Had No Internet Access after updating to CU 166
No other config changes
ssh to IPFire shell, no internet access at all (ping 8.8.8.8 fail)
Turns out it was one of the Firewall Rules I have had in place for a very long time.
Rule is:
Source: Network/Host Group - “QNAP” [2 IP address in Group (IPs on Green Network)]
Destination: Red Network
Protocol: All
Action: Drop
Finally, after an 1 1/2 hour head scratching, disabled all rules & connectivity returned, so realized it was a firewall rule, then narrowed it down to that one.
Added 2 new rules with individual IPs, and seems to be working fine now.
sorry for being relatively absent recently on the community.
To be honest, I lost track of this threads, and which one is describing a firewall issue and which one is related to an IPS issue. If anybody could briefly bring me up-to-date, I’d be frightfully thankful.
Also, Core Update 167 will be available for testing within the next few days, and it comes with a bunch of firewall and IPS bugfixes all over the place. Hopefully it will have these issues covered as well - testing feedback is always highly appreciated.
So I found out what was causing my issue (may not be the issue for others)
I got a new NAS, that only has 2 Ethernet ports - The Old one 4, and I was using 3 of them.
In “Firewall Groups->Hosts”, I removed the “Host” for the interface I no longer used (QNAP3)
Now, under “Firewall Groups->Network/Host Groups”, the Host Group for QNAP had an IP/MAC Address entry that showed “Deleted” … I think this was causing the issue.
What I had to do is add the “QNAP3” Host back, remove it from the “Host Group” QNAP, and then go back and remove it from my Host list…
Seems to be working fine now…
BTW, I “deleted” it, by “editing” it, removing the information, and “saving” it - The entry disappears… Proper way to remove is using the wastecan icon, which only appears if you remove it from the Host Group first… Apparently, pre 166 was not sensitive to that (mis-configuration on my part)