[SOLVED]Firewall Rules

[theb2b]

Have my zentyal server set as my firewall into my network, I had the firewall rules setup and working including port forwarding. Yesterday it stopped, sort of. I have two primary servers that are accessible from the outside, one is a lamp server and the other zentyal. I can still access the Lamp server but all requests to the zentyal server are dropped, no response. As a troubleshooting method I set all  four packet filter configuration settings to forward all packets, no filter rules. I also set port forwarding to do the same with all port requests. Basically this server is wide open, but still not able to get a connection, as an example SoGo web mail.

The Lamp server is accessible and severing up web pages, that's not an issue. Based on this I firmly believe the firewall rules on zentyal are "broken". Any suggestions on how to reset the rules? Rather not have to dump them all then reset them. Found this script on several web sites, but it would replace all my current rules requiring a reset of them?
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Really like to hear some thoughts\suggestions on how to proceed please.

[Mittelerde]

Hello

Go to the Module Status

Tick off Firewall - and save changes

now you can test

go to software and deinstall zentyal firewall
apt-get purge zentyal-firewall
and reinstall the firewall module


remember to do a config backup before

..good luck

[theb2b]

Turn off the firewall, all is good, turn it back on no access to the zentyal server.

So it is the firewall but it is only affecting the zentyal server.

I will wait until I get on site to do the reinstall, thanks for the help!

[theb2b]

Mittelerde if I do a firewall uninstall I lose DNS, DHCP, Mail and Groupware, Open Change Server, Domain Controller and File Sharing, etc, etc. I might as well re-install the server?

I know said to do a config backup, this could be a long night?

Thoughts?

[Mittelerde]

ohhhh 

can you post me some screenshots from your
Packet Filter rules

[theb2b]

Well I did it, removed the firewall module which removed 10 other modules. I then did a install of the firewall mod and all the other modules that where removed. I then ran the restore, which did not run complete, had to enable some of the modules, then run the restore again, enable the rest of the modules and run the restore again. In all I ran the restore 4 times before it all came back up. 

Firewall is now working, along with all the other services expect for an issue with mail. When attempting to send an email either using the web client or Thunderbird get an error message none of the receipts are valid. Doesn't matter if I select the address from the address book or type it in nor if it is an internal recipient or external.

Attempting to send an email to this domain results in a bounce back e-mail, error states "address was not found in the recipients e-mail system".

Not sure if I should close this ticket and open a new one. The firewall is working so original issue is solved but resolving it caused a different issue.