1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

About Me

Basic Information

Whereabouts

Country
Canada

Web Links

Connections

1 connection
  • Aaron Bylund
augustynr
augustynr
  • Karma
  • Member since
  • Thursday, 28 January 2010 01:40
  • Last online
  • 7 days ago
  • Profile views
  • 4753 views
1 week ago
augustynr replied to the topic Re:Running firewall panic mode... in the forums.
Hi Tim,
We have progress.
the process finishes but I have no access to the internet after it runs.
Any idea how to resolve it?
this is the output of the running firewall-restart -d

firewall: Starting firewall...
firewall: Loading environment
firewall: FW_MODE=gateway
firewall: WANIF=eth1
firewall: LANIF=eth0
firewall: LANIF=eth2
firewall: LANIF=eth3
firewall: SYSWATCH_WANIF=eth1
firewall: WIFIF=
firewall: BANDWIDTH_QOS=off
firewall: QOS_ENGINE=/usr/clearos/apps/qos/deploy/libqos.lua
firewall: SQUID_USER_AUTHENTICATION=off
firewall: SQUID_TRANSPARENT=on
firewall: IPSEC_SERVER=off
firewall: PPTP_SERVER=off
firewall: ONE_TO_ONE_NAT_MODE=type2
firewall: RULES=FTP||0x00000008|6|10.0.0.124|20|20
firewall: RULES=FTP||0x00000008|6|10.0.0.124|21|21
firewall: RULES=||0x10000008|6|10.0.0.108|143|143

firewall: RULES=||0x10000080|0|11.11.111.99||eth1_10.0.2.5
firewall: RULES=OpenVPN||0x10000001|17||1194|

firewall: RULES=||0x10000008|17|10.0.1.120||5060:5061
firewall: RULES=||0x10000008|6|10.0.0.124|22|22
firewall: RULES=||0x10000008|6|10.0.0.108|25|25

firewall: RULES=||0x10000008|6|10.0.0.125|3306|3306


firewall: RULES=||0x10000008|17|10.0.1.120||10000:20000
firewall: RULES=ssh_server||0x10000001|6||22|
firewall: RULES=webconfig||0x10000001|6||81|
firewall: RULES=||0x10000008|6|10.0.0.108|80|80
firewall: RULES=||0x10000008|6|10.0.0.108|443|443
firewall: FW_DROP=DROP
firewall: FW_ACCEPT=ACCEPT
firewall: IPBIN=/sbin/ip
firewall: TCBIN=/sbin/tc
firewall: MODPROBE=/sbin/modprobe
firewall: RMMOD=/sbin/rmmod
firewall: SYSCTL=/sbin/sysctl
firewall: IFCONFIG=/sbin/ifconfig
firewall: PPTP_PASSTHROUGH_FORCE=no
firewall: EGRESS_FILTERING=off
firewall: PROTOCOL_FILTERING=off
firewall: Detected WAN role for interface: eth1
firewall: Detected LAN role for interface: eth0
firewall: Detected LAN role for interface: eth2
firewall: Detected LAN role for interface: eth3
firewall: Setting kernel parameters
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh1=1024 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh2=4096 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.neigh.default.gc_thresh3=8192 >/dev/null = 0
firewall: /sbin/sysctl -w net.netfilter.nf_conntrack_max=524288 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.ip_forward=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.tcp_syncookies=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.log_martians=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.send_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.default.accept_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.default.send_redirects=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.conf.all.accept_source_route=0 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1 >/dev/null = 0
firewall: /sbin/sysctl -w net.ipv4.icmp_ignore_bogus_error_responses=1 >/dev/null = 0
firewall: Detected WAN info - eth1 11.11.111.98 on network 11.11.111.96/29
firewall: Detected LAN info - eth0 10.0.0.254 on network 10.0.0.0/24
firewall: Detected LAN info - eth2 10.0.1.1 on network 10.0.1.0/24
firewall: Detected LAN info - eth3 10.0.2.1 on network 10.0.2.0/24
firewall: Using gateway mode
firewall: Loading kernel modules
firewall: /sbin/modprobe ipt_LOG >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ipt_REJECT >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_ftp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_irc >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ppp_generic >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ppp_mppe >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_conntrack_proto_gre >/dev/null 2>&1 = 256
firewall: /sbin/modprobe ip_conntrack_pptp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ipt_IMQ >/dev/null 2>&1 = 0
firewall: Loading kernel modules for NAT
firewall: /sbin/modprobe ipt_MASQUERADE >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_ftp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_irc >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_proto_gre >/dev/null 2>&1 = 256
firewall: /sbin/modprobe ip_nat_pptp >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_h323 >/dev/null 2>&1 = 0
firewall: /sbin/modprobe ip_nat_tftp >/dev/null 2>&1 = 0
firewall: Setting default policy to DROP
firewall: Defining custom chains
firewall: iptables -t filter -A drop-lan -j DROP
firewall: Running blocked external rules
firewall: Running custom rules
firewall: Running common rules
firewall: iptables -t filter -A INPUT -m state --state INVALID -j DROP
firewall: iptables -t filter -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject- with tcp-reset
firewall: iptables -t filter -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
firewall: iptables -t filter -A INPUT -i eth1 -s 127.0.0.0/8 -j DROP
firewall: iptables -t filter -A INPUT -i eth1 -s 169.254.0.0/16 -j DROP
firewall: iptables -t filter -A INPUT -i lo -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o lo -j ACCEPT
firewall: iptables -t filter -A INPUT -i pptp+ -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o pptp+ -j ACCEPT
firewall: iptables -t filter -A INPUT -i tun+ -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o tun+ -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth0 -j ACCEPT

