HaaS and minipots x versus FW forward rules (outages)

Sometimes I accidentally find that HaaS does not work concurrently, records are missing for a long time, and if I check if the ports are open 21,22,23,25,80,587 using https://www.grc.com/x/ne.dll?bh0bkyd2 I find that they are closed. ReForis does not indicate a problem in the Sentinel section. This is a recurring and long-standing issue (More than a year).

I have records in these terms, which does not preclude more frequent occurrences, which I do not notice, because it requires a manual check of their function.

• 20211123 - HaaS a minipot error
• 2021219 - HaaS a minipot error
• 20220316 - honeypots error
• 20220608 - dtto
• 20220616
• 20220618
• 20220621
• 20220628

I once registered a spontaneous resumption of activities after a few days. The problem always occurs together with HaaS + Honeypots. Service restarts did not help ...

root @ Turris_JB: ~ # /etc/init.d/adblock reload
root @ Turris_JB: ~ # /etc/init.d/sentinel-proxy reload
root @ Turris_JB: ~ # /etc/init.d/sentinel-dynfw-client reload
root @ Turris_JB: ~ # /etc/init.d/sentinel-minipot reload
root @ Turris_JB: ~ # /etc/init.d/haas-proxy reload
root @ Turris_JB: ~ #

Troubleshooting or other measures (what to restart, etc) have not been mentioned anywhere

Only reinstalling the minipots in reForis will help, then the monitored ports will open and HaaS will start working.

• Removed package sentinel-minipot • Removed package logc-libevent • Removed package base64c

• Installed version 0.2.1-1 of package base64c • Installed version 0.1.0-1 of package logc-libevent • Installed version 2.3.0-1 of package sentinel-minipot

https://forum.turris.cz/t/haas-and-minipots-outages/17286

=================================

Edit 5.7.2022

Minipots failure recurred yesterday. Restart sentinel-proxy, haas-proxy, sentinel-minipot with no result. It does what it wants, there are no indications of a problem in the log.

Today I thought of looking at the firewall status and in Firewall Status I did not find an active proxy - function indication in reForis, unfortunately it does not check whether the proxy is active, but apparently only the activity of the related application.

It is running, it is possible to restart it, but without affecting the actual activity of the proxy in the firewall.

changed the description

changed the description

changed the description

changed the description

If I understand correctly, this is the problem ? HaaS and minipots outages ?

Firewall changes (deletes) minipost and HaaS rules without warning.- and service restarts do not help?

After testing the activation of the existing port forward rule in the FW, this proxy rule also disappeared for ports 21-23, 25, 80, 587. Externally, the ports are closed.

HaaS recorded records until the last moment 2022-07-30 16:35:00 HKG - 218.250.190.178
After the router is restarted, the rules will be reset.

** The error can be replicated. Enable or disable of the existing firewall port forward rules, will break the minipots and HaaS firewall rules … bingo.**

I’ve been following this problem with honepots and Haas for a long time but haven’t hit on the cause - thanks to you

https://forum.turris.cz/t/turris-os-5-3-11-is-out/17401/13?u=jardab

changed title from HaaS and minipots outages to HaaS and minipots x versus FW forward rules (outages)

added Backlog label