From: "Massimo S." Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 9315223 for ecs-isp@2rosenthals.com; Sun, 17 Mar 2024 14:51:01 -0400 Received: from [192.168.200.201] (port=39303 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.96) (envelope-from ) id 1rlvas-0007SB-1x for ecs-isp@2rosenthals.com; Sun, 17 Mar 2024 14:50:51 -0400 Received: from mail2.quasarbbs.net ([80.86.52.115]:10024) by mail2.2rosenthals.com with esmtp (Exim 4.96) (envelope-from ) id 1rlvan-00053y-32 for ecs-isp@2rosenthals.com; Sun, 17 Mar 2024 14:50:47 -0400 X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000, BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000, NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.3.17.182419 X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000, BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000, NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, __ANY_URI 0.000000, __AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.3.17.182419 Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v 2.87-0011) for ; Sun, 17 Mar 2024 19:50:48 -0000 Reply-To: ml@ecomstation.it Subject: Re: [eCS-ISP] help about an Injoy FW rule To: eCS ISP Mailing List References: Organization: eComStation dot it Message-ID: <27eb39ab-e184-bb06-0ce3-e4cc103b535f@ecomstation.it> Date: Sun, 17 Mar 2024 19:50:37 +0100 User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424 Thunderbird/1.0.8 Mnenhy/0.7.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: it-IT Content-Transfer-Encoding: 7bit Il 16/03/2024 20:40, Steven Levine ha scritto: > In , on 03/16/24 > at 11:35 AM, "Massimo S." said: > > Hi Massimo, > >> this is a very old post nov. 2022 > > That's for sure. :-) > >> i created the rule (using FW gui), reloaded the fw rules, all ok at the >> reboot of the firewall server (early in the morning i scheduled a reboot) >> Injoy stop completely to work and the firewall "close" all communications >> so that you can't connect anymore with the remote console to fix the >> issue > > Oops. > >> i repeat that i created the rule using FW gui, so there can't be an space >> or a bad char in firerule.cnf > > This is irrelevant. The GUI cannot totally prevent you from creating > rules that will not work. > >> Injoy don't show any error in firewall.log > > In my experience, firewall.log is good at detecting and reporting syntax > errors, but it's not as good at detecting and reporting semantic errros. > >> while i get in activity.log >> this: > >> Fatal: failed to send packet (32799 - 0) > > This is from > > gateway\fxio.c:429 > rc = FX_Ether_Send(hPipe, packet, len, &ulBytes, pppoe); > if (rc) > syslog(TRACE_FATAL, "failed to send packet (%d - %d)", rc, ulBytes); > > and > > #define ERROR_LONGLOCK 32799 > > This implies that fxwrap.sys is stuck for some as yet unknown reason and > this cause the underlying DosWrite to fail with ERROR_LONGLOCK. > >> that's a mistery to me >> any idea? > > Did the failure presist when you forced a reboot? the firewall in that condition do not reach the internet so each 30 minutes the fault daemon gives a reboot > How did you recover from the failure? i have a 2 minutes delay at boot before gateway.exe is being started this let me connect to the remote fw server rename gateway.exe so that it do not start and recover firerule.cnf from the bkup > Did you forget to include a copy of the problematic rule in your message? assist_rem_srv6_in Destination-Port = "55000", Source = "1.2.3.4", Destination = "My_IP", Rule-Action = Portmap, Mapping-Dest-IP = "192.168.1.8", Mapping-Dest-Port = 3389 assist_rem_srv6_out Rule-Status = Disabled Source-Port = "3389", Source = "192.168.1.8", Rule-Action = Portmap, Mapping-Dest-Port = 65488 ext_m_in Destination-Port = "55000", Source = "1.2.3.5", Source-Netmask = 255.255.255.254, Destination = "My_IP", Rule-Action = Portmap, Mapping-Dest-IP = "192.168.1.8", Mapping-Dest-Port = 3389 ext_m_out Source-Port = "3389", Source = "192.168.1.8", Rule-Action = Portmap, Mapping-Dest-Port = 55000 i guess the issue that create problems is the one "assist_rem_srv6_in" > Have you checked if the recently announced ijfw 4.2.3 release has any > effect on his failure? still not massimo