at next startup... it's not advisable, really, to run it that way as a long term thing... when you change the key back, it will re-encrypt the file. I'm not vouching for the precise methodology, I still haven't found my old notes on that specific issue, but it strikes me as the right approach.
--
Semper Eadem
--
Ils ont change ma chanson ma
Ils ont change ma chanson
C'est la seule chose que je peuz faire
Et ce n'est pas bon ma
Ils ont change ma chanson.
... |
|
ezdsl
join:2002-03-13
Austin, TX
| You're right...
I would have thought that, upon restart with the registry key set to disable encryption, and an encrypted conf file, KPF would have failed.
But, after a quick test, I see KPF handles this without a problem ... upon restart, KPF will load the encrypted conf file and save as text.
I am curious if the OP will be able to load the problematic conf file using this approach. |
|
Bill_MI
Bill In Michigan
Premium,MVM
join:2001-01-03
Royal Oak, MI
1 edit | reply to noway1
Applies to Tiny 2 too? Nope...
I was hoping it would also work in Tiny 2 (on my Win2K utility box) but substituting the key:
HKEY_LOCAL_MACHINE\SOFTWARE\TinySoftware\Tiny Personal Firewall
...didn't work.  |
|
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
| reply to ezdsl
Re: [Kerio 2.x] Edit conf file, outside kerio ?
Yes, that crossed my mind. It might be interesting to see if the firewall can be stopped, in its loop, and have decrypted the offending file at startup. Wish you luck, keep us posted...
Old Tiny, then Kerio, was pretty elegant, lightweight code, in the glory-days, by the way... one of the things I always loved about it was that you could fit it on any disk, and it worked flawlessly on machines with pathetic processor/RAM/OS combinations (I mean, think P-1 machines with 32 megs running Win95), without hogging up the system. But it didn't sacrifice functionality or stability to achieve that.
I don't remember whether we ever opened up an old Tiny conf, or not, hence I don't know how it would be accomplished, or have forgotten so long ago it's a hopeless cause... I'll have to defer that to someone else, if it can be done.
--
Semper Eadem
--
Careful the tale you tell.
That is the spell.
Children will listen.. |
|
