UTM 5 и iptables

[phrozen]

лог следующий

Info : Apr 21 15:40:03 UTM5 Logger: New ` Info : ' stream: /netup/utm5/log/rfw.log
Info : Apr 21 15:40:03 UTM5 Logger: New `?Debug : ' stream: /netup/utm5/log/rfw.log
Info : Apr 21 15:40:03 UTM5 Logger: New `?Debug : ' stream: /netup/utm5/log/rfw.log
Info : Apr 21 15:40:03 StreamManager: Registering message handlers..
Info : Apr 21 15:40:03 StreamManager: Registering message handlers..
Info : Apr 21 15:40:03 StreamManager: ID <0x4003> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4003> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4000> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4000> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4001> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4001> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4004> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4004> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4002> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamManager: ID <0x4002> handler <0x08900e60>
Info : Apr 21 15:40:03 StreamConnection: Connection thread started. Peer 127.0.0.1:12758
Info : Apr 21 15:40:03 StreamConnection: Connection thread started. Peer 127.0.0.1:12758
?Debug : Apr 21 15:40:03 StreamConnection: Connection using TCP socket
?Debug : Apr 21 15:40:03 StreamConnection: System message recived
?Debug : Apr 21 15:40:03 StreamConnection: Challenge response sent
?Debug : Apr 21 15:40:03 StreamConnection: System message recived
Info : Apr 21 15:40:03 StreamConnection: Connection successfully authorized, user id <-1>
Info : Apr 21 15:40:03 StreamConnection: Connection successfully authorized, user id <-1>
?Debug : Apr 21 15:40:03 StreamFirewall: Sending name: 127.0.0.1
ERROR : Apr 21 15:40:03 StreamFirewall: Error occured: Exception in handle method (check firewall name)
ERROR : Apr 21 15:40:03 StreamFirewall: Error occured: Exception in handle method (check firewall name)

настройки rfw5.conf

##
## /netup/utm5/rfw5.cfg
## UTM5 RFW configuration file
##

## =============================================================================
## MAIN PARAMETERS
## =============================================================================

## rfw_name
## Description: Name of UTM5 rfw by which it is identified when connecting to
## the UTM5 core. The same value must be set in the 'Name' field in the list
## of firewalls in UTM_Admin.
## Possible values: <string>
## Required field
rfw_name=127.0.0.1

## core_host
## Description: IP address of the host running UTM5 core.
## Possible values: <IP address>
## Required field
core_host=127.0.0.1

## core_port
## Description: Port where UTM5 core is listening to Stream.
## Possible values: an integer from 1 to 65534
## Required field
core_port=12758

## rfw_login
## Description: Login used to access to the UTM5 core.
## Required field.
rfw_login=init

## rfw_password
## Description: Password used to access to the UTM5 core.
## Required field.
rfw_password=init

## firewall_type
## Description: Firewall type. Must conform with the 'Type' parameter of the
## firewall with the corresponding name.
## Possible values: local, cisco
## Default value: local
#firewall_type=local

## rfw_ssl_type
## Description: SSL connection type. If 'none' is set, the connection is
## unencrypted.
## Possible values: tls1, ssl3, none
## Default value: none
#rfw_ssl_type=none

## sync_flags
## Description: Startup synchronization options. Specified actions will be executed at startup.
## Possible value: enable:disable:shaping:dialup:iptraffic:blocks:users
## E.g.:
## enable - Execute 'Internet ON' rules of startup
## disable - Execute 'Internet OFF' rules of startup
## users - Execute 'User Added' rules of startup
## iptraffic - Execute 'IP-traffic link added' rules of startup
## dialup - Execute 'Dialup link added' rules of startup
## blocks - Execute 'Modified block type' rules of startup
## shaping - Execute 'Setup dynamic shaping' rules of startup
sync_flags=enable

## =============================================================================
## PARAMETERS THAT ARE VALID WHEN firewall_type=local
## =============================================================================

### firewall_path
## Description: Path to the executable file that performs firewall management.
## Possible values: <name of an executable file>
## Required field
firewall_path=/sbin/iptables

# sudo_path
## Description: Sudo program path.
## Possible values: <path to an executable file>
## Default value: <unset>
#sudo_path=

## dont_fork
## Description: If set, firewall rules are applied one-by-one. Recommended when
## using iptables.
## Possible values: yes, enable, true
## Default value: <commands are executed serially>
dont_fork=yes

## =============================================================================
## PARAMETERS THAT ARE VALID WHEN firewall_type=cisco
## =============================================================================

## cisco_ip
## Description: IP address the commands are sent to via rsh protocol.
## Possible values: <IP address>
## Required field
#cisco_ip=10.0.0.1

## =============================================================================
## LOGGING
## =============================================================================

## log_level
## Description: Logging level.
## Possible values: 0, 1, 2, 3
## Default value: 1
log_level=3

## log_file_main
## Description: Main logfile path.
## Possible values: <filename>
## Default value: STDERR
log_file_main=/netup/utm5/log/rfw.log


## log_file_debug
## Description: Debug logfile path.
## Possible values: <filename>
## Default value: STDERR
log_file_debug=/netup/utm5/log/rfw.log

## log_file_critical
## Description: Critical logfile path.
## Possible values: <filename>
## Default value: STDERR
log_file_critical=/netup/utm5/log/rfw.log

## rotate_logs
## Description: Enables logfile rotation.
## Possible values: yes, on, enable
## Default value: disabled

## max_logfile_count
## Description: Maximum number of logfiles to retain. Valid if logfile rotation
## is on.
## Possible values: a positive integer
## Default value: not limited

## max_logfile_size
## Description: Maximum logfile size. When logfile size reaches this limit, a
## rotation is performed. Valid if logfile rotation is on.
## Possible values: <size in bytes>
## Default value: 10485760

## pid_file
## Description: PID file path.
## Possible values: <filename>
## Default value: /var/run/utm5_rfw.pid

## =============================================================================
## MISCELLANEOUS
## =============================================================================

## firewall_flush_cmd
## Possible values: <filename>
#firewall_flush_cmd=/usr/sbin/iptables -F

## OBSOLETE. NOT RECOMMENDED TO USE
## Description and default values for these parameters are not provided.

## core_timeout
## Possible values: 5

все перерыл, ничего не могу понять, помогите пожалуйста, правилами инет не врубается

[Pulse]

попробуйте указать имя вместо адреса, myfw, например... и в админке такое же

Код: Выделить всё

## rfw_name
## Description: Name of UTM5 rfw by which it is identified when connecting to
## the UTM5 core. The same value must be set in the 'Name' field in the list
## of firewalls in UTM_Admin.
## Possible values&#58; <string>
## Required field