Firewall doubts

firewall

(Pedro Sitan) #1

NethServer Version: 7.4
Module: Firewall

I have two implementations, in different places, in one everything works properly, but in the other place, the firewall does not apply block correctly, and when I try the tail -f command in both places this is the result.

As you can see in the first site only can view the incoming conecctions, not who lan client request the conecction, in the other site I can view that information.

In the web gui I have configured this rules:

The rules are pretty same in both places, so, why the firewall has work fine in one place and in the other not?

In both places the nethserver are the gateway

Thanks for your help!


(Alessio Fattorini) #2

Hi Pedro,
thanks for joining the NethServer Community and welcome here!
Some of these friends may help you with your concerns
@islipfd19 @jitkian @Hunv @firsttiger @ssabbath @kolli_vasu @Imre_Bertalan @ssabbath


(Markus Neuberger) #3

Hi @geofxgt,

sorry for the late answer. You may compare the firewall config of your servers:

config show firewall

db fwrules show

http://docs.nethserver.org/en/latest/firewall.html
http://docs.nethserver.org/projects/nethserver-devel/en/v7/nethserver-firewall-base.html

Are your systems both up to date? Do you use proxy and dpi?

Are there other differences between the 2 servers?


(Pedro Sitan) #4

Thanks for you reply,
In both servers I use transparent proxy, and DPI module :thinking::thinking::thinking:

AFAIK the DPI module and the proxy not working together in Authenticated mode or not?

The both nethservers are updated.


(Marc) #5

Do you use suricata IPS?


(Pedro Sitan) #6

Yes, in both sites, with the rules recommended in this post.


(Marc) #7

What’s the output of:

config getprop firewall nfqueue

(Pedro Sitan) #8

image

The same result in both sites.