/ip/firewall/filter rules get overwritten by Webfig

orcinus · August 21, 2013, 1:27am

Sometimes, if both Webfig and SSH connection to the router are open at the same time, editing firewall rules via SSH and then switching to Webfig and doing changes there results in rules disappearing and/or reverting to their previous state. I’m assuming due to values being cached for Webfig and resent as part of some ajaxy auto-update.

Sometimes it happens even when Webfig isn’t used alongside SSH, if you open it immediately after and the last page opened was the same as what you’ve just edited.

Happens on 6.2, RB2011.
I don’t remember this happening on previous versions, but it might have.

orcinus · August 21, 2013, 2:38am

Scratch that, it happens regardless of SSH.

I’ve just opened Webfig and it randomly deleted rules after opening the firewall filter page.
That never happened before, so i’m pretty sure it’s 6.2.

normis · August 21, 2013, 6:08am

It’s a problem in v6.2, you will have to try v6.3

orcinus · August 21, 2013, 5:02pm

Should i downgrade to 6.1?
Or is there a 6.3RC available somewhere?

orcinus · August 21, 2013, 9:52pm

Nevermind, found the rc1.

orcinus · August 23, 2013, 10:25pm

6.3 RC1 has the same problem.

normis · August 26, 2013, 12:54pm

please contact support with more info, what you changed, what you had in the filter, and what was changed after you opened webfig.

tiggda · August 29, 2013, 6:58am

Today I just had the same issue on ROS 6.2, RB2011UAS-2HnD-IN. After logging in by webfig, it cleaned my filter rules and also changed some other settings (mac-server, mac-winbox, etc., visible in logs). How can I contact support?

Thanks,
Lukasz

tiggda · August 30, 2013, 3:24pm

When I log in to webfig and click IP->Firewall->Filter this is how it looks in logs:

Aug 29 07:35:45 router user XXXXXX logged in from XXX.XXX.XXX.XXX via web
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router mac-server interface changed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac winbox setting changed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac-server interface removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router mac winbox setting removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed
Aug 29 07:35:57 router filter rule removed

trunet · September 9, 2013, 1:44am

+1 with this problem here. I’m on 6.3.

I have a remote syslog configured, this is what I have:

Sep  8 22:18:15 192.168.142.1 system,info,account user admin logged in from 192.168.142.102 via web
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info mac-server interface changed
Sep  8 22:18:15 192.168.142.1 system,info mac winbox setting changed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info DHCP server lan changed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:18:15 192.168.142.1 system,info filter rule removed
Sep  8 22:20:15 192.168.142.1 system,info,account user admin logged out from 192.168.142.102 via web
Sep  8 22:26:29 192.168.142.1 system,info,account user admin logged in from 192.168.142.102 via web
Sep  8 22:27:06 192.168.142.1 wireless,info 64:20:0C:39:98:4D@wlan1: disconnected, disabling
Sep  8 22:27:06 192.168.142.1 wireless,info F8:1E:DF:8F:91:31@wlan1: disconnected, disabling
Sep  8 22:27:06 192.168.142.1 system,info,account user admin logged out from 192.168.142.102 via web
Sep  8 22:27:46 192.168.142.1 interface,info ether7-slave-local link up (speed 100M, full duplex)
Sep  8 22:27:52 192.168.142.1 wireless,info F8:1E:DF:8F:91:31@wlan1: connected
Sep  8 22:28:03 192.168.142.1 system,info,account user admin logged in from 192.168.142.102 via web
Sep  8 22:29:24 192.168.142.1 wireless,info C0:65:99:16:E1:BD@wlan1: connected
Sep  8 22:30:33 192.168.142.1 system,info,account user admin logged out from 192.168.142.102 via web
Sep  8 22:30:42 192.168.142.1 system,info,account user admin logged in from 192.168.142.102 via web
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:43 192.168.142.1 system,info mac-server interface changed
Sep  8 22:30:43 192.168.142.1 system,info mac winbox setting changed
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:43 192.168.142.1 system,info DHCP server lan changed
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:43 192.168.142.1 system,info filter rule removed
Sep  8 22:30:52 192.168.142.1 system,info DHCP server lan changed by admin
Sep  8 22:39:11 192.168.142.1 wireless,info C0:65:99:16:E1:BD@wlan1: disconnected, disabling
Sep  8 22:39:11 192.168.142.1 wireless,info F8:1E:DF:8F:91:31@wlan1: disconnected, disabling
Sep  8 22:39:11 192.168.142.1 system,info,account user admin logged out from 192.168.142.102 via web
Sep  8 22:39:53 192.168.142.1 interface,info ether9-gateway-ipv6 link up (speed 100M, full duplex)
Sep  8 22:40:01 192.168.142.1 wireless,info C0:65:99:16:E1:BD@wlan1: connected
Sep  8 22:40:02 192.168.142.1 wireless,info F8:1E:DF:8F:91:31@wlan1: connected
Sep  8 22:40:05 192.168.142.1 dhcp,info lan deassigned 192.168.142.104 from C0:65:99:16:E1:BD
Sep  8 22:40:05 192.168.142.1 dhcp,info lan assigned 192.168.142.104 to C0:65:99:16:E1:BD

Note on this logs, that I restored my yesterday’s backup and it vanished again after logging in.

Thanks,

Wagner Sartori Junior

michman · November 4, 2013, 6:23pm

I have the same problem in 6.5!

michman · November 4, 2013, 6:25pm

I have the same problem in 6.5!