In <list-9310913@2rosenthals.com>, on 03/16/24
    at 11:35 AM, "Massimo S." <ecs-isp@2rosenthals.com> said:

Hi Massimo,

this is a very old post nov. 2022

That's for sure. :-)

i created the rule (using FW gui), reloaded the fw rules, all ok at the
reboot of the firewall server (early in the morning i scheduled a reboot)
Injoy stop completely to work and the firewall "close" all communications
so that you can't connect anymore with the remote console to fix the
issue

Oops.

i repeat that i created the rule using FW gui, so there can't be an space
or a bad char in firerule.cnf

This is irrelevant.  The GUI cannot totally prevent you from creating
rules that will not work.

Injoy don't show any error in firewall.log

In my experience, firewall.log is good at detecting and reporting syntax
errors, but it's not as good at detecting and reporting semantic errros.

while i get in activity.log
this:

Fatal: failed to send packet (32799 - 0)

This is from

gateway\fxio.c:429
    rc = FX_Ether_Send(hPipe, packet, len, &ulBytes, pppoe);
    if (rc)
       syslog(TRACE_FATAL, "failed to send packet (%d - %d)", rc, ulBytes);

and

   #define ERROR_LONGLOCK                  32799

This implies that fxwrap.sys is stuck for some as yet unknown reason and
this cause the underlying DosWrite to fail with ERROR_LONGLOCK.

that's a mistery to me
any idea?

Did the failure presist when you forced a reboot?

How did you recover from the failure?

Did you forget to include a copy of the problematic rule in your message?

Have you checked if the recently announced ijfw 4.2.3 release has any
effect on his failure?