This morning I found myself completely cutoff from my internet connection. Even my usual internal ping to my Astaro firewall failed, but the system was online, and the web-based GUI showed without issues.
According to the web-based GUI, all network connections were online, including my ADSL link. I could however not get a single packet through the firewall.
It took me a while, but eventually I noticed an error message in the IP Live log:
"FATAL ERROR: Warning: /etc/snort/rules/astaro.rules(1132) => Unknown keyword ' detection_filter' in rule!"
Not sure what to make of that, and uncertain whether this was a new error or an existing one, I decided to disable the IP. And MIRACLE - everything worked as usual...
Now my question is - do I have a problem on my internel LAN tripping the IP, or is there something seriously wrong with the way the IP module deals with errors like the one above, resulting in an outage?
Given that this morning (after I re-established my connectivity by disabling the IP module) all of the Astaro websites were DOWN, I think they must have suffered from the same issue...
Does anyone care to comment? Thanks.
This thread was automatically locked due to age.
