Page 9 of 13 FirstFirst ... 7891011 ... LastLast
Results 81 to 90 of 124
  1. #81
    Untangle Ninja
    Join Date
    May 2008
    Posts
    1,231

    Default

    Did you create a jira for this?

  2. #82
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,949

    Default

    No, not sure where to file it... Enhancement request? For dealing with an insane OS change?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #83
    Untangler
    Join Date
    Feb 2018
    Posts
    79

    Default

    Quote Originally Posted by sky-knight View Post
    No, not sure where to file it... Enhancement request? For dealing with an insane OS change?
    Ouch, this does sound like it should be fixed asap as this can cause major issues if interfaces just swap themselves around.

  4. #84
    Newbie
    Join Date
    Dec 2017
    Posts
    8

    Default

    Hey everyone...

    Quick info here. I was running 15.1 perfectly and my hard drive started to do the click of death. It was old and it was it's time. Anyhow, I decided to try to install Untangle in UEFI mode only and see what happened. I thought I read it was possible. I had nothing to lose really. Couldn't boot using the USB image. I had to burn the ISO to a DVD and start. At the end of the install, it tried to write to GRUB but failed. Couldn't boot to the fresh install. I had to clean all the partition on the HDD and install in Legacy/BIOS mode. Restore from backup went perfect.

    Maybe I dreamed that UEFI Boot was ready, but everything works great with my new HDD. Thought I let you guys know..

    Cheers

  5. #85
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,013

    Default

    UEFI is in 16.0
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #86
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,949

    Default

    Yeah, UEFI is only available in a special alpha build right now.

    So you should stick with BIOS boot for now, at least until v16.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #87
    Untangler
    Join Date
    Dec 2018
    Posts
    53

    Default

    It appears the 15.1.0 update broke DNS when using TunnelVPN. For example, even with DHCP handing out a DNS override on the Internal interface, DNS requests use the External DNS while connected to any tunnel. It also bypasses port forwarding rules forcing DNS requests bound for Untangle to a specific DNS server. The only way to get around this at the moment is by changing the DNS on the External interface which isn't usually advisable. Any ideas as to why the TunnelVPN completely ignores all DNS settings in 15.10?
    Last edited by rnatalli; 07-16-2020 at 06:37 AM.

  8. #88
    Untangler
    Join Date
    Jan 2020
    Location
    San Jose, CA
    Posts
    86

    Default

    Quote Originally Posted by sky-knight View Post
    Linking this... again...

    https://wiki.debian.org/NetworkInter...NG_.LINK_FILES

    Untangle is using the default Debian 10 behavior of leaving it up to the kernel to figure crap out. Back in Debian 9 the kernel would build a file in /etc/udev/rules.d/70-persistent-net.rules. This file among other things would tell the kernel to fix a given NIC to a specific device flag, such as eth0. So on reboot, your interfaces didn't reorder themselves.

    Rob, if I interpret the content on this link correctly, for now this will "only" affect fresh installs of Untangle 15.1 and not upgrades from 15.0, since Debian will still use the existing .rules file. Is my understanding correct?

    To be clear I'm not blaming Untangle for this, I cannot fathom why the Debian maintainers went backwards on this specific feature. It's well documented what happens with Linux based firewalls that do not have consistent device flags across reboots.... that is nothing good! I've had Debian 10 in production for an age now... and I didn't realize this was a thing until Untangle v15.1 started rolling. I know I didn't see it in testing either... but here we are!
    Yep, very tough, when they shoot the horse, on which you're riding.

    Gentleman write your .link files!
    I hope that Untangle will provide a solution for this, e.g. by creating that .link file themselves, e.g. from the old .rules file or from the editing of the interfaces on the UI. And perhaps store this info in the Untangle backup file as well?

    Unfortunately more work for them, but perhaps the best way to play the bad hand that they were dealt.
    Last edited by tangofan; 07-16-2020 at 12:08 PM.

  9. #89
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,949

    Default

    Actually after all this happened I went looking for my persistent rules file in my active 15.0 installations...

    They are NOT there. Now I didn't delete them, I don't know how they were removed. They might have been cleaned up as part of Untangle's upgrade process.

    So I cannot say for certain this isn't also an issue on v15.0. The only thing I can say is that Debian 9 uses a different kernel and therefore would enumerate hardware differently than Debian 10 does.

    I checked both /etc/udev/rules.d and /lib/udev/rules.d 70-persistent-net.rules no longer exists on my v15 installations. The file on Untangle used to reside in the former folder, it's now empty of all rules. The latter folder has rules files, just not the one listed above.

    So in theory, v15.0 should be doing the same thing on reboot. There's no guarantee each MAC address will pair with a specific device flag even on v15.0.

    Appliance hardware is largely immune due to how the PCI busses are setup. You should only see this problem on hardware with multiple discrete adapter cards, AND the BIOS can't make up its mind in what order they attach to the PCI bus during POST. Which is to say, this problem only generally afflicts home grown hardware. But it still has the potential to get really ugly in any number of places, not the least of which are my appliances that have modular options for NICs.
    Last edited by sky-knight; 07-16-2020 at 09:43 AM.
    tangofan likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #90
    Untangler
    Join Date
    Jan 2020
    Location
    San Jose, CA
    Posts
    86

    Default

    Quote Originally Posted by sky-knight View Post
    Actually after all this happened I went looking for my persistent rules file in my active 15.0 installations...

    They are NOT there. Now I didn't delete them, I don't know how they were removed. They might have been cleaned up as part of Untangle's upgrade process.

    ...

    So in theory, v15.0 should be doing the same thing on reboot. There's no guarantee each MAC address will pair with a specific device flag even on v15.0.

    Appliance hardware is largely immune due to how the PCI busses are setup. You should only see this problem on hardware with multiple discrete adapter cards, AND the BIOS can't make up its mind in what order they attach to the PCI bus during POST. Which is to say, this problem only generally afflicts home grown hardware. But it still has the potential to get really ugly in any number of places, not the least of which are my appliances that have modular options for NICs.
    Rob, thanks so much, this is very useful info. I guess then that I've been lucky so far with my box (Protectli FWB6), since the 6 NICs in that box are likely all on the same backplane, so it wouldn't happen there anyway.

    That may make this issue indeed less urgent in a lot of cases, but I hope that Untangle will still have a workaround for this that doesn't involve editing files in the OS. For good reasons their support doesn't seem to like it, when you do that.

    Since I have 15.1 available for update since yesterday, perhaps it's time to roll the dice and run the upgrade. Or perhaps not yet, since - as far as I can tell - there haven't been any serious security flaws that were fixed in 15.1 and not in 15.0.

Page 9 of 13 FirstFirst ... 7891011 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2