Forums

Subscribe via email Subscribe via email
Subscribe via rss
Guest
or Ask a Question
Add a reply View Replies (10) →
Pierfrancesco Toninato
Pierfrancesco Toninato
Offline

The firewall does not act as a gateway every now and then

Resolved
0 votes
Goodmorning everyone,
I have a small problem on an installation, everything works perfectly but almost every morning the internet does not work, I restart the firewall and everything works again. Note that when it does not share the internet connection I can still access the console
In Firewall
Monday, December 23 2019, 10:08 AM
Subscribe via email
Share this post:
Responses (10)

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Monday, December 30 2019, 10:54 AM - #Permalink
    Resolved
    0 votes
    You can't do that. Just try selecting a different kernel during boot up. You have 5 installed.
    The reply is currently minimized Show

  • Accepted Answer

    Pierfrancesco Toninato
    Pierfrancesco Toninato
    Offline
    Monday, December 30 2019, 07:26 AM - #Permalink
    Resolved
    0 votes
    on another firewall, installed 2 weeks ago, I have the same problem, can I copy the kernel from another firewall and restart it?
    The reply is currently minimized Show

  • Accepted Answer

    Patrick de Brabander
    Patrick de Brabander
    Offline
    Friday, December 27 2019, 08:27 AM - #Permalink
    Resolved
    0 votes
    You can choose a kernel during boot process
    When you start the server you will see for a few second the boot menu.
    Choose by scrolling down the kernel version you like to boot.
    The reply is currently minimized Show

  • Accepted Answer

    Pierfrancesco Toninato
    Pierfrancesco Toninato
    Offline
    Friday, December 27 2019, 07:34 AM - #Permalink
    Resolved
    0 votes
    On ./boot/grub2/ i have found two backup of grub.cfg, the first one use the old kernel, can i use this cfg file?
    The reply is currently minimized Show

  • Accepted Answer

    Pierfrancesco Toninato
    Pierfrancesco Toninato
    Offline
    Friday, December 27 2019, 07:24 AM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Which kernel are you running with at the moment:
    uname -r
    If it is kernel-3.10.0-1062.9.1.el7, you could consider rebooting to an older one. Which do you have installed:
    rpm -qa | grep ^kernel-3 | sort


    The kernel version is 3.10.0-1062.9.1.el7.x86_64

    How to reboot with an old kernel? The old one for me is: 3.10.0-862.11.6.v7.x86_64

    The other kernel was:
    kernel-3.10.0-1062.4.3.el7.x86_64
    kernel-3.10.0-1062.9.1.el7.x86_64
    kernel-3.10.0-862.11.6.v7.x86_64
    kernel-3.10.0-957.10.1.v7.x86_64
    kernel-3.10.0-957.21.3.v7.x86_64

    P.s. Thank you Nick
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Tuesday, December 24 2019, 11:45 AM - #Permalink
    Resolved
    0 votes
    Which kernel are you running with at the moment:
    uname -r
    If it is kernel-3.10.0-1062.9.1.el7, you could consider rebooting to an older one. Which do you have installed:
    rpm -qa | grep ^kernel-3 | sort
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Tuesday, December 24 2019, 10:59 AM - #Permalink
    Resolved
    0 votes
    Which version of ClearOS? ethx interfaces are generally only seen in VM's in ClearOS 7.

    It you are getting an IP address of 192.168.0.2, it suggests you are behind another router. In this case you'd normally give ClearOS a fixed IP outside the router's DHCP scope. What is your network topology? Are you able to bridge your external router so ClearOS gets a WAN IP? It may mean switching the ClearOS WAN to PPPoE if your external connection is xDSL.

