[Spce-user] Incident [#SRY18918] IPtables were not loaded

morne at tenacit.net morne at tenacit.net
Mon Apr 29 11:55:32 EDT 2019


Hi,<br />
<br />
I deployed a new SIPWise CE server NGCP platform version mr7.2.1, and decided on adding my custom firewall rules as prescribed by the guide instead of a cronjob loading my custom file via iptables-restore.<br />
<br />
I added all the rules in the config.yml file, and I can see it generates the correct rules in the generated rules file (/etc/iptables/rules.v4), but it does not actually load the rules into iptables on boot.<br />
<br />
Does anyone know why it wouldnt?<br />
 
<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:10.0pt;color:gray;
mso-ansi-language:EN-ZA">Kind Regards,</span><span lang="EN-ZA" style="color:
#1F497D;mso-ansi-language:EN-ZA"></span>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA"> </span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:
EN-ZA">Morne du Plessis</span></b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"></span>
</p>

<p class="MsoNormal">
<span style="font-size:10.0pt;color:gray">Senior Network/Voice Engineer / Department Manager</span><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:EN-ZA"></span>
</p>

<p class="MsoNormal">
<span style="font-size:24px;"><b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:
EN-ZA">TenacIT</span></b></span><span style="font-size:22px;"><strong> </strong></span><span lang="EN-ZA"></span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA">Strategic IT Consulting </span></b><span lang="EN-ZA" style="color:#79AE52;
mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Advanced Networking </span></b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:EN-ZA">•</span><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:EN-ZA"></span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA">Custom Development </span></b><span lang="EN-ZA" style="color:#79AE52;
mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Hosting </span></b><span lang="EN-ZA" style="color:
#79AE52;mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Syspro Support </span></b><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:EN-ZA"></span>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:9.0pt;color:#A6A6A6;
mso-ansi-language:EN-ZA">Tel: </span><span lang="EN-ZA" style="font-size:9.0pt;
color:gray;mso-ansi-language:EN-ZA">041 10 10 100 </span>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:9.0pt;color:#A6A6A6;
mso-ansi-language:EN-ZA">Web: </span><span lang="EN-ZA" style="mso-ansi-language:
EN-ZA"><a href="http://www.tenacit.net/"><span style="font-size:9.0pt;
color:#BCE292">http://www.tenacit.net</span></a></span>
</p>
<span lang="EN-ZA" style="font-size:13.5pt;font-family:Webdings;mso-fareast-font-family:
"Times New Roman";mso-fareast-theme-font:minor-fareast;mso-bidi-font-family:
"Times New Roman";mso-bidi-theme-font:minor-bidi;color:green;mso-ansi-language:
EN-ZA;mso-fareast-language:EN-US;mso-bidi-language:AR-SA">P</span><span lang="EN-ZA" style="font-size:10.0pt;font-family:"Calibri",sans-serif;mso-ascii-theme-font:
minor-latin;mso-fareast-font-family:"Times New Roman";mso-fareast-theme-font:
minor-fareast;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;color:navy;mso-ansi-language:EN-ZA;mso-fareast-language:
EN-US;mso-bidi-language:AR-SA"> </span><span lang="EN-ZA" style="font-size:10.0pt;
font-family:"Calibri",sans-serif;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:
"Times New Roman";mso-fareast-theme-font:minor-fareast;mso-hansi-theme-font:
minor-latin;mso-bidi-font-family:"Times New Roman";mso-bidi-theme-font:minor-bidi;
color:green;mso-ansi-language:EN-ZA;mso-fareast-language:EN-US;mso-bidi-language:
AR-SA">Before printing this email please think about the environment</span><span lang="EN-ZA" style="font-size:10.0pt;font-family:"Calibri",sans-serif;mso-ascii-theme-font:
minor-latin;mso-fareast-font-family:"Times New Roman";mso-fareast-theme-font:
minor-fareast;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;color:navy;mso-ansi-language:EN-ZA;mso-fareast-language:
EN-US;mso-bidi-language:AR-SA">  </span><br />
 
