SWE3 Known Issues

Miscellaneous updates and information for Smoothwall Express 3

Moderator: Forum Moderators

SWE3 Known Issues

Postby wkitty42 » Fri Apr 04, 2008 5:56 pm

This topic is designed to capture and help solve known issues with SmoothWall Express 3.x to help prevent new people from asking the same questions about these issues. This first post in the thread will be updated as issues are logged and dealt with.

Post additional issues in this topic, and we'll keep this post up-to-date.

Viewing mms (Microsoft Multimedia Streams) in Linux MPlayer based clients Causes a Kernel Panic and SW3 spontaneous reboots
Staus: Confirmed/Unresolved
Fix: Remove the ip_nat_mms and ip_conntrack_mms connection tracker modules.
More Info: SW3 Kernel Panic with mms streams in MPlayer <-- World's Longest Post, ever, in the history of long posts...


DHCP static IP addresses on GREEN and PURPLE break each other
Fixed in Update 1.

Portforward bouncing GREEN->GREEN improvement needs to be added
Accessing port forwarded services from inside your LAN
Added by Update 1.

ClamAV requires its obligatory update.
Done in Update 1.

AIM chat seems to signoff when IM Proxy is enabled
Is this still an issue?

Upstream proxy settings do not work for the web proxy
upstream proxy error
Fixed in Update 1.

Interface information from ifconfig output is missing valuable information
-Information about TX RX Collisions etc is missing from the admin gui ifconfig output. This information is really needed for troubleshooting SmoothWall networking issues.
Missing ifconfig tinfo thread
Added by Update 1.

Default exceptions rules for PURPLE appear on the outgoing page even if there is no PURPLE interface
This seems to have created some confusion for some users asking why the rules are there if there is no PURPLE and do they have an effect being there if there is no PURPLE.

Custom DynDNS will not accept null hostnames
Fixed in Update 1.

An error in the portfwd.cgi script can allow duplicate entries.
Thread discussing this
Fixed in Update 1.

Make internal networking page allow subnets for source and destination
Fixed in Update 1.

Fixes for spaces in VPN tunnel names that would cause an invalid ipsec.conf

UPnP is not restarted when Red is taken down then brought back up
It is according to the code?
Fixed in Update 1.

Proxy log filter is not retained
Fixed in Update 1. Also made filter case insenstive

Proxy does not log query strings (stuff after ?)
Fixed in Update 1.

JS validation for portforward page "pinks" subnets on external IP box

Purple machines cannot access services on Orange via RED.
This is an issue reported by wkitty42 in this thread

Migrating settings from SWE 2.0 to SWE 3.0 via floppy appears to disable transparent proxy on 3.0 for some users.

Manual updates will not update.
Status:Confirmed/Unresolved as of 2008-03-27
There is a typo in /httpd/cgi-bin/updates.cgi that calls tar from the wrong directory. Please see this thread that discusses the issue.

AIM 6.0 is not being logged by IM Proxy.
Is this possibly related to the earlier listed issue of AIM chat signing off when IMProxy is enabled?

The comment field on the DHCP page allows special characters which breaks the DHCP configuration.
Also the comment fields that have the validation check for a valid comment allows commas. This will also break the config files when they are split by CSVs.

Restore settings from floppy for migrating from 2.0 to 3.0 improperly copies old proxy settings from 2.0
Discussed in this thread

Problems starting snort after updating snort rules using the latest ruleset
SWE3.0 fixes1 runs snort version 2.6.1.3 (Build 36) which uses Stream4 as streaming engine. Stream4 doesn't support using "flow" in UDP rules. Updated rules from snort have one rule in sql.rules line 49 that uses "flow" in UDP. See IDS - unable to run command for details and a workaround.

Firewall logs on the Logs gui page does not display the first page of logs when multiple pages are present.
See this post Firewall logs bug for a description of the issue.

ClamAV updates are failing and fill up the root partition with broken downloads.
This post by Steve McNeill expalins how to fix the problem.
steve_mcneill wrote:as a simple fix i changed the crontab file to pipe the command to /dev/null:
Code: Select all
02 4 * * * root /usr/bin/smoothwall/run-parts /etc/cron.daily >/dev/null


piping the output to a file would also produce the same results.

i would suggest that this (or something similar) gets incorporated into update2 to fix the problem.

maybe we should also include a cleanup script in the update to delete the excess downloads:

Code: Select all
rm -fr /var/clamav/clamav-*


Steve.


Edits List:
  • nick - YYYYMMDD
    sample edit activity
  • Cod - 20070912
    update Upstream Proxy issue
  • aslak - 20070924
    update on proxy and portforward page issues
  • s-t-p - 20071022
    add issue with Purple accessing Orange services
  • s-t-p - 20071104
    add issue with manual updates failing
  • s-t-p - 20071105
    add issue with AIM 6.0 not being logged by IM Proxy
  • s-t-p - 20071107
    add issue with comment fields allowing special characters
  • s-t-p - 20071110
    add issue where proxy settings are incorrectly copied from
    2.0 to 3.0 using the restore from floppy migration of settings
  • ravn - 20071111
    add issue about updated snort rules and problems starting
    snort after updating the snort rules
  • s-t-p - 20071214
    add a newly discovered issue of ClamAV updates filling up the
    root partition causing severe slowdowns of SmoothWall systems,
    especially those with small hard drives
  • BoHiCa - 20080118
    add info about the mms Kernel Panic
Last edited by wkitty42 on Fri Apr 04, 2008 6:04 pm, edited 1 time in total.
Reason: clean up and formatting
User avatar
wkitty42
solar system
 
Posts: 3730
Joined: Fri Mar 26, 2004 5:06 pm
Location: Central North Carolina, USA

Return to SWE3 Misc

Who is online

Users browsing this forum: CommonCrawl [Bot] and 0 guests