    The command from PuTTy does produce output for all PCI NIC's and should work for VM NIC's, just not USB NIC's. e.g:
    [root@microserver ~]# lspci -k | grep Eth -A 3
    
02:00.0 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme BCM5720 2-port Gigabit Ethernet PCIe
    
        Subsystem: Hewlett-Packard Company NC332i Adapter
    
        Kernel driver in use: tg3
    
        Kernel modules: tg3
    
02:00.1 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme BCM5720 2-port Gigabit Ethernet PCIe
    
        Subsystem: Hewlett-Packard Company NC332i Adapter
    
        Kernel driver in use: tg3
    
        Kernel modules: tg3
    The reply is currently minimized Show

  • Accepted Answer

    Pierfrancesco Toninato
    Pierfrancesco Toninato
    Offline
    Tuesday, December 24 2019, 10:46 AM - #Permalink
    Resolved
    0 votes
    Even today another firewall has stopped working by blocking the network and internet from one of my clients.
    With a brusque restart, everything went back to working

    Is it possible that an updated clearos will tilt the firewall?
    The reply is currently minimized Show

  • Accepted Answer

    Pierfrancesco Toninato
    Pierfrancesco Toninato
    Offline
    Tuesday, December 24 2019, 08:44 AM - #Permalink
    Resolved
    0 votes
    I've try the command from putty but no output, on 23th december the problem was synchronizing hardware clock

