Getting dropped even when whitelisted

[JnascECSI]

So not sure why but i have my home IP address whitelisted in ASL, for some reason thou i am getting dropped if i try to get to the ASL GUI. i have flushed and rebooted but still happens. Any idea why it would still happen even after being whitelisted.


Received From: ecs-3->/var/log/messages
Rule: 4151 fired (level 10) -> "Multiple Firewall drop events from same source."
Portion of the log(s):

Code: Select all

May 12 17:08:52 ecs-3 kernel: DROP_ASL_TORTIX IN=em1 OUT= MAC=78:2b:cb:1b:2b:02:00:22:19:1d:fb:94:08:00 SRC=XX.186.XXX.71 DST=10.XXX.XXX.173 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=25965 DF PROTO=TCP SPT=13077 DPT=30000 SEQ=4273183466 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402) 

[mikeshinn]

Do you have this enabled:

https://www.atomicorp.com/wiki/index.ph ... _WHITELIST

[prupert]

It appears that your firewall does not allow your IP address to connect to the ASL web interface (tcp/30000). See https://www.atomicorp.com/wiki/index.ph ... ACL_system

Rather than making the very bold move of enabling FW_WHITELIST (Mike???), which you probably don't want (I certainly wouldn't!), simply make sure that your IP address is allowed to access the ASL web interace. See the above wiki link.

If you do not want to use the "ACL system", which takes care of the firewall configuration for the ASL web interface port, you can add "0.0.0.0/0" to this file and run 'asl -s -f'. Please note that I would not recommended this, as it opens up access to the ASL web interface from all IP addresses. The recommended secure way is to only add your trusted IP address to /etc/asl/firewall/tortixd-access-list.

[mikeshinn]

Yes, thats definitely the most secure approach. Some users prefer to allow whitelisted hosts full access to their systems, which is why we've added that option. If that meets your security and usability needs, then feel free to enable it.