firewall: iptables -t filter -A OUTPUT -o eth0 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth2 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eth2 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth3 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eth3 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p icmp --icmp-type 0 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p icmp --icmp-type 3 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p icmp --icmp-type 8 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p icmp --icmp-type 11 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eth1 -p icmp -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p udp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p tcp --dport bootpc --sport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eth1 -p udp --sport bootpc --dport bootps -j ACCEPT
firewall: iptables -t filter -A OUTPUT -o eth1 -p tcp --sport bootpc --dport bootps -j ACCEPT
firewall: Running incoming denied rules
firewall: Running user-defined incoming rules
firewall: Allowing incoming udp port/range 1194
firewall: iptables -t filter -A INPUT -p 17 -d 11.11.111.98 --dport 1194 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -p 17 -o eth1 -s 11.11.111.98 --sport 1194 -j ACCEPT
firewall: Allowing incoming tcp port/range 22
firewall: iptables -t filter -A INPUT -p 6 -d 11.11.111.98 --dport 22 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -p 6 -o eth1 -s 11.11.111.98 --sport 22 -j ACCEPT
firewall: Allowing incoming tcp port/range 81
firewall: iptables -t filter -A INPUT -p 6 -d 11.11.111.98 --dport 81 -j ACCEPT
firewall: iptables -t filter -A OUTPUT -p 6 -o eth1 -s 11.11.111.98 --sport 81 -j ACCEPT



firewall: iptables -t nat -A POSTROUTING -o tun+ -j ACCEPT
firewall: Running default incoming allowed rules

