Problems deleting filters

Novell Cool Solutions: Question & Answer

Posted: 2 Jun 2005

Q:
Filters that are deleted (using filtcfg) keep coming back after 5-10 minutes. What is happening, and how can we permanently remove filters that we don't want?

A:
You aren't really deleting them at all. Check the logger screen next time you try, and I think you will see -6001 errors.

I generally make sure I have at least two good copies of filters.cfg, and that filters.cfg actually has my exceptions in there. Then I delete all the filters from NDS (delete all objects in the nbmrulecontainer) and remigrate using a filtsrv migrate procedure. It may be easier to just try a filtsrv migrate -cf without first deleting things from NDS, as the -cf is supposed to do that for you.

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

Reader Comments

• It is possible that the cause of the problem is a service type rather than a rule - deleting the rules and migrating them may not fix the problem and filtcfg may or may not be able to delete a corrupt service type. Rules live in the nbmrulecontainer but service (ie packet) types are stored as an attribute of the container itself - you can see them in the 'other' tab on C1. If you can figure out which one is causing the trouble (usually the last one you created - a UDP range in my case), you can kill it in C1.