Geoblocking

[BerArt]

If I select a country to block an hit the safe button in the webGUI i get the next message:

"failed open file"

Now the Geoblocking page is gone also

[scott]

Can you send me the output of:

rpm -q asl asl-web-gui

Make sure you've yum updated to the latest of both.

[BerArt]

It is updated to the latest versions:

# rpm -q asl asl-web-gui
asl-1.9.11-6.el4.art
asl-web-gui-0.11-3.el4.art

Is there a config file to do this manualy? How?

[BerArt]

Ok, now I see that ASL is processing the request but how can see what it did because the choice I made I can select again?

//edit the selection came back after a couple of seconds

[scott]

Ah ok, all is well now?

[BerArt]

ASL timed out a couple of times but it made the changes anyway after a while, it took a long time to process though? The same happend after I added al blocked IP's to the blacklist, i timed out also a couple of times. I will try it again tommorow but right now if I add one blocked IP to the blacklist it is taking minutes and you have to wait nothning else works at if this process is running...

[scott]

yeah it can take a long time if you're building a huge policy. It has to do with maintaining compatibility with other firewall systems (psa-firewall, apf, etc). Long term for performance sake, I might have to break that. Basically it analyzes the existing policy to make sure its not conflicting with it, and that takes a long time with a big list.

[BerArt]

Ah, so copy the .conf to the other servers is not a goog idea? Do you need to run ASL -f after updating the geoblock?

[BerArt]

I tried it again just now and it is impossible to move/copy the blocklist IP's to the blacklist ASL is timming out and during this process everything is on hold.

[scott]

Ive got some ideas on how to make that faster, but they will have to wait until the OSSEC 1.5 update is complete.

[BerArt]

OK, I will wait thx!