When trying to create a rule for a firewall, it gives an error.
{<br> "Blacklist": {<br> "IP_VERSION": "v4",<br> "AUTOUPDATE": "yes",<br> "SUSPENDED": "no",<br> "SOURCE": "script:/usr/local/hestia/install/deb/firewall/ipset/blacklist.sh",<br> "TIME": "05:02:47",<br> "DATE": "2021-11-26"<br> }<br>}<br>Error: ipset object not found
[screenshot-konkursita.ru_8083-2021.11.26-04_58_26 - Nimbus Capture]
iplist is created and located at /usr/local/hestia/data/firewall/ipset/Blacklist.v4.iplist
Debian 11, Hestia 1.5.0
chmod +x /usr/local/hestia/install/*
And then try again
Unfortunately it doesn’t work…
/var/log/hestia/error.log
2021-11-26 22:36:46 v-add-firewall-rule ‘DROP’ ‘ipset:Blacklist’ ‘0’ ‘TCP’ ‘’ [Error 3]
Please create an issue report will look into by tomorrow
Same problem here. On two fresh installations (Ubuntu 20.04) and updated (Debian 10).
Known issue will be addressed next release
Found a second issue will patch it for the next release …
Still does not work with v1.5.1 (fresh installations or updates)
Just created a new install on 1.5.1 and had no issues. Please provide with more information:
ls -lah /usr/local/hestia/install/ should return for deb:
drwxr-xr-x 27 root root 4.0K Dec 1 22:17 deb
I have same problem in a fresh install and a updated one. It only fails when I use an iplist from list, if I put manually an address (0.0.0.0/0 ) It save fine (works fine).
I have Ubuntu 20.04 and this is the output to ls -lah /usr/local/hestia/install
root@ayp:~# ls -lah /usr/local/hestia/install/
total 176K
drwxrwxr-x 5 root root 4,0K dic 2 04:41 .
drwxr-xr-x 11 root root 4,0K nov 26 04:41 …
drwxrwxr-x 27 root root 4,0K dic 2 04:41 deb
-rw-r–r-- 1 root root 75K dic 1 10:04 hst-install-debian.sh
-rw-r–r-- 1 root root 3,0K dic 1 10:04 hst-install.sh
-rw-r–r-- 1 root root 75K dic 1 10:04 hst-install-ubuntu.sh
drwxrwxr-x 26 root root 4,0K may 27 2021 rhel
drwxrwxr-x 4 root root 4,0K dic 2 04:41 upgrade
If I change chmod +x /usr/local/hestia/install/* I have same error at save button (only selecting an ipset:list-name)
“Cloudflare-IPv4”: {
“IP_VERSION”: “v4”,
“AUTOUPDATE”: “yes”,
“SUSPENDED”: “no”,
“SOURCE”: “https://www.cloudflare.com/ips-v4”,
“TIME”: “00:10:28”,
“DATE”: “2021-12-02”
}
}
Error: ipset object not found
Thank you for your work.
The permission issue was released to a total different bug an not to /firewall/add end point
The check:
Goes wrong. I have tested it on a few test servers of mine and it works without any issue
Do you create an IPlist and then use it in the firewall rule?.
Thankyou
Ok… If I create a new rule it works fine, buf it gives the error at rule edit. The problem sould be in v-change-firewall-rule
Can you edit the new rule and save?. If I have an ipset name, I get the error.
Thank you
This information helps…
Add $BIN to the following line 56 in v-change-firewall-rule
Thank you. It works with line 56 update:
from
v-list-firewall-ipset plain | grep “^$ipset_name\s” >/dev/null
to
$BIN/v-list-firewall-ipset plain | grep “^$ipset_name\s” >/dev/null
I was testing and it works too if I add a line 17 with
source /etc/profile
, but $BIN works fine too.
Thank you
The issue is mainly caused by the fact that the path variable isn’t propperly loaded.
source /etc/profile does the same and loads in this case the path variable currently
Thanks, this is the solution finally.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.