Get this error when in Firewall and select Zones:
Exception
/var/www/html/admin/modules/firewall/drivers/Iptables.class.php1027
Also same error when open Dashboard
D Rubie
Get this error when in Firewall and select Zones:
Exception
/var/www/html/admin/modules/firewall/drivers/Iptables.class.php1027
Also same error when open Dashboard
D Rubie
Please post the full error. It says more than just exception.
Exception thrown with message “/tmp/iptables.out wasn’t created”
Stacktrace:
#8 Exception in /var/www/html/admin/modules/firewall/drivers/Iptables.class.php:1027
#7 FreePBX\modules\Firewall\Drivers\Iptables:getCurrentIptables in /var/www/html/admin/modules/firewall/drivers/Iptables.class.php:29
#6 FreePBX\modules\Firewall\Drivers\Iptables:getZonesDetails in /var/www/html/admin/modules/firewall/Firewall.class.php:652
#5 FreePBX\modules\Firewall:getSystemZones in /var/www/html/admin/modules/firewall/Firewall.class.php:618
#4 FreePBX\modules\Firewall:getZone in /var/www/html/admin/modules/firewall/views/page.zones.php:72
#3 include in /var/www/html/admin/libraries/view.functions.php:205
#2 load_view in /var/www/html/admin/modules/firewall/Firewall.class.php:263
#1 FreePBX\modules\Firewall:showPage in /var/www/html/admin/modules/firewall/page.firewall.php:26
#0 include in /var/www/html/admin/config.php:555
Is this on the distro?
yes…it was working before and just started to give this error…
the server is hosted on freepbxhosting. I did the upgrade from version 12 to 13 in November last year.
Not sure what happened to produce this error
I’m also still getting this on the distro. Did an upgrade at around the same time, but I’ve been getting it consistently since then. Mostly been hobbying with it until now, but I’d like to start using it more seriously now, particularly to set up a separate VoIP line for my business calls.
Let me know if I can add any detail to help you resolve this.
I’m running on a (pretty low spec) VM at the moment.
Have you tried
su asterisk
touch /tmp/file
Does it work?
That works fine, but I have had other problems with the /tmp/
directory, updating Core usually results in a SQL error which I generally resolve by making the /tmp/
directory writable to everyone.
HUH? Why would your tmp directory not be writable by everyone?
The file mode should be (at least) RWS-RWX-RWX. The same with /var/tmp and /usr/tmp (if you have them).
That’s my general question. I think it’s the asterisk startup process that seems to change the permissions, but only since the upgrade.
I even added an exception in freepbx_chown.conf but it still never sticks. After after a restart or updating core it will be back to only writeable by the asterisk user.
It doesn’t stick because freepbx does not set permissions on that directory
If that directory’s permissions change again, start looking for malware.
How would I start that? I’m still a relative noob when it comes to systems administration!
Sorry, when I was trying to work out that issue it looked like these were used during asterisk startup, so I assumed that would work. At least that explains why it doesn’t!
Checking installation for hackers is a good article from NerdVittles to check the health of your system. A good read even if your machine hasn’t been compromised.
Thanks for the tip, I’ll have a thorough read of that one later!
That still leaves the issue with the firewall.
Below is the dump I get if I click on Zones. Let me know if you need anything else to help me work this one out!
Exception
=========
/tmp/iptables.out wasn't created
/var/www/html/admin/modules/firewall/drivers/Iptables.class.php: (1025 onwards)
// Not root, need to run a hook.
@unlink("/tmp/iptables.out");
\FreePBX::Firewall()->runHook("getiptables");
// Wait for up to 5 seconds for the output.
$crashafter = time() + 5;
while (!file_exists("/tmp/iptables.out")) {
if ($crashafter > time()) {
throw new \Exception("/tmp/iptables.out wasn't created");
}
usleep(200000);
Server/Request Data
===================
HTACCESS on
HTTP_HOST sip.*****.***:##
HTTP_CONNECTION keep-alive
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
HTTP_UPGRADE_INSECURE_REQUESTS 1
HTTP_USER_AGENT Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.86 Safari/537.36
HTTP_REFERER http://sip.*****.***:##/admin/config.php?display=firewall
HTTP_ACCEPT_ENCODING gzip, deflate, sdch
HTTP_ACCEPT_LANGUAGE en-GB,en-US;q=0.8,en;q=0.6
HTTP_COOKIE lang=en_US; searchHide=1; PHPSESSID=eknpjqd0midtv97f5jve1n1l23; __utma=221444122.1160446600.1461235088.1461250681.1461255590.4; __utmc=221444122; __utmz=221444122.1461235088.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
PATH /sbin:/usr/sbin:/bin:/usr/bin
SERVER_SIGNATURE <address>Apache/2.2.15 (CentOS) Server at sip.*****.*** Port ##</address>
SERVER_SOFTWARE Apache/2.2.15 (CentOS)
SERVER_NAME sip.*****.***
SERVER_ADDR 192.168.1.#
SERVER_PORT ##
REMOTE_ADDR [redacted]
DOCUMENT_ROOT /var/www/html
SERVER_ADMIN root@localhost
SCRIPT_FILENAME /var/www/html/admin/config.php
REMOTE_PORT 52730
GATEWAY_INTERFACE CGI/1.1
SERVER_PROTOCOL HTTP/1.1
REQUEST_METHOD GET
QUERY_STRING display=firewall&page=zones
REQUEST_URI /admin/config.php?display=firewall&page=zones
SCRIPT_NAME /admin/config.php
PHP_SELF /admin/config.php
REQUEST_TIME 1461308015
GET Data
========
display firewall
page zones
POST Data
=========
empty
Files
=====
empty
Cookies
=======
lang en_US
searchHide 1
PHPSESSID eknpjqd0midtv97f5jve1n1l23
__utma 221444122.1160446600.1461235088.1461250681.1461255590.4
__utmc 221444122
__utmz 221444122.1461235088.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Session
=======
langdirection ltr
module_name firewall
module_page firewall
AMP_user ampuser Object ( [redacted] )
Environment Variables
=====================
empty
Registered Handlers
===================
0. Whoops\Handler\PrettyPageHandler
Your /tmp directory permissions can be set using “chown 777 root /tmp”. This isn’t as secure as some other settings (since it allows anyone with access to delete stuff from /tmp) but it should get you past this error.
There is definitely something strange going on here. The /tmp directory should be readable and writable by everyone.
Tried that but I still can’t view the zones in the FreePBX administration site.
Same issue here. Running on 10.13.66-9. An auto update is set for tomorrow at midnight to bring it to 10.13.66-11; hopefully this corrects the issue. If not I may have to remove and reinstall the firewall module.
I’m having the same exact issue. I’m using the distro and I’m currently running at 10.13.66-11. I’ve had to turn off the firewall at the command line using fwconsole firewall stop.
I also cannot view the Failed2Ban page. I get the following:
Exception thrown with message “Could not get banned list”
Stacktrace:
#5 Exception in /var/www/html/admin/modules/sysadmin/Sysadmin.class.php:1476
#4 FreePBX\modules\Sysadmin:getFail2BanList in /var/www/html/admin/modules/sysadmin/functions.inc/intrusion.php:58
#3 sysadmin_get_banned in /var/www/html/admin/modules/sysadmin/page.sysadmin.php:398
#2 include in /var/www/html/admin/libraries/BMO/GuiHooks.class.php:157
#1 FreePBX\GuiHooks:getOutput in /var/www/html/admin/libraries/BMO/GuiHooks.class.php:127
#0 FreePBX\GuiHooks:doIntercept in /var/www/html/admin/config.php:559