Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 13465 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to find a specific firewall rule?

Kari Hyvönen

Trying to delete a IP host record. I get an error:
"Host could not be deleted. Firewall rule exists for the host"

How do I find, which firewall rule is the one in question?



This thread was automatically locked due to age.
  • 0

    ps. cant post on this great forum with chrome.

    With IE, I get an error

     

    "An error occurred. Please try again or contact your administrator. "

     

     

    .......... aaaaaand

    "Your posting frequency has exceeded allowed rates. Please wait 5 minutes to post again. "

    for real guys....

  • 0 in reply to Kari Hyvönen

    Hi,

    I get the first error, have been for about a week since I moved to a new mac. Both safari and FF, haven't tried chrome. I ignore the error because I have no indication as to what it is referring to.

    Ian

    Are you using clientless or similar. Did you create an IP address when you were setting up your firewall rules?

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Kari Hyvönen

    Kari,

    you need to perfom these steps:

    • from the GUI, go to Host and Services > IP Host and they write down the hostname (for example iPhone)
    • connect to XG cli > option 5 > option 3
    • type: psql -U nobody -d corporate
    • type: SELECT * FROM tblhost WHERE hostname='iPhone'; (please respect the upper and lower case
    • Write down the hostid number (in my case is 11)
    • type: SELECT * FROM tblfwsource; to check if the hostid is here (this is the source FW rule table)
    • type: SELECT * FROM tblfwdest; to check if the hostid is here (this is the destination FW rule table)

    in one of these 2 last tables you should find the relations hostid (11) and fwruleid (xxx). This id corresponds to Firewall rules inside the GUI. If the rule is still there, delete it, otherwise you need to delete the row using postgresql commands.

    Let us know.

    Regards

  • 0 in reply to lferrara

    This is the most user-hostile approach I've ever seen in the firewalls.

    Here's a suggestion: How about showing the rule name in the error message? And maybe even link to it?

  • 0 in reply to Kari Hyvönen

    Uhm....what I have to say about it?

    https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/10812132-force-delete-object

    I created this feature request long time ago...Showing at the least the ID is a good starting point....

    Add you own comment and vote it.

    Regards

  • 0 in reply to lferrara

    Sorry Luk, my rant wans't for you but for Sophos. I've completely fed up with these POS boxes.

    Given that you have already created the feature request 2,5 years ago I think it's not coming, but I'll vote anyway.


    I'm tasked to clean up our firewalls and I have hundreds of IP hosts to go through. I guess it's just easier to trash these and go for something that works and start over.

  • 0 in reply to Kari Hyvönen

    Kari,

    I am still using XG at home and on small installation. Standard things to do are a dream on this box....You are more than right!

    I am looking at next version...for the moment, it is still not enterprise ready....

  • 0 in reply to lferrara

    Hello,

     

    How can do this to find a user? like example rcasio,

     

    Best regards.

Cookie Information Banner