    Dec 23 01:29:37 gateway software-updates: no updates required
    Dec 23 02:02:01 gateway timesync: synchronizing with ntpdate
    Dec 23 02:02:10 gateway timesync: synchronizing hardware clock <- after this the firewall was "dead" no internet connection
    Dec 23 09:26:46 gateway firewall: Starting firewall... <- after modem restart
    Dec 23 09:26:46 gateway firewall: Loading environment
    Dec 23 09:26:46 gateway firewall: Detected WAN role for interface: eth0
    Dec 23 09:26:46 gateway firewall: Detected WAN backup role for interface: eth0
    Dec 23 09:26:46 gateway firewall: Detected LAN role for interface: eth1
    Dec 23 09:26:46 gateway firewall: if_get_address: SIOCGIFADDR: Cannot assign requested address
    Dec 23 09:26:46 gateway firewall: Warning: LAN device has no IP address: eth1 <- this eth1 is set with static ip
    Dec 23 09:26:46 gateway firewall: Setting kernel parameters
    Dec 23 09:26:46 gateway firewall: Detected WAN info - eth0 192.168.0.2 on network 192.168.0.0/24
    Dec 23 09:26:46 gateway firewall: Detected Backup WAN info - eth0 192.168.0.2 on network 192.168.0.0/24
    Dec 23 09:26:46 gateway firewall: Using gateway mode
    Dec 23 09:26:46 gateway firewall: Loading kernel modules
    Dec 23 09:26:46 gateway firewall: Loading kernel modules for NAT
    Dec 23 09:26:46 gateway firewall: Setting default policy to DROP
    Dec 23 09:26:46 gateway firewall: Defining custom chains
    Dec 23 09:26:46 gateway firewall: Running blocked external rules
    Dec 23 09:26:46 gateway firewall: Running custom rules
    Dec 23 09:26:46 gateway firewall: Running common rules
    Dec 23 09:26:46 gateway firewall: Running incoming denied rules
    Dec 23 09:26:46 gateway firewall: Running user-defined incoming rules
    Dec 23 09:26:46 gateway firewall: Allowing incoming tcp port/range 81
    Dec 23 09:26:46 gateway firewall: Running default incoming allowed rules
    Dec 23 09:26:46 gateway firewall: Running user-defined port forward rules
    Dec 23 09:26:46 gateway firewall: Running 1-to-1 NAT rules
    Dec 23 09:26:46 gateway firewall: Running user-defined proxy rules
    Dec 23 09:26:46 gateway firewall: Content filter is offline
    Dec 23 09:26:46 gateway firewall: Web proxy is offline
    Dec 23 09:26:46 gateway firewall: Running multipath
    Dec 23 09:26:46 gateway firewall: Running Masquerading
    Dec 23 09:26:46 gateway firewall: Enabling NAT on WAN interface eth0
    Dec 23 09:26:46 gateway firewall: Running user-defined outgoing block rules
    Dec 23 09:26:46 gateway firewall: Running default forwarding rules
    Dec 23 09:26:46 gateway firewall: Execution time: 0.129s
    Dec 23 09:26:46 gateway firewall: Running post-firewall: 110770
    Dec 23 09:26:46 gateway firewall: Running /etc/clearos/firewall.d/local
    Dec 23 09:26:46 gateway firewall: Running /etc/clearos/firewall.d/10-netify-fwa
    Dec 23 09:26:47 gateway events: network_connected - event occurred
    Dec 23 09:26:47 gateway events: network_connected - triggered hook: date
    Dec 23 09:26:47 gateway timesync: synchronizing with ntpdate
    Dec 23 09:26:47 gateway firewall6: Starting firewall...
    Dec 23 09:26:47 gateway firewall6: Loading environment
    Dec 23 09:26:47 gateway firewall6: Detected WAN role for interface: eth0
    Dec 23 09:26:47 gateway firewall6: Detected WAN backup role for interface: eth0
    Dec 23 09:26:47 gateway firewall6: Detected LAN role for interface: eth1
    Dec 23 09:26:47 gateway firewall6: if_get_address: SIOCGIFADDR: Cannot assign
    requested address
    Dec 23 09:26:47 gateway firewall6: Warning: LAN device has no IP address: eth1
    Dec 23 09:26:47 gateway firewall6: Setting kernel parameters
    Dec 23 09:26:47 gateway firewall6: Detected WAN info - eth0 192.168.0.2 on network
    192.168.0.0/24
    Dec 23 09:26:47 gateway firewall6: Detected Backup WAN info - eth0 192.168.0.2 on
    network 192.168.0.0/24
    Dec 23 09:26:47 gateway firewall6: Using gateway mode
    Dec 23 09:26:47 gateway firewall6: Loading kernel modules
    Dec 23 09:26:47 gateway firewall6: Loading kernel modules for NAT
    Dec 23 09:26:47 gateway firewall6: Setting default policy to DROP
    Dec 23 09:26:47 gateway firewall6: Defining custom chains
