Author Topic: zentyal-firewall 7.0.0 tries to call /sbin/iptables  (Read 1395 times)

nickpiggott

  • Zen Apprentice
  • *
  • Posts: 23
  • Karma: +8/-0
    • View Profile
zentyal-firewall 7.0.0 tries to call /sbin/iptables
« on: March 13, 2021, 09:02:39 pm »
Recent upgrade from 6.2.7 to 7.0 on Ubutnu

After upgrading I noticed that my iptables were blank and I had no routing through the server. Looking at the log, I could see that the firewall module was trying to manipulate iptables by referencing /sbin/iptables.

There wasn't an /sbin/iptables on my installation - its /usr/sbin/iptables

I "fixed" the problem by creating a symbolic link from /sbin/iptables to /usr/sbin/iptables and restarted the firewall. iptables then populated correctly and traffic flowed through the server.
« Last Edit: March 13, 2021, 09:14:21 pm by nickpiggott »

Daniel Joven

  • Zentyal Staff
  • Zen Apprentice
  • *****
  • Posts: 45
  • Karma: +21/-0
    • View Profile
Re: zentyal-firewall 7.0.0 tries to call /sbin/iptables
« Reply #1 on: March 17, 2021, 12:46:42 pm »
Hi nickpiggott,

Can you please tell me which modules did you have installed when you did the upgrade? Did you get an error when the upgrade finished? Do you remember if you had any broken package after the upgrade?The script contains the symbolic link that you had to set.

Best regards, Daniel Joven.

mscfw

  • Zen Apprentice
  • *
  • Posts: 14
  • Karma: +4/-0
    • View Profile
Re: zentyal-firewall 7.0.0 tries to call /sbin/iptables
« Reply #2 on: March 17, 2021, 01:24:30 pm »
Hi,
I can also see a log message in the zentyal.log file telling me
Code: [Select]
Error output: /var/lib/zentyal/tmp/AL0F9rpy_r.cmd: 13: /sbin/iptables: not foundbut my internal and external filter settings seemed to be there and working - at least mail and www hosting is working for what I can see.

bye

Markus

nickpiggott

  • Zen Apprentice
  • *
  • Posts: 23
  • Karma: +8/-0
    • View Profile
Re: zentyal-firewall 7.0.0 tries to call /sbin/iptables
« Reply #3 on: April 22, 2021, 10:30:04 am »
@Daniel I think we picked this up on the github issue (https://github.com/zentyal/zentyal/issues/2039)

for others - the problem was a failed upgrade script, which didn't create the symlink. Have a look at the discussion on github, but it seems that re-running the upgrade script again from the command line may resolve these issues.