Firewall Issues, not recognizing my pppoe as a provider

Any idea what is going on?

And its all working fine…

My only fear is, i am 300km from that server…lol

Check if you can ping 8.8.8.8 from your firewall.
And it can be helpful if you could post here your configuration under WAN section (the bottone Configure on the right in your screen).
Thanks

2 Likes

Its all working fine! Thats the wierdest part! I cant ping, browse, all computers are working just fine, my external acess is fine!

Lol, this is very wierd, now i am afraid to move things around and mess my external access hahahaha

If i recall correctly, @filippo_carletti should be the “right guy”…

A visual glitch due to looking for an interface name?
Maybe seeing these parameters help:

db networks show

echo '{"action":"providers"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/wan/read | jq

/usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/dashboard/read | jq

echo '{"action":"list"}' | /usr/bin/sudo /usr/libexec/nethserver/api/system-network/read | jq
1 Like
br0=bridge
    gateway=
    ipaddr=192.168.5.1
    netmask=255.255.255.0
    role=green
br0.20=vlan
    bootproto=none
    gateway=
    ipaddr=10.1.10.254
    netmask=255.255.255.0
    nslabel=
    role=blue
enp1s0=ethernet
    bridge=br0
    nslabel=
    role=bridged
enp3s0=ethernet
    role=pppoe
ppp0=xdsl
    AuthType=auto
    FwInBandwidth=50000
    FwOutBandwidth=50000
    Password=xxxxxxxxxx
    name=PPPoE
    nslabel=PPPoE
    provider=ifnet
    role=red
    user=xxxxxxxxxxxx
red1=provider
    interface=ppp0
    weight=1
{
  "status": {
    "red1": 0
  },
  "configuration": {
    "interfaces": [
      {
        "provider": {
          "weight": "1",
          "name": "red1"
        },
        "FwOutBandwidth": "50000",
        "gateway": "189.50.XXX.XXX",
        "nslabel": "PPPoE",
        "FwInBandwidth": "50000",
        "name": "ppp0",
        "cidr": "170.81.XXX.XXX",
        "ipaddr": null
      }
    ],
    "multiwan": {
      "MaxPercentPacketLoss": "50",
      "MaxNumberPacketLoss": "10",
      "EmailAddress": "root@localhost",
      "WanMode": "balance",
      "PingInterval": "5",
      "NotifyWan": "disabled",
      "CheckIP": [
        "8.8.8.8",
        "208.67.222.222"
      ]
    }
  }
}
{
  "connections": {
    "udp": 59,
    "tcp": 178,
    "total": 239,
    "icmp": 2
  },
  "providers": {
    "red1": {
      "status": 0,
      "nslabel": "PPPoE",
      "weight": "1",
      "interface": "ppp0"
    }
  },
  "services": {
    "ndpi": 0,
    "clamd@squidclamav": 1,
    "squid": 1
  },
  "statistics": {
    "hosts": 12,
    "tc": 2,
    "portforward": 0,
    "routes": 0,
    "objects": {
      "fwtimes": 0,
      "hosts": 20,
      "fwservices": 45,
      "zones": 0,
      "host-group": 3
    },
    "fwrules": 25,
    "vpn": 9
  },
  "applications": []
}
{
  "status": {
    "ppp0": {
      "link": "1",
      "gateway": "189.50.135.3",
      "mac": "",
      "ipaddr": "10.1.10.254"
    },
    "enp3s0": {
      "link": "1",
      "bus": "pci",
      "speed": "1000",
      "model": "Realtek Semiconductor Co. Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 06)",
      "mac": "84:16:f9:05:b3:91",
      "driver": "r8169"
    },
    "enp1s0": {
      "link": "1",
      "bus": "pci",
      "speed": "100",
      "model": "Realtek Semiconductor Co. Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0c)",
      "mac": "1c:1b:0d:52:ed:0d",
      "driver": "r8169"
    },
    "br0.20": {
      "link": "1",
      "mac": "1c:1b:0d:52:ed:0d"
    },
    "br0": {
      "link": "1",
      "mac": "1c:1b:0d:52:ed:0d"
    }
  },
  "configuration": {
    "hotspot": [],
    "missing": [],
    "orange": [],
    "green": [
      {
        "gateway": "",
        "name": "br0",
        "cidr": "192.168.5.1/24",
        "devices": [
          {
            "existing": 1,
            "name": "enp1s0",
            "nslabel": "",
            "cidr": "",
            "bridge": "br0",
            "devices": [],
            "virtual": 0,
            "aliases": [],
            "type": "ethernet",
            "role": "bridged"
          }
        ],
        "virtual": 1,
        "aliases": [],
        "type": "bridge",
        "netmask": "255.255.255.0",
        "role": "green",
        "ipaddr": "192.168.5.1"
      }
    ],
    "blue": [
      {
        "parent": "br0",
        "bootproto": "none",
        "gateway": "",
        "name": "br0.20",
        "nslabel": "",
        "cidr": "10.1.10.254/24",
        "devices": [],
        "virtual": 1,
        "aliases": [],
        "tag": "20",
        "type": "vlan",
        "netmask": "255.255.255.0",
        "role": "blue",
        "ipaddr": "10.1.10.254"
      }
    ],
    "free": [],
    "other": [],
    "pppoe": 1,
    "red": [
      {
        "provider": "ifnet",
        "AuthType": "auto",
        "FwOutBandwidth": "50000",
        "nslabel": "PPPoE",
        "name": "ppp0",
        "FwInBandwidth": "50000",
        "cidr": "170.81.XXX.XXX",
        "devices": [
          {
            "existing": 1,
            "name": "enp3s0",
            "type": "ethernet",
            "cidr": "",
            "role": "pppoe",
            "virtual": 0
          }
        ],
        "virtual": 1,
        "Password": "XXX",
        "aliases": [],
        "user": "XXX",
        "type": "xdsl",
        "role": "red"
      }
    ]
  }
}
ls -l /var/lib/shorewall/*.status
/usr/libexec/nethserver/providers-status
-rw------- 1 root root 2 Jul 13 15:33 /var/lib/shorewall/ppp0.status
{"red1":"1"}[root@srv ~]#

