SARK Debian Accidental Lockouts
SARK V5.0.0 Debian accidental lockouts and how to deal with them
SARK V5 has both strong login security and an onboard firewall. It is possible to lock yourself out of the system in a couple of ways, either because you have mis-set the firewall or because you have lost of forgotten the admin password. Here is a guide to unlocking the system if you should find yourself in one of these situations.
Firewall Lockout
You've set the firewall in such a way that it will no longer allow you access on HTTPS and/or SSH
HTTPS lockout (SSH still available)
SSH to the box (or you can use WinSCP if you prefer) and find the SARK shorewall rules in /etc/shorewall/sark_rules
cat /etc/shorewall/sark_rules ACCEPT net:$LAN $FW tcp 5060 - - # TCP SIP ACCEPT net:$LAN $FW tcp 5061 - - # TCP SIP ACCEPT net:$LAN $FW tcp 80 - - # HTTP ACCEPT net:$LAN $FW tcp 22 - - # SSH ACCEPT net:$LAN $FW udp 123 - - # NTP ACCEPT net:$LAN $FW tcp 389 - - # LDAP ACCEPT net:$LAN $FW udp 389 - - # LDAP ACCEPT net $FW udp 4569 - - # IAX2 ACCEPT net:$LAN $FW udp 5060 - - 4/min:5 # SIP ACCEPT net:$LAN $FW udp 10000:20000 - - # RTP
Add back or correct the rules and either reboot the box or, if you are using ssh, you can simply restart the firewall with
shorewall restart
