EFW Support

Support => General Support => Topic started by: Fungyo on Tuesday 15 June 2010, 03:06:34 pm


Title: cannot access SSH or Web GUI
Post by: Fungyo on Tuesday 15 June 2010, 03:06:34 pm
Hi,
I have EFW Community 2.4 installed.
I cannot access SSH or Web GUI.

from my Desktop on Green LAN:
Code:
~]$ nmap -PN -p10443 192.168.1.55

PORT      STATE    SERVICE
10443/tcp filtered unknown
Code:
~]$ nmap -PN -p22 192.168.1.55

PORT   STATE    SERVICE
22/tcp filtered ssh
Code:
~]$ nmap -PN -p222 192.168.1.55

PORT    STATE    SERVICE
222/tcp filtered rsh-spx
from EFW:
Code:
# ps -Al |grep sshd
5 S     0  4621     1  0  80   0 -  911 - ?        00:00:00 sshd
Code:
# ps -Al |grep http
5 S     0  4594     1  0  80   0 -  1391 - ?        00:00:00 httpd
5 S     99  4595     4594  0  80   0 -  1391 - ?        00:00:00 httpd
5 S     99  4596     4594  0  80   0 -  1391 - ?        00:00:00 httpd
Code:
# netstat -antp | egrep ':10443|:httpd'
tcp        0      0 0.0.0.0:10443              0.0.0.0:*               LISTEN      4564/httpd

ifconfig shows:
br0 has IP 192.168.1.55 (Green)
eth1 has IP 10.0.0.4 (Red)

My last configuration change was to forward port 2234 to 192.168.1.40. Can't see how that would cause any issues.

in /var/log/messages i see errors like:
Code:
segfault at 1 ip b7632e16 sp bfeadeb8 error 4 in libc-2.3.4-so
in /var/log/startup.log i see errors:
Code:
Setting up firewall rules
/etc/firewall/hooks/00ipac:
Couldn't load target 'standard'"/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory
I have since the issue done a:
Code:
efw-upgrade -s

Can anyone help?
thanks

Title: Re: cannot access SSH or Web GUI
Post by: Fungyo on Friday 18 June 2010, 11:02:21 am
Never worked out what the issue was. Did a factory reset from the console and started again.

Title: Re: cannot access SSH or Web GUI
Post by: Fungyo on Friday 02 July 2010, 01:02:45 pm
Happened again, this time I knew what it was and probably was last time. An incorrectly configured port forward.
This time I did manage to log in via SSH through the red nic from another PC on my network.
I did this to get access again:
~# iptables -t nat -n -L
*** This was the bad rule
Chain PORTFW (2 references)
target     prot opt source               destination         
DNAT       all  --  0.0.0.0/0            192.168.1.55        to:192.168.1.40
*** Delete the rule:
~# iptables -t nat -D PORTFW 1

Logged into Web admin and completely deleted the rule.

I only hope this cleaned it completely, however everything appears to be working.


Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media