[Freedombox-discuss] OpenVPN Installation on Beagle Bone Black locks out web access
Steven Ng
steveng5 at protonmail.com
Thu Jan 24 01:27:52 GMT 2019
I moved the testing of this over to the RaspberryPi B+ where I have been able to recreate the problem. Anyway, I made the fixes to the firewalld internal configuration. I'm able to connect to OpenVPN, but can't access anything beyond the FreedomBox. I have one more observation. In the system network configuration page for tun0, it shows under Security:
Firewall Zone is "None" with the error message:
"This interface is not maintained by FreedomBox. Its security status is unknown to FreedomBox. Many FreedomBox services may not be available on this interface. It is recommended that you deactivate or delete this connection and re-configure it."
How should the firewall zones be configured for OpenVPN. This used to work for me I installed FreedomBox Stable under Raspian.
Best,
Steven
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, January 14, 2019 9:04 PM, Sunil Mohan Adapa <sunil at medhas.org> wrote:
> On 14/01/19 2:42 pm, Steven Ng wrote:
> [...]
>
> > 2019-01-10 23:00:26 ERROR: COMMAND_FAILED: '/sbin/ip6tables-restore -w
> > -n' failed:
> > ip6tables-restore v1.8.2 (nf_tables):
> > line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
> > line 4: RULE_REPLACE failed (No such file or directory): rule in chain
> > OUTPUT
>
> Errors with ip?tables-restore commands happen when FreedomBox is setting
> up for the first time and switching firewalld to nftables. This is a
> known issue in iptables-restore while providing compatibility for
> iptables running on nftables. We have implemented a workaround that
> should be available in testing in a few days. A simple restart of the
> system after the completion of the initial setup is sufficient for this.
>
> The nftables error messages 4 days later in your logs are more serious.
> These could be upstream bugs in firewalld/nftables. We are tracking a
> similar issue[1]. It would be a great help if more information on this
> issue leads to a bug report in an upstream project.
>
> Links:
>
> 1. https://salsa.debian.org/freedombox-team/plinth/issues/1438
>
> --
> Sunil
>
More information about the Freedombox-discuss
mailing list