Firewall function crashes - Ubuntu Server
Ajenti 0.99.7 bug report
--------------------
Detected platform: debian / ubuntu / Ubuntu 12.04.2 LTS
Python: 2.7.3
Installation: 27849470
Debug: False
Loaded plugins:
main dashboard services plugins configurator resolv fstab db_common fm power ajenti_org codemirror notepad terminal scripts cron resources network hosts webserver_common apache iptables packages taskmgr mysql sensors logs users test
Traceback (most recent call last):
File "/usr/lib/pymodules/python2.7/ajenti/plugins/main/main.py", line 98, in on_message
self.ui.dispatch_event(update['uid'], update['event'], update['params'])
File "/usr/lib/pymodules/python2.7/ajenti/ui/__init__.py", line 64, in dispatch_event
self.root.dispatch_event(uid, event, params)
File "/usr/lib/pymodules/python2.7/ajenti/ui/element.py", line 306, in dispatch_event
if child.dispatch_event(uid, event, params):
File "/usr/lib/pymodules/python2.7/ajenti/ui/element.py", line 302, in dispatch_event
self.event(event, params)
File "/usr/lib/pymodules/python2.7/ajenti/ui/element.py", line 320, in event
getattr(self, 'on_%s' % event)(**(params or {}))
File "/usr/lib/pymodules/python2.7/ajenti/plugins/main/main.py", line 266, in on_switch
child.broadcast('on_page_load')
File "/usr/lib/pymodules/python2.7/ajenti/ui/element.py", line 292, in broadcast
getattr(self, method)(*args, **kwargs)
File "/usr/lib/pymodules/python2.7/ajenti/plugins/iptables/main.py", line 109, in on_page_load
self.refresh()
File "/usr/lib/pymodules/python2.7/ajenti/plugins/iptables/main.py", line 121, in refresh
self.binder.autodiscover().populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 410, in populate
binding.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 293, in populate
binder.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 410, in populate
binding.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 293, in populate
binder.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 410, in populate
binding.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 293, in populate
binder.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 410, in populate
binding.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 293, in populate
binder.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 410, in populate
binding.populate()
File "/usr/lib/pymodules/python2.7/ajenti/ui/binder.py", line 130, in populate
template = self.ui.children[index]
IndexError: list index out of range
Log:
2013-06-26 12:48:12,782 INFO registry.register_crypt_handler(): registered crypt handler 'sha512_crypt': <class 'passlib.handlers.sha2_crypt.sha512_crypt'>
2013-06-26 12:48:12,826 INFO core.run(): Ajenti 0.99.7 running on platform: debian
2013-06-26 12:48:12,826 DEBUG __init__.load(): Loading plugin services
2013-06-26 12:48:12,826 DEBUG __init__.load(): == Services
2013-06-26 12:48:12,826 DEBUG __init__.load_recursive(): Preloading plugin dependency: main
2013-06-26 12:48:12,827 DEBUG __init__.load(): Loading plugin main
2013-06-26 12:48:12,827 DEBUG __init__.load(): == Core
2013-06-26 12:48:12,844 DEBUG __init__.load(): Loading plugin services
2013-06-26 12:48:12,844 DEBUG __init__.load(): == Services
2013-06-26 12:48:12,844 DEBUG __init__.load_recursive(): Preloading plugin dependency: dashboard
2013-06-26 12:48:12,844 DEBUG __init__.load(): Loading plugin dashboard
2013-06-26 12:48:12,844 DEBUG __init__.load(): == Dashboard
2013-06-26 12:48:12,845 DEBUG __init__.load(): Loading plugin services
