• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

After upgrade to Plesk 10.3 the firewall module is broken

R

RichardZ

Guest
After upgrading from 10.2 to 10.3, the firewall module gives this error upon attempting any change/activation:

Error: Could not activate firewall configuration:

safeact: safeact: /opt/psa/var/modules/firewall/firewall-new.sh failed:
ip6tables v1.4.4: invalid mask `' specified
Try `ip6tables -h' or 'ip6tables --help' for more information.


proc_close() failed: Declaration of Skin::initFromSubmit() should be compatible with that of cObject::initFromSubmit()


This occurs on systems running Ubuntu 10.04.


Any assistance?
 
Same for me..... Plesk 10.3, Ubuntu 10.04 64Bit

this fixed it... (i'm not using IPv6 on this box)

mv /sbin/ip6tables /sbin/ip6tables.org

Cheers Mate, Bruce
 
RichardZ said:
After upgrading from 10.2 to 10.3, the firewall module gives this error upon attempting any change/activation:

Error: Could not activate firewall configuration:

safeact: safeact: /opt/psa/var/modules/firewall/firewall-new.sh failed:
ip6tables v1.4.4: invalid mask `' specified
Try `ip6tables -h' or 'ip6tables --help' for more information.

This occurs on systems running Ubuntu 10.04.
Click to expand...

Same problem here (also Ubuntu 10.04). Havent had time to find a fix. But hopefully it will be fixed a.s.a.p. Problem exists in Plesk 10.4.4 MU#5.
 
GeertL said:
Seems to not have been fixed with the 10.4.4 #6 update - and cant see it planned to be fixed in the #7 update article... :-///
Click to expand...

But at least I had time to inspect the problem now. It seems that the Firewall module writes a **** ip6tables statement on certain network masks.

Ie. I had a deny rule for the mask: 193.105.210.0/24

This will make the module write the follwing in the firewall activation script:

Code: 
/sbin/iptables -A INPUT -p udp -s 193.105.210.0/24 -j DROP
/sbin/ip6tables -A INPUT -p udp -s / -j DROP

The ip6tables line is (of course) invalid and seems to have not been parsed correct by the Firewall module.

If you remove it via Firewall module from the ruleset - a correct script will be written and module will work again. However - the module will not alowed the above mask if you try to enter it in the ruleset again.

So you gotta track all the ip6tables lines that look like above - and find the corrosponding iptables line (in the same block) and remove these from your Firewall module setup.

Im no network expert - but cant seem to understand why the 193.105.210.0/24 mask is invalid?
 
You must log in or register to reply here.

Similar threads

learning_curve
Resolved Permissions on some of the files packaged by Plesk are incorrect[ERROR] - Post 18.0.69 Upgrade
Replies
19
Views
1K
learning_curve
learning_curve
EmilioO
Forwarded to devs After upgrading to Plesk 18.0.30 apache stops randomly.
2
Replies
22
Views
7K
K8L
K8L
S
Resolved Template_Exception after Upgrade to Debian 9
Replies
3
Views
2K
avoros
A
S
Issue Plesk firewall doesn't register iptables rules
Replies
0
Views
2K
SleuvinS
S
jacboy
Question Error when installing Docker extension
Replies
7
Views
6K
IgorG
IgorG
Back
Top