    Dec 23 09:26:47 gateway firewall6: Running blocked external rules
    Dec 23 09:26:47 gateway firewall6: Running custom rules
    Dec 23 09:26:47 gateway firewall6: Running common rules
    Dec 23 09:26:47 gateway firewall6: Running incoming denied rules
    Dec 23 09:26:47 gateway firewall6: Running user-defined incoming rules
    Dec 23 09:26:47 gateway firewall6: Running default incoming allowed rules
    Dec 23 09:26:47 gateway firewall6: Running user-defined port forward rules
    Dec 23 09:26:47 gateway firewall6: Running Masquerading
    Dec 23 09:26:47 gateway firewall6: Enabling NAT on WAN interface eth0
    Dec 23 09:26:47 gateway firewall6: Running user-defined outgoing block rules
    Dec 23 09:26:47 gateway firewall6: Running default forwarding rules
    Dec 23 09:26:47 gateway firewall6: Execution time: 0.065s
    Dec 23 09:26:47 gateway firewall6: Running post-firewall: 110770
    Dec 23 09:26:47 gateway firewall6: Running /etc/clearos/firewall.d/local
    Dec 23 09:26:47 gateway firewall6: Running /etc/clearos/firewall.d/10-netify-fwa
    Dec 23 09:26:56 gateway timesync: synchronizing hardware clock
    Dec 23 09:26:59 gateway firewall: Starting firewall...
    Dec 23 09:26:59 gateway firewall: Loading environment
    Dec 23 09:26:59 gateway firewall: Detected WAN role for interface: eth0
    Dec 23 09:26:59 gateway firewall: Detected LAN role for interface: eth1
    Dec 23 09:26:59 gateway firewall: if_get_address: SIOCGIFADDR: Cannot assign
    requested address
    Dec 23 09:26:59 gateway firewall: Warning: LAN device has no IP address: eth1
    Dec 23 09:26:59 gateway firewall: Setting kernel parameters
    Dec 23 09:26:59 gateway firewall: Detected WAN info - eth0 192.168.0.2 on network
    192.168.0.0/24
    Dec 23 09:26:59 gateway firewall: Using gateway mode
    Dec 23 09:26:59 gateway firewall: Loading kernel modules
    Dec 23 09:26:59 gateway firewall: Loading kernel modules for NAT
    Dec 23 09:26:59 gateway firewall: Setting default policy to DROP
    Dec 23 09:26:59 gateway firewall: Defining custom chains
    Dec 23 09:26:59 gateway firewall: Running blocked external rules
    Dec 23 09:26:59 gateway firewall: Running custom rules
    Dec 23 09:26:59 gateway firewall: Running common rules
    Dec 23 09:26:59 gateway firewall: Running incoming denied rules
    Dec 23 09:26:59 gateway firewall: Running user-defined incoming rules
    Dec 23 09:26:59 gateway firewall: Allowing incoming tcp port/range 81
    Dec 23 09:26:59 gateway firewall: Running default incoming allowed rules
    Dec 23 09:26:59 gateway firewall: Running user-defined port forward rules
    Dec 23 09:26:59 gateway firewall: Running 1-to-1 NAT rules
    Dec 23 09:26:59 gateway firewall: Running user-defined proxy rules
    Dec 23 09:26:59 gateway firewall: Content filter is offline
    Dec 23 09:26:59 gateway firewall: Web proxy is offline
    Dec 23 09:26:59 gateway firewall: Running multipath
    Dec 23 09:26:59 gateway firewall: Running Masquerading
    Dec 23 09:26:59 gateway firewall: Enabling NAT on WAN interface eth0
    Dec 23 09:26:59 gateway firewall: Running user-defined outgoing block rules
    Dec 23 09:26:59 gateway firewall: Running default forwarding rules
    Dec 23 09:26:59 gateway firewall: Execution time: 0.108s
    Dec 23 09:26:59 gateway firewall: Running post-firewall: 110770
    Dec 23 09:26:59 gateway firewall: Running /etc/clearos/firewall.d/local
    Dec 23 09:26:59 gateway firewall: Running /etc/clearos/firewall.d/10-netify-fwa
    Dec 23 09:27:00 gateway events: network_connected - event occurred
    Dec 23 09:27:00 gateway events: network_connected - triggered hook: date
    Dec 23 09:27:00 gateway timesync: synchronizing with ntpdate
    Dec 23 09:27:00 gateway firewall6: Starting firewall...
    Dec 23 09:27:00 gateway firewall6: Loading environment
    Dec 23 09:27:00 gateway firewall6: Detected WAN role for interface: eth0
    Dec 23 09:27:00 gateway firewall6: Detected LAN role for interface: eth1
    Dec 23 09:27:00 gateway firewall6: if_get_address: SIOCGIFADDR: Cannot assign
    requested address
    Dec 23 09:27:00 gateway firewall6: Warning: LAN device has no IP address: eth1
