Iptables error after module update


#1

SNG7 distro, FreePBX 15

After one of the last updates, unfortunatelly I’m not sure which one, my firewall.log logfile is constantly filled with the following lines:

1633108567: /sbin/ip6tables -w5 -W10000 -F fpbxsvc-api_ssl
1633108567: /sbin/ip6tables -w5 -W10000 -A fpbxsvc-api_ssl -p tcp -m tcp --dport -j ACCEPT
1633108567: /sbin/iptables -w5 -W10000 -F fpbxsvc-api_ssl
1633108567: /sbin/iptables -w5 -W10000 -A fpbxsvc-api_ssl -p tcp -m tcp --dport -j ACCEPT

Clearly, the command is missing the port definition, so the firewall.err logfile is consecuently filled with the following lines:

ip6tables v1.4.21: invalid port/service -j' specified Tryip6tables -h’ or ‘ip6tables --help’ for more information.
iptables v1.4.21: invalid port/service -j' specified Tryiptables -h’ or ‘iptables --help’ for more information.

I’m not sure which update might have caused this, but this same situation is happening in 3 different servers, all of them running SNG7 Distro with FreePBX15

Anyone happens to be experiencing this same behaviour?

I guess these might be the relevant modules that might be related to the FreePBX Firewall

core | 15.0.12.84
firewall | 15.0.19
framework | 15.0.17.55
sysadmin | 15.0.21.81


Firewall bug ticket for repeated error?
(Andrew) #2

--dport is expecting a destination port on the rule, but instead is followed up with -j ACCEPT. I would submit a bug report.