<hr />
<br />
Date: 2019-04-17 02:25:18 PM<br />
Subject: Re: Incident [#SRY18918] IPtables were not loaded<br />
From: morne at tenacit.net<br />
To: spce-user at lists.sipwise.com<br />
Cc: linksilent at tenacit.net<br />
<br />
Hi,<br />
<br />
I deployed a new SIPWise CE server, and decided on adding my custom firewall rules as prescribed by the guide instead of a cronjob loading my custom file via iptables-restore.<br />
<br />
I added all the rules in the config.yml file, and I can see it generates the correct rules in the generated rules file, but it does not actually load the rules into iptables.<br />
<br />
Does anyone know why it wouldnt?<br />
 
<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:10.0pt;color:gray;
mso-ansi-language:EN-ZA">Kind Regards,</span>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA"> </span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:
EN-ZA">Morne du Plessis</span></b>
</p>

<p class="MsoNormal">
<span style="font-size:10.0pt;color:gray">Senior Network/Voice Engineer / Department Manager</span>
</p>

<p class="MsoNormal">
<span style="font-size:24px;"><b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:
EN-ZA">TenacIT</span></b></span><span style="font-size:22px;"><strong> </strong></span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA">Strategic IT Consulting </span></b><span lang="EN-ZA" style="color:#79AE52;
mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Advanced Networking </span></b><span lang="EN-ZA" style="color:#79AE52;mso-ansi-language:EN-ZA">•</span>
</p>

<p class="MsoNormal">
<b><span lang="EN-ZA" style="color:#1F497D;mso-ansi-language:
EN-ZA">Custom Development </span></b><span lang="EN-ZA" style="color:#79AE52;
mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Hosting </span></b><span lang="EN-ZA" style="color:
#79AE52;mso-ansi-language:EN-ZA">•</span><b><span lang="EN-ZA" style="color:#1F497D;
mso-ansi-language:EN-ZA"> Syspro Support </span></b>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:9.0pt;color:#A6A6A6;
mso-ansi-language:EN-ZA">Tel: </span><span lang="EN-ZA" style="font-size:9.0pt;
color:gray;mso-ansi-language:EN-ZA">041 10 10 100 </span>
</p>

<p class="MsoNormal">
<span lang="EN-ZA" style="font-size:9.0pt;color:#A6A6A6;
mso-ansi-language:EN-ZA">Web: </span><span lang="EN-ZA" style="mso-ansi-language:
EN-ZA"><a href="http://www.tenacit.net/"><span style="font-size:9.0pt;
color:#BCE292">http://www.tenacit.net</span></a></span>
</p>
<span lang="EN-ZA" style="font-size:13.5pt;font-family:Webdings;mso-fareast-font-family:
"Times New Roman";mso-fareast-theme-font:minor-fareast;mso-bidi-font-family:
"Times New Roman";mso-bidi-theme-font:minor-bidi;color:green;mso-ansi-language:
EN-ZA;mso-fareast-language:EN-US;mso-bidi-language:AR-SA">P</span><span lang="EN-ZA" style="font-size:10.0pt;font-family:"Calibri",sans-serif;mso-ascii-theme-font:
minor-latin;mso-fareast-font-family:"Times New Roman";mso-fareast-theme-font:
minor-fareast;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;color:navy;mso-ansi-language:EN-ZA;mso-fareast-language:
EN-US;mso-bidi-language:AR-SA"> </span><span lang="EN-ZA" style="font-size:10.0pt;
font-family:"Calibri",sans-serif;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:
"Times New Roman";mso-fareast-theme-font:minor-fareast;mso-hansi-theme-font:
minor-latin;mso-bidi-font-family:"Times New Roman";mso-bidi-theme-font:minor-bidi;
color:green;mso-ansi-language:EN-ZA;mso-fareast-language:EN-US;mso-bidi-language:
AR-SA">Before printing this email please think about the environment</span><span lang="EN-ZA" style="font-size:10.0pt;font-family:"Calibri",sans-serif;mso-ascii-theme-font:
minor-latin;mso-fareast-font-family:"Times New Roman";mso-fareast-theme-font:
minor-fareast;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;color:navy;mso-ansi-language:EN-ZA;mso-fareast-language:
EN-US;mso-bidi-language:AR-SA">  </span><br />
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20190429/4cefa958/attachment.html>


More information about the Spce-user mailing list