GUI Firewall Setup --log-prefix error after move to 3.x

  • I upgraded from 2.x to 3.x ages ago but haven't had call to change the firewall settings.
    Now i needed to add a change, when i tried to apply i get the message below.


    Firewall rules causing the problem is


    DIRECTION: INPUT
    ACTION: LOG
    EXTRA OPTIONS: -m limit --limit 12/min --log-prefix 'IP INPUT drop: '
    ------------------
    Error received is


    Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /etc/network/if-pre-up.d/openmediavault-iptables 2>&1' with exit code '2': iptables v1.4.21: unknown option "--log-prefix"Try `iptables -h' or 'iptables --help' for more information.

  • Apologies for hijacking this thread, but it's the only search result for part of the error I'm getting when trying to setup a pair of firewall rules.


    I need to open port 9200 for a REST API client, and am getting "connection refused" so thought I'd enter Firewall rules in OMV.


    Maybe my parameters are bad, but I get this error no matter what values I try for ports:


    Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /etc/network/if-pre-up.d/openmediavault-iptables 2>&1' with exit code '2': iptables v1.4.21: unknown option "--sport" Try `iptables -h' or 'iptables --help' for more information.


    Anyone have an idea what I'm doing wrong?


    Thanks in advance.

  • Thanks for the reply, but I think I'm chasing the wrong problem here.


    I flushed the iptables completely from commandline and still have the same problem, the connection is refused when I try to connect to http://192.168.x.x:9200.


    (And my "experimenting" last night left me with no access to the box, I had to hook up a monitor to it and see what was going on. The rules in the OMV firewall I had entered and then deleted, didn't get removed from iptables, leaving the ethernet connection effectively dead.)


    But I have everything working now, with respect to OMV and the server.



    At this point, I need to ask a more general question..... Why is port 9200 not open by default, if iptables is empty?


    Here's the output from listing them:


    iptables --list
    Chain INPUT (policy ACCEPT)
    target prot opt source destination


    Chain FORWARD (policy ACCEPT)
    target prot opt source destination


    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination



    I'm running a lot of OMV plugins, but none of them on Port 9200 already, and a forum software on nginx with a "no-ip.com" domain (which works perfectly).


    None of the ports used by the OMV plugins are blocked, why would port 9200 be blocked?


    If I run the REST client and try to connect to 192.168.x.x:9200 the error is simply "Connection Refused".


    Before I mess around with the OMV firewall again and cause yet more problems..... am I going about this the wrong way?


    Thanks.


    EDIT: I should add that I installed elasticsearch yesterday, that's what I'm using the REST Client to query, but with no luck, as above.

    • Offizieller Beitrag

    Hi after setting my firewall rules I can not access the Omv 3 admin interface anymore. Is there a way to cancel these rules other than on the web interface?Les

    Please only post this question on one thread.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!