Computer Security
 » 
Firewall
 » 
Endian Firewall
 » 
efw-user

since last upgrade of 2.2 stable : no more external access (OPENVPN and GUI)

View: New views
1 Messages — Rating Filter:   Alert me  

since last upgrade of 2.2 stable : no more external access (OPENVPN and GUI)

by Lightningbit @ GMAIL.COM :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Some parts of this message have been removed. Learn more about Nabble's security policy.

Hi,

 

A few weeks ago, I did an upgrade of my EFW (stable release 2.2) using the efw-upgrade script

Since then, I lost my “external access” :

-          I’m no longer able to connect with openvpn client

-          I’m no longer able to access the GUI from external

 

I’ve removed/turned off almost all my custum rules for external access, port forwarding etc…

I turned off IDS (snort) completely

 

The external access rules I’ve left are :

 

1             <ANY>                 RED        TCP/10443                          ALLOW                                

2             <ANY>                 RED        TCP+UDP/1194                ALLOW                

 

 

When I check tcpdump and the firewall log on the efw box, I still see for the attempts of my openvpn client coming in, but being dropped (see below)

 

 

 

Any ideas?

 

L.

 

 

 

 

An extract:

 

20:52:19.118946 IP (tos 0x0, ttl 128, id 16777, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:21.301571 IP (tos 0x0, ttl 128, id 16778, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:23.584632 IP (tos 0x0, ttl 128, id 16779, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:25.126910 IP (tos 0x0, ttl 128, id 16780, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:28.471805 IP (tos 0x0, ttl 128, id 16781, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:29.664552 IP (tos 0x0, ttl 128, id 16782, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:31.996581 IP (tos 0x0, ttl 128, id 16785, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

20:52:34.319867 IP (tos 0x0, ttl 128, id 16788, offset 0, flags [none], proto 17, length: 42) 123-123-123-123.dynamic.myprovider.xx.pdp > 111-111-111-111.dynamic.myprovider.xx.openvpn: UDP, length 14

 

Oct 18 20:52:08 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16759 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:20 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16777 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:26 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16780 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:32 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16785 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:39 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16792 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:44 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16794 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:50 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16801 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:52:56 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16804 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:53:01 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16807 PROTO=KEY_UDP SPT=1675 DPT=1194 LEN=22

Oct 18 20:53:09 gatefie ulogd[1286]: INPUT:DROP IN=eth1 OUT= MAC=00:08:0d:9c:76:d1:ff:ff:14:00:03:00 SRC=123.123.123.123 DST=111.111.111.111 LEN=42 TOS=00 PREC=0x00 TTL=128 ID=16813 PROTO=KEY_UDP SPT=1677 DPT=1194 LEN=22


------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Free embeddable forum powered by Nabble Forum Help