firewall: iptables -t filter -A OUTPUT -o eth1 -j ACCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j A CCEPT
firewall: iptables -t filter -A INPUT -i eth1 -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j A CCEPT
firewall: Running user-defined port forward rules
firewall: Port forwarding tcp 143 to 10.0.0.108 143
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 143 -j DNAT --to 10.0.0.108:143
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.0.0/255.255.255.0 --dport 143 -j SNAT --to 10 .0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.108 --dport 143 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.1.0/255.255.255.0 --dport 143 -j SNAT --to 10 .0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.108 --dport 143 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.2.0/255.255.255.0 --dport 143 -j SNAT --to 10 .0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.108 --dport 143 -j ACCEPT
firewall: Port forwarding udp 5060:5061 to 10.0.1.120
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 17 --dport 5060:5061 -j DNAT --to 10.0.1.120
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.0.0/255.255.255.0 --dport 5060:5061 -j SNAT --to 10.0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 17 -d 10.0.1.120 --dport 5060:5061 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.1.0/255.255.255.0 --dport 5060:5061 -j SNAT --to 10.0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 17 -d 10.0.1.120 --dport 5060:5061 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.2.0/255.255.255.0 --dport 5060:5061 -j SNAT --to 10.0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 17 -d 10.0.1.120 --dport 5060:5061 -j ACCEPT
firewall: Port forwarding tcp 22 to 10.0.0.124 22
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 22 -j DNAT --to 10.0.0.124:22
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.124 -p 6 -s 10.0.0.0/255.255.255.0 --dport 22 -j SNAT --to 10. 0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.124 --dport 22 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.124 -p 6 -s 10.0.1.0/255.255.255.0 --dport 22 -j SNAT --to 10. 0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.124 --dport 22 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.124 -p 6 -s 10.0.2.0/255.255.255.0 --dport 22 -j SNAT --to 10. 0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.124 --dport 22 -j ACCEPT
firewall: Port forwarding tcp 25 to 10.0.0.108 25
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 25 -j DNAT --to 10.0.0.108:25
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.0.0/255.255.255.0 --dport 25 -j SNAT --to 10. 0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.108 --dport 25 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.1.0/255.255.255.0 --dport 25 -j SNAT --to 10. 0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.108 --dport 25 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.2.0/255.255.255.0 --dport 25 -j SNAT --to 10. 0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.108 --dport 25 -j ACCEPT
firewall: Port forwarding tcp 3306 to 10.0.0.125 3306
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 3306 -j DNAT --to 10.0.0.125:3306
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.125 -p 6 -s 10.0.0.0/255.255.255.0 --dport 3306 -j SNAT --to 1 0.0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.125 --dport 3306 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.125 -p 6 -s 10.0.1.0/255.255.255.0 --dport 3306 -j SNAT --to 1 0.0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.125 --dport 3306 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.125 -p 6 -s 10.0.2.0/255.255.255.0 --dport 3306 -j SNAT --to 1 0.0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.125 --dport 3306 -j ACCEPT
firewall: Port forwarding udp 10000:20000 to 10.0.1.120
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 17 --dport 10000:20000 -j DNAT --to 10.0.1.120
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.0.0/255.255.255.0 --dport 10000:20000 -j SNA T --to 10.0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 17 -d 10.0.1.120 --dport 10000:20000 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.1.0/255.255.255.0 --dport 10000:20000 -j SNA T --to 10.0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 17 -d 10.0.1.120 --dport 10000:20000 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.1.120 -p 17 -s 10.0.2.0/255.255.255.0 --dport 10000:20000 -j SNA T --to 10.0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 17 -d 10.0.1.120 --dport 10000:20000 -j ACCEPT
firewall: Port forwarding tcp 80 to 10.0.0.108 80
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 80 -j DNAT --to 10.0.0.108:80
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.0.0/255.255.255.0 --dport 80 -j SNAT --to 10. 0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.108 --dport 80 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.1.0/255.255.255.0 --dport 80 -j SNAT --to 10. 0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.108 --dport 80 -j ACCEPT

firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.2.0/255.255.255.0 --dport 80 -j SNAT --to 10. 0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.108 --dport 80 -j ACCEPT
firewall: Port forwarding tcp 443 to 10.0.0.108 443
firewall: iptables -t nat -A PREROUTING -d 11.11.111.98 -p 6 --dport 443 -j DNAT --to 10.0.0.108:443
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.0.0/255.255.255.0 --dport 443 -j SNAT --to 10 .0.0.254
firewall: iptables -t filter -A FORWARD -o eth0 -p 6 -d 10.0.0.108 --dport 443 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.1.0/255.255.255.0 --dport 443 -j SNAT --to 10 .0.1.1
firewall: iptables -t filter -A FORWARD -o eth2 -p 6 -d 10.0.0.108 --dport 443 -j ACCEPT
firewall: iptables -t nat -A POSTROUTING -d 10.0.0.108 -p 6 -s 10.0.2.0/255.255.255.0 --dport 443 -j SNAT --to 10 .0.2.1
firewall: iptables -t filter -A FORWARD -o eth3 -p 6 -d 10.0.0.108 --dport 443 -j ACCEPT
firewall: /sbin/rmmod imq 2>/dev/null = 256
firewall: /sbin/tc qdisc del dev eth1 root >/dev/null 2>&1 = 512
firewall: Running external QoS bandwidth manager
firewall: Auto-r2q for minimum rate 2520: 209 (quantum: 1507.1770334928)
firewall: Auto-r2q for minimum rate 2520: 209 (quantum: 1507.1770334928)
firewall: /sbin/ip link set dev eth1 qlen 30 = 0
firewall: /sbin/tc qdisc add dev eth1 root handle 1: htb default 16 r2q 209 = 0
firewall: /sbin/tc class add dev eth1 parent 1: classid 1:1 htb rate 18000kbit = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:10 htb rate 2700kbit ceil 18000kbit prio 0 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:11 htb rate 2700kbit ceil 7200kbit prio 1 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:11 handle 11: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:12 htb rate 2520kbit ceil 15480kbit prio 2 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:12 handle 12: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:13 htb rate 2520kbit ceil 16740kbit prio 3 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:13 handle 13: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:14 htb rate 2520kbit ceil 15300kbit prio 4 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:14 handle 14: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 14 fw flowid 1:14 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:15 htb rate 2520kbit ceil 14400kbit prio 5 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:15 handle 15: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 15 fw flowid 1:15 = 0
firewall: /sbin/tc class add dev eth1 parent 1:1 classid 1:16 htb rate 2520kbit ceil 11160kbit prio 6 = 0
firewall: /sbin/tc qdisc add dev eth1 parent 1:16 handle 16: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev eth1 parent 1:0 prio 0 protocol ip handle 16 fw flowid 1:16 = 0
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 8008 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --dport 53 -j MARK --set-mark 10
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 2121 -j MARK --set-mark 13
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 21 -j MARK --set-mark 13
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --dport 443 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 443 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --dport 80 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 80 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 143 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 995 -j MARK --set-mark 13
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 110 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 993 -j MARK --set-mark 13
firewall: iptables -t mangle -A BWQOS_UP_eth1 -s10.0.1.120 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 1723 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 3389 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --sport 554 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 873 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --sport 5060 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --sport 5061 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 25 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 22 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 8080 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 23 -j MARK --set-mark 13
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --sport 51413 -j MARK --set-mark 15
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp --sport 1755 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp --sport 81 -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p icmp -j MARK --set-mark 10
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p udp -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_UP_eth1 -p tcp -m length --length :64 -j MARK --set-mark 11
