next »

[yesi]

Hi,

- I did a mistake : i disabled by error all the traffics in the LAN subnet.
Is it possible to change a rule in the LAN by the command line ? You know re-enable again the traffics without doing a reset...

- Is it possible to restart a service by the commande line like IPSec ?
Perhaps just killing the racoon pid... ?

Thank you in advance for your return.

++

[GruensFroeschli]

Why not just log in and create a new rule allowing traffic again?

[yesi]

Well, it seemed that i wasn't able to access by http protocole...
I'll check by rebooting once again.

[Efonne]

If you've disabled the web gui anti-lockout rule for LAN, I think you can re-enable it by setting the LAN IP address from the console.

[yesi]

If you've disabled the web gui anti-lockout rule for LAN,

But how could i disable it since right now, i can't access to the web interface ?

the rule disable all traffics in the LAN...

[yesi]

Blocked access with firewall rules

If you blocked yourself out of the WebGUI remotely with a firewall rule, there may still be hope. This shouldn't happen from the LAN as there should be an anti-lockout rule that maintains access to the WebGUI from that interface.

Having to walk someone on-site through fixing the rule is better than losing everything!

Well, i can't access from the LAN...

Is is possible to disable the rule for the LAN interface by the console ?

Thank you in advance.

++

[GruensFroeschli]

If you've disabled the web gui anti-lockout rule for LAN, I think you can re-enable it by setting the LAN IP address from the console.

↑

[yesi]

If you've disabled the web gui anti-lockout rule for LAN, I think you can re-enable it by setting the LAN IP address from the console.

  Well i don't really understand...

I did not disable "the web gui anti-lockout rule for LAN".
I did make a rule on the firewall configuration that disable all traffics from the LAN.

I've tried to set the LAN IP address with the console but i still can not access.

I did disable the firewall :

Code:

pfctl -d

But i still can't access to the webgui.

With which command could i modify the /tmp/rules.debug file, please ?
I tried emacs, vim, nano but these commands do not existe.

++

[yesi]

I found "ee" command to edit a file.

[yesi]

Well i can now edit /tmp/rules.debug but i can not find my "rule" that block all the LAN traffics...

I'm still blocked...

[kpa]

You don't have to edit anything, just do what Efonne told you, reset the LAN address using option 2) in the console menu.

[Efonne]

If you want to do it by manually editing /tmp/rules.debug anyway, run pfctl -o basic -f /tmp/rules.debug after you are done to reload the rules.

[yesi]

You don't have to edit anything, just do what Efonne told you, reset the LAN address using option 2) in the console menu.

Just said, i did this action several time.
And i connected to the LAN interface directly to access but i did not success...

[yesi]

Well, my apologies.
It seems that's re-enable the set up of the LAN does resolve the problem.

I had some ethernet cable trouble...

Thanks again for your help.
++