2013-06-26 12:48:12,845 DEBUG __init__.load(): == Services
2013-06-26 12:48:12,853 DEBUG __init__.load(): Loading plugin plugins
2013-06-26 12:48:12,854 DEBUG __init__.load(): == Plugins
2013-06-26 12:48:12,854 DEBUG __init__.load(): Loading plugin configurator
2013-06-26 12:48:12,854 DEBUG __init__.load(): == Ajenti Configurator
2013-06-26 12:48:12,855 DEBUG __init__.load(): Loading plugin supervisor
2013-06-26 12:48:12,855 DEBUG __init__.load(): == Supervisor
2013-06-26 12:48:12,859 WARNING __init__.load(): *** [supervisor] Plugin failed to load: BinaryDependency (supervisord)
2013-06-26 12:48:12,859 DEBUG __init__.load(): Loading plugin resolv
2013-06-26 12:48:12,859 DEBUG __init__.load(): == Nameservers
2013-06-26 12:48:12,860 DEBUG __init__.load(): Loading plugin fstab
2013-06-26 12:48:12,860 DEBUG __init__.load(): == Filesystems
2013-06-26 12:48:12,882 DEBUG __init__.load(): Loading plugin squid
2013-06-26 12:48:12,882 DEBUG __init__.load(): == Squid
2013-06-26 12:48:12,885 WARNING __init__.load(): *** [squid] Plugin failed to load: BinaryDependency (squid3)
2013-06-26 12:48:12,886 DEBUG __init__.load(): Loading plugin db_common
2013-06-26 12:48:12,886 DEBUG __init__.load(): == Database Commons
2013-06-26 12:48:12,887 DEBUG __init__.load(): Loading plugin hddtemp
2013-06-26 12:48:12,887 DEBUG __init__.load(): == HDD temperature
2013-06-26 12:48:12,890 WARNING __init__.load(): *** [hddtemp] Plugin failed to load: BinaryDependency (hddtemp)
2013-06-26 12:48:12,890 DEBUG __init__.load(): Loading plugin lm-sensors
2013-06-26 12:48:12,890 DEBUG __init__.load(): == LM-Sensors
2013-06-26 12:48:12,894 WARNING __init__.load(): *** [lm-sensors] Plugin failed to load: BinaryDependency (sensors)
2013-06-26 12:48:12,895 DEBUG __init__.load(): Loading plugin fm
2013-06-26 12:48:12,895 DEBUG __init__.load(): == File Manager
2013-06-26 12:48:12,897 DEBUG __init__.load(): Loading plugin exports
2013-06-26 12:48:12,897 DEBUG __init__.load(): == NFS Exports
2013-06-26 12:48:12,901 WARNING __init__.load(): *** [exports] Plugin failed to load: BinaryDependency (nfsstat)
2013-06-26 12:48:12,901 DEBUG __init__.load(): Loading plugin power
2013-06-26 12:48:12,901 DEBUG __init__.load(): == Power
2013-06-26 12:48:12,902 DEBUG __init__.load(): Loading plugin ajenti_org
2013-06-26 12:48:12,902 DEBUG __init__.load(): == ajenti.org integration
2013-06-26 12:48:12,903 DEBUG __init__.load(): Loading plugin notepad
2013-06-26 12:48:12,903 DEBUG __init__.load(): == Notepad
2013-06-26 12:48:12,903 DEBUG __init__.load_recursive(): Preloading plugin dependency: codemirror
2013-06-26 12:48:12,903 DEBUG __init__.load(): Loading plugin codemirror
2013-06-26 12:48:12,903 DEBUG __init__.load(): == CodeMirror code editor
2013-06-26 12:48:12,904 DEBUG __init__.load(): Loading plugin notepad
2013-06-26 12:48:12,904 DEBUG __init__.load(): == Notepad
2013-06-26 12:48:12,904 DEBUG __init__.load(): Loading plugin netatalk
2013-06-26 12:48:12,904 DEBUG __init__.load(): == Netatalk
2013-06-26 12:48:12,908 WARNING __init__.load(): *** [netatalk] Plugin failed to load: BinaryDependency (afpd)
2013-06-26 12:48:12,908 DEBUG __init__.load(): Loading plugin scripts
2013-06-26 12:48:12,908 DEBUG __init__.load(): == Scripts
2013-06-26 12:48:12,908 DEBUG __init__.load_recursive(): Preloading plugin dependency: terminal
2013-06-26 12:48:12,908 DEBUG __init__.load(): Loading plugin terminal
2013-06-26 12:48:12,909 DEBUG __init__.load(): == Terminal
2013-06-26 12:48:12,921 DEBUG __init__.load(): Loading plugin scripts