    Dec 23 09:27:00 gateway firewall6: Setting kernel parameters
    Dec 23 09:27:00 gateway firewall6: Detected WAN info - eth0 192.168.0.2 on network
    192.168.0.0/24
    Dec 23 09:27:00 gateway firewall6: Using gateway mode
    Dec 23 09:27:00 gateway firewall6: Loading kernel modules
    Dec 23 09:27:00 gateway firewall6: Loading kernel modules for NAT
    Dec 23 09:27:00 gateway firewall6: Setting default policy to DROP
    Dec 23 09:27:00 gateway firewall6: Defining custom chains
    Dec 23 09:27:00 gateway firewall6: Running blocked external rules
    Dec 23 09:27:00 gateway firewall6: Running custom rules
    Dec 23 09:27:00 gateway firewall6: Running common rules
    Dec 23 09:27:00 gateway firewall6: Running incoming denied rules
    Dec 23 09:27:00 gateway firewall6: Running user-defined incoming rules
    Dec 23 09:27:00 gateway firewall6: Running default incoming allowed rules
    Dec 23 09:27:00 gateway firewall6: Running user-defined port forward rules
    Dec 23 09:27:00 gateway firewall6: Running Masquerading
    Dec 23 09:27:00 gateway firewall6: Enabling NAT on WAN interface eth0
    Dec 23 09:27:00 gateway firewall6: Running user-defined outgoing block rules
    Dec 23 09:27:00 gateway firewall6: Running default forwarding rules
    Dec 23 09:27:00 gateway firewall6: Execution time: 0.089s
    Dec 23 09:27:00 gateway firewall6: Running post-firewall: 110770
    Dec 23 09:27:00 gateway firewall6: Running /etc/clearos/firewall.d/local
    Dec 23 09:27:00 gateway firewall6: Running /etc/clearos/firewall.d/10-netify-fwa
    Dec 23 09:27:09 gateway timesync: synchronizing hardware clock
    Dec 23 10:28:17 gateway firewall: Starting firewall... <- when we arrive and restart the firewall
    Dec 23 10:28:17 gateway firewall: Loading environment
    Dec 23 10:28:17 gateway firewall: Detected WAN role for interface: eth0
    Dec 23 10:28:17 gateway firewall: Detected LAN role for interface: eth1
    Dec 23 10:28:17 gateway firewall: Setting kernel parameters
    Dec 23 10:28:17 gateway firewall: Detected WAN info - eth0 192.168.0.2 on network
    192.168.0.0/24
    Dec 23 10:28:17 gateway firewall: Detected LAN info - eth1 192.168.1.1 on network <- correct eth1 lan ip
    192.168.1.0/24
    Dec 23 10:28:17 gateway firewall: Using gateway mode
    Dec 23 10:28:17 gateway firewall: Loading kernel modules
    Dec 23 10:28:17 gateway firewall: Starting firewall...
    Dec 23 10:28:17 gateway firewall: Loading environment
    Dec 23 10:28:17 gateway firewall: Detected WAN role for interface: eth0
    Dec 23 10:28:17 gateway firewall: Detected LAN role for interface: eth1
    Dec 23 10:28:17 gateway firewall: Setting kernel parameters
    Dec 23 10:28:17 gateway events: onboot - event occurred
    Dec 23 10:28:17 gateway events: onboot - triggered hook: language
    Dec 23 10:28:17 gateway firewall: Detected WAN info - eth0 192.168.0.2 on network
    192.168.0.0/24
    Dec 23 10:28:17 gateway firewall: Detected LAN info - eth1 192.168.1.1 on network
    192.168.1.0/24
    Dec 23 10:28:17 gateway firewall: Using gateway mode
    Dec 23 10:28:17 gateway firewall: Loading kernel modules
    Dec 23 10:28:17 gateway events: onboot - triggered hook: suva
    Dec 23 10:28:17 gateway firewall: Loading kernel modules for NAT
    Dec 23 10:28:17 gateway firewall: Setting default policy to DROP
    Dec 23 10:28:17 gateway firewall: Defining custom chains
    Dec 23 10:28:17 gateway firewall: Running blocked external rules
    Dec 23 10:28:17 gateway firewall: Running custom rules
    Dec 23 10:28:17 gateway firewall: Running common rules
    Dec 23 10:28:17 gateway firewall: Running incoming denied rules
    Dec 23 10:28:17 gateway firewall: Running user-defined incoming rules
    Dec 23 10:28:17 gateway firewall: Allowing incoming tcp port/range 81
    Dec 23 10:28:17 gateway firewall: Running default incoming allowed rules
    Dec 23 10:28:17 gateway firewall: Running user-defined port forward rules
    The reply is currently minimized Show

  • Accepted Answer

    Nick Howitt
    Nick Howitt
    Offline
    Monday, December 23 2019, 01:18 PM - #Permalink
    Resolved
    0 votes
    What is the output of "lspci -k | grep Eth -A 3"?
    The reply is currently minimized Show
Your Reply