Problem with Firewall and ndpi on Nethserver 7.9

juanclar · April 8, 2021, 10:50pm

NethServer Version: 7.9
Module: Firewall

hello, from one moment to another I have found out if firewall, when executing shorewall debug restart, generates an error in the xndpi module. I remove nethserver-ndpi but the problem persists, Nethserver is up to date. It shows me an error in blrules and when removing the following lines, the firewall works again but I can’t make a change because the error comes back.

These are the lines that I remove

WHITELIST net: + bl-whitelist loc
WHITELIST loc net: + bl-whitelist
WHITELIST net: + bl-whitelist FW WHITELIST FW net: + bl-whitelist
WHITELIST net: 8.8.8.8 loc
WHITELIST loc net: 8.8.8.8
WHITELIST net: 8.8.8.8 FW WHITELIST FW net: 8.8.8.8
BLACKLIST net: + bl-normshield_all_spam loc
BLACKLIST loc net: + bl-normshield_all_spam
BLACKLIST net: + bl-normshield_all_spam FW BLACKLIST FW net: + bl-normshield_all_spam
BLACKLIST net: + bl-iblocklist_malc0de loc
BLACKLIST loc net: + bl-iblocklist_malc0de
BLACKLIST net: + bl-iblocklist_malc0de FW BLACKLIST FW net: + bl-iblocklist_malc0de
BLACKLIST net: + bl-esentire_differentia_ru loc
BLACKLIST loc net: + bl-esentire_differentia_ru
BLACKLIST net: + bl-esentire_differentia_ru FW BLACKLIST FW net: + bl-esentire_differentia_ru
BLACKLIST net: + bl-php_commenters loc
BLACKLIST loc net: + bl-php_commenters
BLACKLIST net: + bl-php_commenters FW BLACKLIST FW net: + bl-php_commenters
BLACKLIST net: + bl-bi_username-notfound_0_1d loc
BLACKLIST loc net: + bl-bi_username-notfound_0_1d
BLACKLIST net: + bl-bi_username-notfound_0_1d FW BLACKLIST FW net: + bl-bi_username-notfound_0_1d
BLACKLIST net: + bl-proxz_7d loc
BLACKLIST loc net: + bl-proxz_7d
BLACKLIST net: + bl-proxz_7d FW BLACKLIST FW net: + bl-proxz_7d
BLACKLIST net: + bl-nt_malware_dns loc
BLACKLIST loc net: + bl-nt_malware_dns
BLACKLIST net: + bl-nt_malware_dns FW BLACKLIST FW net: + bl-nt_malware_dns
BLACKLIST net: + bl-et_dshield loc
BLACKLIST loc net: + bl-et_dshield
BLACKLIST net: + bl-et_dshield FW BLACKLIST FW net: + bl-et_dshield
BLACKLIST net: + bl-iblocklist_org_nintendo loc
BLACKLIST loc net: + bl-iblocklist_org_nintendo
BLACKLIST net: + bl-iblocklist_org_nintendo FW BLACKLIST FW net: + bl-iblocklist_org_nintendo

WARNING: Ipset bl-bi_username-notfound_0_1d does not exist /e
tc/shorewall/blrules (line 71)
Apr 8 16:55:11 Rule “BLACKLIST net:+bl-bi_username-notfound_0_1d loc” Compi
led

Apr 8 17:22:33 titan esmith::event[15110]: iptables-restore v1.4.21: xt_ndpi: Y
ou need to specify at least one protocol on host/cert name
Apr 8 17:22:33 titan esmith::event[15110]: Error occurred at line: 82
Apr 8 17:22:33 titan esmith::event[15110]: Try `iptables-restore -h’ or ‘iptabl
es-restore --help’ for more information.

I hope you can help me
Thanks

Juan Carlos Ortiz L.