Firewall rules are not pickup from mysql

Problems/questions regarding the MailCleaner configuration

Moderators: FlorianB, Pascal, bourgeois, mentor

Dragnell
Posts: 3
Joined: Mon Oct 26, 2015 9:14 pm
How did you hear about Mailcleaner: googling a replace for baruwa

Firewall rules are not pickup from mysql

Postby Dragnell » Wed Oct 11, 2017 9:13 pm

I have been trying to set up a cluster since monday but unfortunately there is some problem with the firewall script that does not update the rules

Code: Select all

+----+--------------+--------+----------+-----------------+------+
| id | service      | port   | protocol | allowed_ip      | auth |
+----+--------------+--------+----------+-----------------+------+
|  1 | web          | 80:443 | TCP      | 0.0.0.0/0       | NULL |
|  4 | mail         | 25     | TCP      | 0.0.0.0/0       | NULL |
| 11 | configurator | 4242   | TCP      | 0.0.0.0/0       | NULL |
| 12 | ssh          | 22     | TCP      | 192.168.20.0/27 | NULL |
| 13 | mysql        | 3306   | TCP      | 192.168.20.0/27 | NULL |


Code: Select all

Chain INPUT (policy DROP)
target     prot opt source               destination         
DROP       tcp  --  anywhere             anywhere             tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:4242
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:submission
ACCEPT     tcp  --  anywhere             anywhere             tcp dpts:http:https
ACCEPT     tcp  --  172.17.2.0/24        anywhere             tcp dpt:ssh
ACCEPT     tcp  --  localnet/24          anywhere             tcp dpt:ssh

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         


the script is deep into the code , as far as i can see and i have no other way to add rules, or disable the firewall, any idea how to fix this? Thanks
FlorianB
Posts: 242
Joined: Wed Apr 01, 2015 2:27 pm
How did you hear about Mailcleaner: job

Re: Firewall rules are not pickup from mysql

Postby FlorianB » Sun Oct 15, 2017 10:41 am

Hello again,
I made tests with my colleague Mentor yesterday.
We didn't notice any firewall rules problem but it looks like a synchro problem of DB instance (as usual).
Could you try to do a :

Code: Select all

echo "show slave status\G" |/usr/mailcleaner/bin/mc_mysql -s mc_config
And then post the answer here please.
We should find a double Yes row about sync.
I'll post an answer about SSL ports and SSL enable or not problem in the corresponding thread but we noticed no problem about that except the fast that no notification appear asking to restart the firewall service for these changes and it is necessary !
Mentor corrected some things to make this notification appears so if you use the final version or the Updater for the beta version, you should already notice that on change of these values.
Regards,
Florian
MailCleaner Team

Return to “Configuration”

Who is online

Users browsing this forum: No registered users and 2 guests