 AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | ?? Weird FW Rules Cropping UP ?? Having issues with my USG100, so after perusing my FW rules on the all to all list I see three I swear I have never seen before.
Wan to any(excluding zywall) any any deny
DMZ to any(excluding zywall) any any deny
WLAN to any(excluding zywall). any any deny
Well that didnt make sense to me as I certainly had not made those ones. In fact trying to edit them got a cli error 3 stating that is in an illegal pairing. I managed to get rid of the first one by deactivating and removing but then the router locked up on me.
Anyone else see a zone to zone rule that had any(excluding zywall) as the "to" zone....... How weird is that?
Once you get that error showing up, often one cannot reenter fw rules. Graphic provided.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
LlamaWorks Equipment |
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | .... |
|
|
|
| reply to Anav
Sounds like a default drop all rule that are inserted at the end of a filter chain.
--
"Perl is executable line noise, Python is executable pseudo-code."
|
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | Yes but I hadnt noticed them before so did they get included in the last firmware update or is my USG possessed.  |
|
| I do not know, since I only got a USG300 for office use here, we do not do support on USG, ZyXEL handles that through their local office here 
--
"Perl is executable line noise, Python is executable pseudo-code."
|
|
 HankSearching for a new FrontierPremium
join:2002-05-21
Burlington, WV
kudos:1
1 edit | reply to Anav
I do not get an error when trying to edit the rule. I will have to go back and review my data but I believe those rules have always been part of the default rules.
I checked the default rules from a 2010 jpg and they did not exist then. |
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | Try and create such a rule LOL.
There is no WAN to ANy(excluding Zywall), heck hank for that matter try to setup a WAN to all(excluding zywall rule).
I have to unplug and plug the router back in , in order to be able to access FW rules again. Reboot within the firmware was not enough. |
|
| Its it possible to interact with the iptables from the shell? |
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | Well I looked that I did. Console and CLI, and after looking at initial screens for both I thought to myself, who are you kidding you dont have the first clue on your next step LOL. |
|
| reply to Anav
A real dellama to be sure. Reading about ufw and Gufw and other iptables interfaces may provide clues. I'm sorry I can't offer any. I suspect though, that the hooks may have to be compiled in by the Linux distribution in anticipation that ufw will be used.
kirby |
|