firewall: iptables -t mangle -I POSTROUTING -o eth1 -j BWQOS_UP_eth1
firewall: /sbin/modprobe imq numdevs=1 = 0
firewall: /sbin/ip link set imq0 up = 0
firewall: /sbin/tc qdisc add dev imq0 root handle 1: htb default 16 r2q 209 = 0
firewall: /sbin/tc class add dev imq0 parent 1: classid 1:1 htb rate 18000kbit = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:10 htb rate 2700kbit ceil 18000kbit prio 0 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:10 handle 10: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:11 htb rate 2700kbit ceil 10080kbit prio 1 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:11 handle 11: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:12 htb rate 2520kbit ceil 18000kbit prio 2 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:12 handle 12: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:13 htb rate 2520kbit ceil 18000kbit prio 3 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:13 handle 13: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:14 htb rate 2520kbit ceil 18000kbit prio 4 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:14 handle 14: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 14 fw flowid 1:14 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:15 htb rate 2520kbit ceil 18000kbit prio 5 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:15 handle 15: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 15 fw flowid 1:15 = 0
firewall: /sbin/tc class add dev imq0 parent 1:1 classid 1:16 htb rate 2520kbit ceil 9180kbit prio 6 = 0
firewall: /sbin/tc qdisc add dev imq0 parent 1:16 handle 16: sfq perturb 10 = 0
firewall: /sbin/tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 16 fw flowid 1:16 = 0
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p udp --sport 19305 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p tcp --sport 80 -j MARK --set-mark 14
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p udp -d 192.168.199.190 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p icmp -j MARK --set-mark 10
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p udp -j MARK --set-mark 12
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -p tcp -m length --length :64 -j MARK --set-mark 11
firewall: iptables -t mangle -A BWQOS_DOWN_eth1 -j IMQ --todev 0
firewall: iptables -t mangle -I PREROUTING -i eth1 -j BWQOS_DOWN_eth1
firewall: Running 1-to-1 NAT rules
firewall: Resetting 1-to-1 NAT alias: eth1:200
firewall: /sbin/ifconfig eth1:200 down 2>/dev/null = 0
firewall: Creating alias IP address for 1-to-1 NAT: 11.11.111.99
firewall: /sbin/ifconfig eth1:200 11.11.111.99 netmask 255.255.255.248 up = 0
firewall: Enabling 1:1 NAT eth1 10.0.2.5 - 11.11.111.99
firewall: iptables -t nat -A PREROUTING -d 11.11.111.99 -j DNAT --to 10.0.2.5
firewall: iptables -t nat -A POSTROUTING -s 10.0.2.5 -j SNAT --to 11.11.111.99
firewall: iptables -t nat -A POSTROUTING -s 10.0.0.0/255.255.255.0 -d 10.0.2.5 -j SNAT --to 10.0.0.254
firewall: iptables -t nat -A POSTROUTING -s 10.0.1.0/255.255.255.0 -d 10.0.2.5 -j SNAT --to 10.0.1.1
firewall: iptables -t nat -A POSTROUTING -s 10.0.2.0/255.255.255.0 -d 10.0.2.5 -j SNAT --to 10.0.2.1
firewall: iptables -t filter -A FORWARD -i eth1 -d 10.0.2.5 -j ACCEPT
firewall: Running user-defined proxy rules
firewall: Content filter is offline
firewall: Web proxy is offline
firewall: Running multipath
firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del prio ${PRIO%%:*} 2>/dev/null; done = 0
firewall: /sbin/ip rule | grep -Ev '(local|main|default)' | while read PRIO RULE; do /sbin/ip rule del $RULE prio ${PRIO%%:*} 2>/dev/null; done = 0
firewall: /sbin/ip route flush table 50 = 0
firewall: /sbin/ip route flush cache = 0
firewall: Enabling NAT on WAN interface eth1
firewall: iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
firewall: Running user-defined outgoing block rules
firewall: Running default forwarding rules
firewall: iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
firewall: iptables -t filter -A FORWARD -i eth0 -j ACCEPT
firewall: iptables -t filter -A FORWARD -i eth2 -j ACCEPT
firewall: iptables -t filter -A FORWARD -i eth3 -j ACCEPT
firewall: iptables -t filter -A FORWARD -i pptp+ -j ACCEPT
firewall: iptables -t filter -A FORWARD -i tun+ -j ACCEPT
firewall: Execution time: 0.959s
Sep 11
2 weeks ago
augustynr replied to the topic Re:Running firewall panic mode... in the forums.
It seems to be railing on:
for i, rate in pairs(rate_up_res["*"]) do
which I believe is created by:
rate_up_res = InitializeBandwidthReserved(rate_up, rate_up_res)

How can I add some type of debugging into it?
Sep 05

Wall

No wall post to show

My Forum Updates

Groups

Here is a short listing of the groups that the user has registered in.

Help Support ClearFoundation

Online Users

10 users and 9061 guests online

ClearBOX