I've been trying to file a bug report trough the bug report tool of Debian. But without a succes.
So I'll just inform you all about this bug since I do want to inform you about it.
I'm sorry this isn't the proper method, but bugreport isn't cooperative with my SMTP for some reason.
I've discovered that fwsnort generates a small but significant syntax error when this iptable rule is present: # ICMP echo request
$IPTABLES -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
The below fwsnort rule is generated which makes 'iptables-persistent' crash on boot, which in turn boots Debian without a firewall.
-A FWSNORT_INPUT -p icmp -m icmp --icmp-type 8 -m string --hex-string"|0102030405060708090a0b0c0d0e0f|" --algo bm --to 74 -m comment --comment "sid:2100369; msg:GPL ICMP_INFO PING BayRS Router; classtype:misc-activity; reference:arachnids,438; rev:7; FWS:1.5;" -j LOG --log-prefix "[11] SID2100369 " --log-ip-options
The right syntax should be: --hex-string "|0102030405060708090a0b0c0d0e0f|"
It's a small syntax error, I'm sorry I don't have the time to fix this bug. I hope I've given enough information to you to fix this problem.
In the mean time this can be fixed by editing the saved iptable configuration in /etc/iptables/rules.v4
To display some helpful debugging information you can run: # iptables-restore < /etc/iptables/rules.v4
This will inform you of the line where this syntax error is. Then edit it accordingly with your favorite text editor.
| -- Kind regards, Kees de Jong De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde(n). |
1 comment:
michael kors outlet
hermes handbags bag
curry 6
off white clothing
cheap jordans
air jordan
kobe shoes
adidas stan smith
moncler jackets
converse outlet
Post a Comment