Server aholed after ASL update?

aslus maximus · Wed Mar 20, 2013 3:14 pm

So I can't edit ASL-INPUT like that in easy mode? I have to use advanced mode only? The hardware is 5 years old so I'm on the ASL 27 kernel as the newest one doesn't work with this machine. That's why I wanted to recompile the new one. 348 I think it is. I have to migrate to new hardware.

aslus maximus · Wed Mar 20, 2013 3:27 pm

Well I deleted port 30000 and 20 and now my server is offline. D'oh!

Unread post by **mikeshinn** » Wed Mar 20, 2013 3:41 pm

So I can't edit ASL-INPUT like that in easy mode? I have to use advanced mode only? The hardware is 5 years old so I'm on the ASL 27 kernel as the newest one doesn't work with this machine. That's why I wanted to recompile the new one. 348 I think it is. I have to migrate to new hardware.

No, you can not edit the ASL-* chains, they are dynamically generated and your changes will be lost, or worse.

There is a new alpha testing firewall feature that may do what you want without using the firewall rule manager. Please see this forum post:

https://atomicorp.com/forum/viewtopic.php?f=25&t=6636

Keep in mind this is an alpha feature, and it may change based on feedback from testing.

aslus maximus · Wed Mar 20, 2013 3:59 pm

Yep but why do they have the edit button in there man if you can't do that?

Anyways. My server is down and I better fix it. I don't know why deleting iptables and those 2 rules locked me and everyone else out. I'll boot into recuse mode and add myself to the ACL list and see if it works then.

aslus maximus · Wed Mar 20, 2013 4:12 pm

It's just me that's locked out by the look of it. I'm still getting emails. Not so bad.

hostingg · Unread post by **hostingg** » Wed Mar 20, 2013 6:14 pm

Yep but why do they have the edit button in there man if you can't do that?

well the documentation does say not to do it.

Unread post by **mikeshinn** » Wed Mar 20, 2013 6:40 pm

The reason we allow editing is that we may need to have ask a customer to change a generated rule to debug a different issue.

aslus maximus · Wed Mar 20, 2013 10:03 pm

I was just looking at the ui and it would be tricky to make it work any other way without having 2 separate screens for easy and advanced mode or using some script in there to tell the difference between asl generated rules and others.

aslus maximus · Wed Mar 20, 2013 10:18 pm

I think I know what's going on now. You can edit the rules that way but they won't be saved because they are generated from the asl config screen and will be lost the at the next update. That's why you say don't do it that way. That makes sense.

aslus maximus · Wed Mar 20, 2013 10:25 pm

You know what you should do with the asl config screen? Make another form field that allows users to put in the ip addresses they want to allow access along with the port numbers. Then you would have a super easy mode

Unread post by **mikeshinn** » Thu Mar 21, 2013 2:07 pm

You know what you should do with the asl config screen? Make another form field that allows users to put in the ip addresses they want to allow access along with the port numbers. Then you would have a super easy mode

We agree, we're working on adding that in too.

aslus maximus · Thu Mar 21, 2013 3:42 pm

Mine never had a /etc/asl/firewall/tortixd-access-list? So I made one and it seems to work.

Now it's crying about a kernel that never existed as far as I can tell.

--> Missing Dependency: kernel-uname-r = 2.6.32.60-36.art.i686.PAE is needed by package kmod-xtables-addons-2.6.32.60-36.art.i686.PAE-1.47.1-3.36.el5.i686 (asl-3.0)

So I skipped that package and now it says:

Transaction Check Error:
file /usr/lib/mysql/libmysqlclient.so.18.0.0 from install of mysql-libs-5.5.30-15.el5.art.i386 conflicts with file from package mysqlclient18-5.5.28-6.el5.art.i386

Anyway, nice app you have, very nice. I don't know how I survived all these years without something like ASL

Unread post by **mikeshinn** » Thu Mar 21, 2013 4:11 pm

Transaction Check Error:
file /usr/lib/mysql/libmysqlclient.so.18.0.0 from install of mysql-libs-5.5.30-15.el5.art.i386 conflicts with file from package mysqlclient18-5.5.28-6.el5.art.i386

Please see this FAQ:

https://www.atomicorp.com/wiki/index.ph ... ysqlclient

aslus maximus · Fri Mar 22, 2013 6:43 am

What do yous reckon about this? I fixed the dependency problem by removing asl and the mysql lib package that was crying and did a yum update. All is well everything working. Reinstalled asl. All is well everything working. Rebooted to load the asl kernel, no go because of old hardware and no modules, fair enough, I'll reboot back into the centOS kernel. It boots up everything is up and then after 1 minute the server shuts down. Change to another centOS kernel, same thing. After 1 minute the server shuts down as if someone gave it the shutdown command. No matter what I do it won't stay up for more than a minute. It only stays up when I boot into rescue. I can't see anything wrong in the logs.

That's what it was doing last week and I thought it had been aholed so I reinstalled everything. How come it keeps shutting down? It's weird. Any ideas?

Thanks

aslus maximus · Fri Mar 22, 2013 7:10 am

It looks there is something wrong with the hosting company's hardware or control panel

Atomicorp

Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?

Re: Server aholed after ASL update?