After update to CU166, existing firewall rule started blocking all internet traffic

Security Firewall Rules
1

On my home network, I had a firewall rule that blocked connections to and from some porn sites. It worked normally prior to upgrading to CU166. After upgrading and reboot, I noticed all internet traffic was being blocked. It took me awhile to track down what was causing it, but finally I disabled this firewall rule and immediately all internet activity started functioning. I tested multiple times. Each time I enabled it, I lost all internet. When disabled, internet was restored. I looked through the rule and could not see why this behavior was occurring. It did not do this on CU165 and earlier. Did something changed in the firewall for CU166?

2

Hi Tim,

Please post a screenshot of the firewall rule that caused the issue.

There were only two items changed between 165 → 166.

2 Likes
3

I’ll try to get some screenshots this evening when I get home from work. Thanks.

2 Likes
4

Here is the firewall rule:

firewall1
firewall1905×932 32.9 KB

And here is the network/host group:

firewall2
firewall2848×569 21.7 KB

I’m guessing the most likely source is the /26 network I have listed on there. TBH, these IPs I tracked down several years ago and may not belong to the porn sites they once did. So that’s part of my problem. But the rule isn’t needed anymore anyway due to other more effective methods. It was just a curiosity that this rule went from harmless on CU165 to blocking all internet traffic on CU166.

5

Hi,

thanks for reporting back. Apologies for the late reply.

This firewall rule really does not look like it could cause any problems to me. Neither does the /26 appear problematic or related to some essential services your IPFire might need:

[root@maverick ~]# location lookup 192.99.211.64
192.99.211.64:
  Network                 : 192.99.0.0/16
  Country                 : Canada
  Autonomous System       : AS16276 - OVH SAS

To be honest, I have no idea where to look further on this problem. Does deleting this firewall rule and creating another one (blocking access to some arbitrary destination) cause the same behaviour?

Thanks, and best regards,
Peter Müller

1 Like
6

I have not had a chance to try deleting and recreating, but I did find it interesting that there was another person on here reporting the exact same issue with one of their old firewall rules after updating to 166 here:

7

Hi,

as far as I understood the other thread, the issue there was related to OSIF’s IPS ruleset, not the firewall engine itself. Unfortunately, OP never responded back… :expressionless:

Please give this a try. The current information is too little for us to have a clue what causes this issue.

Thanks, and best regards,
Peter Müller

2 Likes