Machine behind firewall needs dynamic "noip" - Firewall keeps blocking

TheSatman · 12-01-2011, 03:24 AM

Hi all,

I use Untangle as a second router in my network. My DSL box is the main router in the network (192.168.11.1). All PC's use 192.168.11.xx. Untangle is setup with WAN 192.168.11.3 and has 1 internal NIC 192.168.2.1 and one DMZ 192.168.3.1.

I have a linux box on 192.168.3.2 and have installed a no-ip.com client that connects to my no-ip.com account. When the Untangle firewall is down, all works well. When I activate it, and launch the no-ip client on my 3.2 box, I see that the firewall is blocking it. (the blue bar is full). Also, in the linux log files I see a time out when connecting to no-ip.com. But as said, all works fine when turning of the firewall.

My rule: I block all, and made seperate rules for ssh2, dns, http, postgresql and noip.

the noip rule:

enable yes
action pass
log yes
traffic type any
source interface any
destination interface DMZ
source address any
destination address 192.168.3.2
source port 8245
destination port 8245

The ports I found confirmed in several forums like:

http://www.linuxquestions.org/questi...-rules-757074/
http://darrennolan.com/2010/07/14/fi...ic-ip-service/

But for one reason or another it is not working. My firewall event log is not updated since december 1th this year. The firewall Block events log is blank. All my rules are enabled and log is checked.

Please your advice.

UPDATE: LOOKS LIKE I FIXED IT
-------------------------------

curious to see if I could find out what ports actually are addressed by NOIP, I ran lsof -i. The result was this:

noip2 13840 nobody 1u IPv4 53592 0t0 TCP 192.168.3.2:46151->dynupdate.no-ip.com:8245 (SYN_SENT)

In other words, FROM 192.168.3.2 ANY port => TO any IP port 8245

I changed the rule, and no blocking anymore. Just wanted to share this with you. Only issue not sesolved remains the reporting and the logs

12-01-2011, 03:24 AM	#1 (permalink)
TheSatman Newbie Join Date: Nov 2011 Posts: 7	Machine behind firewall needs dynamic "noip" - Firewall keeps blocking Hi all, I use Untangle as a second router in my network. My DSL box is the main router in the network (192.168.11.1). All PC's use 192.168.11.xx. Untangle is setup with WAN 192.168.11.3 and has 1 internal NIC 192.168.2.1 and one DMZ 192.168.3.1. I have a linux box on 192.168.3.2 and have installed a no-ip.com client that connects to my no-ip.com account. When the Untangle firewall is down, all works well. When I activate it, and launch the no-ip client on my 3.2 box, I see that the firewall is blocking it. (the blue bar is full). Also, in the linux log files I see a time out when connecting to no-ip.com. But as said, all works fine when turning of the firewall. My rule: I block all, and made seperate rules for ssh2, dns, http, postgresql and noip. the noip rule: enable yes action pass log yes traffic type any source interface any destination interface DMZ source address any destination address 192.168.3.2 source port 8245 destination port 8245 The ports I found confirmed in several forums like: http://www.linuxquestions.org/questi...-rules-757074/ http://darrennolan.com/2010/07/14/fi...ic-ip-service/ But for one reason or another it is not working. My firewall event log is not updated since december 1th this year. The firewall Block events log is blank. All my rules are enabled and log is checked. Please your advice. UPDATE: LOOKS LIKE I FIXED IT ------------------------------- curious to see if I could find out what ports actually are addressed by NOIP, I ran lsof -i. The result was this: noip2 13840 nobody 1u IPv4 53592 0t0 TCP 192.168.3.2:46151->dynupdate.no-ip.com:8245 (SYN_SENT) In other words, FROM 192.168.3.2 ANY port => TO any IP port 8245 I changed the rule, and no blocking anymore. Just wanted to share this with you. Only issue not sesolved remains the reporting and the logs Last edited by TheSatman; 12-01-2011 at 03:43 AM.. Reason: Looks like I fixed it

Protect

Filter

Perform

Connect

Manage

Add-Ons