2013-06-26 12:48:12,922 DEBUG __init__.load(): == Scripts
2013-06-26 12:48:12,922 DEBUG __init__.load(): Loading plugin cron
2013-06-26 12:48:12,922 DEBUG __init__.load(): == Cron
2013-06-26 12:48:12,927 DEBUG __init__.load(): Loading plugin resources
2013-06-26 12:48:12,927 DEBUG __init__.load(): == Resource Manager
2013-06-26 12:48:12,929 DEBUG __init__.load(): Loading plugin raid
2013-06-26 12:48:12,929 DEBUG __init__.load(): == RAID
2013-06-26 12:48:12,933 WARNING __init__.load(): *** [raid] Plugin failed to load: BinaryDependency (mdadm)
2013-06-26 12:48:12,934 DEBUG __init__.load(): Loading plugin psql
2013-06-26 12:48:12,934 DEBUG __init__.load(): == PostgreSQL
2013-06-26 12:48:12,938 WARNING __init__.load(): *** [psql] Plugin failed to load: BinaryDependency (psql)
2013-06-26 12:48:12,938 DEBUG __init__.load(): Loading plugin network
2013-06-26 12:48:12,938 DEBUG __init__.load(): == Network
2013-06-26 12:48:12,939 DEBUG __init__.load(): Loading plugin hosts
2013-06-26 12:48:12,939 DEBUG __init__.load(): == Hosts
2013-06-26 12:48:12,940 DEBUG __init__.load(): Loading plugin apache
2013-06-26 12:48:12,940 DEBUG __init__.load(): == Apache
2013-06-26 12:48:12,940 DEBUG __init__.load_recursive(): Preloading plugin dependency: webserver_common
2013-06-26 12:48:12,940 DEBUG __init__.load(): Loading plugin webserver_common
2013-06-26 12:48:12,940 DEBUG __init__.load(): == Webserver Commons
2013-06-26 12:48:12,940 DEBUG __init__.load(): Loading plugin apache
2013-06-26 12:48:12,941 DEBUG __init__.load(): == Apache
2013-06-26 12:48:12,945 DEBUG __init__.load(): Loading plugin iptables
2013-06-26 12:48:12,945 DEBUG __init__.load(): == Firewall
2013-06-26 12:48:12,946 DEBUG __init__.load(): Loading plugin ctdb
2013-06-26 12:48:12,946 DEBUG __init__.load(): == CTDB
2013-06-26 12:48:12,950 WARNING __init__.load(): *** [ctdb] Plugin failed to load: BinaryDependency (ctdb)
2013-06-26 12:48:12,950 DEBUG __init__.load(): Loading plugin packages
2013-06-26 12:48:12,950 DEBUG __init__.load(): == Package manager
2013-06-26 12:48:12,952 DEBUG __init__.load(): Loading plugin taskmgr
2013-06-26 12:48:12,952 DEBUG __init__.load(): == Processes
2013-06-26 12:48:12,953 DEBUG __init__.load(): Loading plugin mysql
2013-06-26 12:48:12,953 DEBUG __init__.load(): == MySQL
2013-06-26 12:48:12,957 DEBUG __init__.load(): Loading plugin sensors
2013-06-26 12:48:12,958 DEBUG __init__.load(): == Sensors
2013-06-26 12:48:12,959 DEBUG __init__.load(): Loading plugin logs
2013-06-26 12:48:12,959 DEBUG __init__.load(): == Logs
2013-06-26 12:48:12,960 DEBUG __init__.load(): Loading plugin munin
2013-06-26 12:48:12,960 DEBUG __init__.load(): == Munin
2013-06-26 12:48:12,964 WARNING __init__.load(): *** [munin] Plugin failed to load: BinaryDependency (munin-cron)
2013-06-26 12:48:12,964 DEBUG __init__.load(): Loading plugin nginx
2013-06-26 12:48:12,964 DEBUG __init__.load(): == NGINX
2013-06-26 12:48:12,968 WARNING __init__.load(): *** [nginx] Plugin failed to load: BinaryDependency (nginx)
2013-06-26 12:48:12,968 DEBUG __init__.load(): Loading plugin users
2013-06-26 12:48:12,969 DEBUG __init__.load(): == Users
2013-06-26 12:48:12,969 DEBUG __init__.load(): Loading plugin samba
2013-06-26 12:48:12,970 DEBUG __init__.load(): == Samba
2013-06-26 12:48:12,973 WARNING __init__.load(): *** [samba] Plugin failed to load: BinaryDependency (smbd)
2013-06-26 12:48:12,974 DEBUG __init__.load(): Loading plugin smartctl
2013-06-26 12:48:12,974 DEBUG __init__.load(): == S.M.A.R.T.
