Firewall Rule Disables itself



  • Every few weeks we have a problem where a set rule suddenly is disabled. We are not working on the router or doing any modifications. Suddenly the rule (which is for http by the way) suddenly is disabled.

    We are NATting to a server inside the network. As stated the configuration is fine and it will work for weeks and then suddenly disable. The NAT is still fine and the Rule is still listed it is just disabled.

    Is there some setting or monitor that I am missing that is causing this Rule to be disabled?



  • Do you have a firewall schedule applied to that rule?  Or does someone else besides you have access to your webGUI?



  • No we don't have any schedules setup. There is really just two of us that have any access to the router.

    However, my partners son probably knew the password as well. Before we/I came down on him, since he claims he never touched it, I wanted to make sure there wasn't something that could be doing it. We/I doubt it since I couldn't find any configuration or setting that could do it but one never knows.

    Thanks



  • @mhess:

    No we don't have any schedules setup. There is really just two of us that have any access to the router.

    However, my partners son probably knew the password as well. Before we/I came down on him, since he claims he never touched it, I wanted to make sure there wasn't something that could be doing it. We/I doubt it since I couldn't find any configuration or setting that could do it but one never knows.

    Never hard of this before outside of a CARP sync loop.  If you are using CARP make sure that you are not syncing from the backup to the primary.

    If you are not using CARP, change your passwords immediately.



  • Old configs are stored in  /cf/conf/backup
    Check if a previous version has been written there. The time stamp on the file might give you another hint.


Locked