Funny part is, its all working just fine lol! :laughing:

When i try to enable from firewall i get this:

 echo '{"name":"red1","action":"provider-enable"}' | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-firewall-base/wan/update | jq

And the server can ping 8.8.8.8 and 208.67.222.222 with no issues, right?

cat /var/lib/shorewall/ppp0.status

I would do a test renaming/removing /var/lib/shorewall/ppp0.status file, then checking status on dashboard, then monitor if it is ok even after signaling firewall-adjust and interface-update events.

3 Likes

Going to test that when i am next to the server, dont want to travel 300km for a system that is working fine! :stuck_out_tongue:

Thanks!

1 Like

I did it, it enables ppp0 it works all fine, but after any signaling like firewall-adjust it stops and gets back to “Enable” so wierd…

What’s the output of that command?
You have only one provider, right?
And the output of these ones?

shorewall status -i
cat /etc/shorewall/providers
cat /var/lib/shorewall/*.status
1 Like

Yes, only one provider.

ERROR: red1 is not an optional provider or interface: Firewall state not changed
/usr/share/shorewall/lib.common: line 93: 25972 Terminated $SHOREWALL_SHELL $script options @
{
“id”: “1627322311”,
“type”: “SaveFailed”,
“message”: “check_logs”
}

Shorewall-5.1.10.2 Status at srv.unipetrorp.local - Mon Jul 26 14:52:17 -03 2021

Shorewall is running
State:Started Mon Jul 26 14:52:05 -03 2021 from /etc/shorewall/ (/var/lib/shorewall/firewall compiled Mon Jul 26 14:52:04 -03 2021 by Shorewall version 5.1.10.2)

Interface ppp0 is Disabled

#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY

#80providers_output

cat /var/lib/shorewall/*.status
1

I don’t know. The UI is showing what it is being told. I leave this to the devs and to other users willing to test it with a PPPoE connection. Sorry.

1 Like

Its all working fine… Will leave it like that…

Btw first time i configured the red network it was with a Public IP, not by PPPoE. I just changed connection type and that happend haha

Thanks anyway, if i find any solution to this i will bring it here!