2013-06-26 12:48:12,978 WARNING __init__.load(): *** [smartctl] Plugin failed to load: BinaryDependency (smartctl)
2013-06-26 12:48:12,978 DEBUG __init__.load(): Loading plugin test
2013-06-26 12:48:12,978 DEBUG __init__.load(): == Test
2013-06-26 12:48:12,985 INFO core.start(): Starting SSL tunnel for port 47520
2013-06-26 12:48:13,694 INFO core.run(): SSL tunnel running fine
2013-06-26 12:48:13,694 INFO core.run(): Starting server on (u'127.0.0.1', 47520)
2013-06-26 12:48:13,695 DEBUG feedback.send(): Feedback >> ping ({'id': 261})
2013-06-26 12:48:13,699 INFO connectionpool._new_conn(): Starting new HTTP connection (1): meta.ajenti.org
2013-06-26 12:48:28,715 WARNING connectionpool.urlopen(): Retrying (0 attempts remain) after connection broken by 'DNSError(67, 'request timed out')': /api/v2/ping
Answer
Hi Carl! Could you please attach your iptables config file?
Hi Eugeny,
The only "config" file I'm seeing is the "Iptables.up.rules" file. Is there a different file you need, or is that the one?
Hi Carl! Could you please attach your iptables config file?
Here is my files content. Unfortunately I had to remove Ajenti from the box in lieu of something that had network config functionality. I need to add a post to the suggestion side and comment that we'd benefit from functionality similar to what Webmin currently has. I know some may feel Webmin is overkill, but more is better in my world. Adding more functionality to Ajenti like that would be wonderful!
# Generated by iptables-save v1.4.12 on Wed Jun 26 12:38:45 2013 *raw :PREROUTING ACCEPT [1828412:95858484] :OUTPUT ACCEPT [2039245:127205995] COMMIT # Completed on Wed Jun 26 12:38:45 2013 # Generated by iptables-save v1.4.12 on Wed Jun 26 12:38:45 2013 *nat :PREROUTING ACCEPT [527:121466] :INPUT ACCEPT [523:120550] :OUTPUT ACCEPT [61:3703] :POSTROUTING ACCEPT [61:3703] COMMIT # Completed on Wed Jun 26 12:38:45 2013 # Generated by iptables-save v1.4.12 on Wed Jun 26 12:38:45 2013 *mangle :PREROUTING ACCEPT [1828412:95858484] :INPUT ACCEPT [1828408:95857568] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [2039245:127205995] :POSTROUTING ACCEPT [2039245:127205995] :tcfor - [0:0] :tcin - [0:0] :tcout - [0:0] :tcpost - [0:0] :tcpre - [0:0] -A PREROUTING -j tcpre -A INPUT -j tcin -A FORWARD -j MARK --set-xmark 0x0/0xff -A FORWARD -j tcfor -A OUTPUT -j tcout -A POSTROUTING -j tcpost COMMIT # Completed on Wed Jun 26 12:38:45 2013 # Generated by iptables-save v1.4.12 on Wed Jun 26 12:38:45 2013 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] :Broadcast - [0:0] :Drop - [0:0] :Invalid - [0:0] :NotSyn - [0:0] :Reject - [0:0] :dynamic - [0:0] :fw2loc - [0:0] :fw2net - [0:0] :loc2fw - [0:0] :loc2net - [0:0] :logdrop - [0:0] :logreject - [0:0] :net2fw - [0:0] :net2loc - [0:0] :reject - [0:0] :shorewall - [0:0] -A INPUT -m conntrack --ctstate INVALID,NEW -j dynamic -A INPUT -i eth0 -j net2fw -A INPUT -i eth1 -j loc2fw -A INPUT -i lo -j ACCEPT -A INPUT -j Reject -A INPUT -j LOG --log-prefix "Shorewall:INPUT:REJECT:" --log-level 6 -A INPUT -g reject -A FORWARD -i eth0 -o eth1 -j net2loc -A FORWARD -i eth1 -o eth0 -j loc2net -A FORWARD -j Reject -A FORWARD -j LOG --log-prefix "Shorewall:FORWARD:REJECT:" --log-level 6 -A FORWARD -g reject -A OUTPUT -o eth0 -j fw2net -A OUTPUT -o eth1 -j fw2loc -A OUTPUT -o lo -j ACCEPT -A OUTPUT -j Reject -A OUTPUT -j LOG --log-prefix "Shorewall:OUTPUT:REJECT:" --log-level 6 -A OUTPUT -g reject -A Broadcast -m addrtype --dst-type BROADCAST -j DROP -A Broadcast -m addrtype --dst-type MULTICAST -j DROP -A Broadcast -m addrtype --dst-type ANYCAST -j DROP -A Broadcast -d 224.0.0.0/4 -j DROP -A Drop -A Drop -p tcp -m tcp --dport 113 -m comment --comment Auth -j reject -A Drop -j Broadcast -A Drop -p icmp -m icmp --icmp-type 3/4 -m comment --comment "Needed ICMP types" -j ACCEPT -A Drop -p icmp -m icmp --icmp-type 11 -m comment --comment "Needed ICMP types" -j ACCEPT -A Drop -j Invalid -A Drop -p udp -m multiport --dports 135,445 -m comment --comment SMB -j DROP -A Drop -p udp -m udp --dport 137:139 -m comment --comment SMB -j DROP -A Drop -p udp -m udp --sport 137 --dport 1024:65535 -m comment --comment SMB -j DROP -A Drop -p tcp -m multiport --dports 135,139,445 -m comment --comment SMB -j DROP -A Drop -p udp -m udp --dport 1900 -m comment --comment UPnP -j DROP -A Drop -p tcp -j NotSyn -A Drop -p udp -m udp --sport 53 -m comment --comment "Late DNS Replies" -j DROP -A Invalid -m conntrack --ctstate INVALID -j DROP -A NotSyn -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j DROP -A Reject -A Reject -p tcp -m tcp --dport 113 -m comment --comment Auth -j reject -A Reject -j Broadcast -A Reject -p icmp -m icmp --icmp-type 3/4 -m comment --comment "Needed ICMP types" -j ACCEPT -A Reject -p icmp -m icmp --icmp-type 11 -m comment --comment "Needed ICMP types" -j ACCEPT -A Reject -j Invalid -A Reject -p udp -m multiport --dports 135,445 -m comment --comment SMB -j reject -A Reject -p udp -m udp --dport 137:139 -m comment --comment SMB -j reject -A Reject -p udp -m udp --sport 137 --dport 1024:65535 -m comment --comment SMB -j reject -A Reject -p tcp -m multiport --dports 135,139,445 -m comment --comment SMB -j reject -A Reject -p udp -m udp --dport 1900 -m comment --comment UPnP -j DROP -A Reject -p tcp -j NotSyn -A Reject -p udp -m udp --sport 53 -m comment --comment "Late DNS Replies" -j DROP -A fw2loc -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A fw2loc -j ACCEPT -A fw2loc -j ACCEPT -A fw2net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A fw2net -j ACCEPT -A fw2net -j ACCEPT -A loc2fw -m conntrack --ctstate INVALID,NEW -j dynamic -A loc2fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A loc2fw -j ACCEPT -A loc2fw -j ACCEPT -A loc2net -m conntrack --ctstate INVALID,NEW -j dynamic -A loc2net -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A loc2net -j Drop -A loc2net -j DROP -A logdrop -j DROP -A logreject -j reject -A net2fw -m conntrack --ctstate INVALID,NEW -j dynamic -A net2fw -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A net2fw -j reject -A net2fw -j Drop -A net2fw -j LOG --log-prefix "Shorewall:net2fw:DROP:" --log-level 6 -A net2fw -j DROP -A net2loc -m conntrack --ctstate INVALID,NEW -j dynamic -A net2loc -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A net2loc -j reject -A net2loc -j Drop -A net2loc -j LOG --log-prefix "Shorewall:net2loc:DROP:" --log-level 6 -A net2loc -j DROP -A reject -m addrtype --src-type BROADCAST -j DROP -A reject -s 224.0.0.0/4 -j DROP -A reject -p igmp -j DROP -A reject -p tcp -j REJECT --reject-with tcp-reset -A reject -p udp -j REJECT --reject-with icmp-port-unreachable -A reject -p icmp -j REJECT --reject-with icmp-host-unreachable -A reject -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Wed Jun 26 12:38:45 2013
Customer support service by UserEcho
Hi Carl! Could you please attach your iptables config file?