Issue Can't confirm firewall rules from CLI

[kassi]

same here. No matter whether I use the "SSH_CLIENT=..." in the same ssh session or really open a new ssh session to the server and try to confirm from there.

 

[MariuszB]

I suppose problem is in nginx check in /usr/local/psa/admin/sbin/modules/firewall/rules script. Try restart nginx before firewall apply and confirm. Chance for correctly confirmation is much more but not 100%. May be very long timeouts counted in minutes should workaround this issue.

 

[Dave W]

Doing alot of digging into this with support.

SSH_CLIENT="127.0.0.1 65533 22" plesk bin modules/firewall/settings --confirm

kind of worked, but its a hack to fool the shell environment, its not consistent and shouldnt be used.

I have tried restarting nginx, but I still cannot --confirm from a remote server.

Firewall version is 2.1.2-401.

I get the Activation token is absent error when I

ssh <IP> "plesk ext firewall--confirm"

or

ssh <IP> "/usr/local/psa/admin/bin/modules/firewall/rules --confirm"

Ive also tried by logging into the server from a remote server to --confirm and it fails with the same error.

I'm also questioning if we are managing the firewall as the root user then why do we have to do --confirm.

Ye,s I agree that it should be in place for the GUI, but if you are using CLI then you should be aware that it is possible to lock yourself out using firewall commands as it is possible to irrevocably damage your server.

D.