Can't alter firewall rules from the WUI

Since updating to core 180, I can’t add,update or delete firewall rules from the WUI.
The Firewall Rules page loads. I can go through all the motions of adding/editing/deleting a rule, however after I hit add, it goes to a page with nothing but the page header (which is normal for a brief time then normally returns to the rules page with the update button). It never returns with the update button. I confirm that the rule/change has not been made.
I can edit the rules from the CLI, and it shows in the WUI once the rules have been reloaded, but it mucks up the line numbers.
Thanks for any insight into this.

This is the page that opens after the add/update button is selected. Upon refresh, it reloads the with no changes made. I have tried multiple browsers. Same results.

You tried to change rules also from another system?
Your computer use an antivirus which is filtering browsed content?


To diagnose this issue, please open a console and run the command tail -f /var/log/httpd/error_log. This is directed to monitoring the Apache web server error log while triggering the abnormal behavior. Then try replicating the behavior in the WUI. Capture the logs (press Ctrl-C to exit the log view) and if there is anything relevant please post the results here for further analysis.


@Pike: Yes, I have tried from different systems and browsers. No antivirus.

@cfusco: The command you gave resulted in the following in the log file. Once for each time I tried to add, edit, or delete a rule.
Unable to write to file /var/ipfire/firewall/config at /var/ipfire/ line 928.
Unable to write to file /var/ipfire/firewall/config at /var/ipfire/ line 928.
Unable to write to file /var/ipfire/firewall/config at /var/ipfire/ line 928.

Thanks to you both for your interest and help!

1 Like

I think you have a corrupted system.

The error message “Unable to write to file /var/ipfire/firewall/config” is indicative of an underlying issue that could be related to incorrect file permissions, a failing disk, or system corruption possibly due to a flawed update to core 180. These conditions prevent the system from saving new firewall configurations. To resolve this, consider performing a clean installation using the latest IPFire ISO image, followed by restoring your backup.

If you don’t have a backup:

  • Make it a practice to always maintain a backup, especially before attempting an update. Keep in mind that there is a small chance that your disk is failing and you might need to use again the backup of your firewall in the near future.
  • Attempt to download your backup via the Web User Interface, if it is functional.
  • If the WUI is inoperable, retrieve the backup using the console.

If you don’t have a backup and the WUI is not functional, here’s how to retrieve one using the console:

  1. Plug in a USB key to your IPFire machine.
  2. Mount the USB key by running the command: mount /dev/sda1 /mnt (Replace /dev/sda1 with your USB key’s device path if different). To identify the USB device, you can use the fdisk -l command. This will list all storage devices, and you should be able to recognize your USB key by its size or brand name in the output. Look for the device path, which usually appears as /dev/sda1, /dev/sdb1, etc.
  3. Navigate to the backup directory: cd /var/ipfire/backup/
  4. Copy the main backup file to the USB key: cp 2023-10-13-12:57.ipf /mnt/ (Replace the filename with your actual backup file name).
  5. Go to the addons backup directory: cd /var/ipfire/backup/addons/backup/
  6. Copy any addon backup files to the USB key: cp *.ipf /mnt/
  7. Unmount the USB key: umount /mnt

Now you have successfully backed up your main and addon configurations to the USB key.

Please post a follow-up for further guidance. Good luck.


Thanks for the info! I did have a core-179 back up, which installed fine and all seems well.

Question: NM; I see the question has already been answered. Actually by cfusco. :slight_smile:

Thanks for the help!