v2.1 custom ports not showing up in ufw

  • 187 Views
  • Last Post 4 weeks ago
stuart_jjj posted this 01 February 2021

Hi there, I am running AMP2.1 on linuxmint 20.1 for Minecraft java. I was happy to see the custom port option introduced because I also run Dynmap servers for some Minecraft java instances and was keen to have AMP manage the firewall rules for that. So I added a custom port for Dynmap TCP 8123 to an instance config, but it will not appear in my UFW config.

I tried restarting everything, including the linux server. It is in the application ports list when I do the command ampinstmgr --ShowAllInstancePorts but that's all.

Any suggestions?

Order By: Standard | Newest | Votes
Mike posted this 01 February 2021

Do they show up when you do ampinstmgr dumpports amp as root?

stuart_jjj posted this 01 February 2021

No, but I do get some error reports that might shed some light on what is happening, although not obvious to me. Here is the output:

root@hp2560:/home/stuart# ampinstmgr dumpports amp
[Info] AMP Instance Manager v2.1 built 27/01/2021 17:05
[Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV
[Info] TCP/2223 (AMP:ADS01:FileManagerPlugin.SFTP.SFTPPortNumber)
[Info] UDP/12820 (AMP:ADS01:ADSModule.Network.MetricsServerPort)
[Info] TCP/2224 (AMP:pixelcraft:FileManagerPlugin.SFTP.SFTPPortNumber)
[Error] IM was unable to execute the requested command.
[Error] TargetInvocationException
[Error] [0] (TargetInvocationException) : Exception has been thrown by the target of an invocation.
[Error]   at InstanceManagerCLI.Core.ExecuteCommand (Collections.Generic.List`1[T] Params, Collections.Generic.Dictionary`2[TKey,TValue] Args) 
[Error] NullReferenceException
[Error] [1] (NullReferenceException) : Object reference not set to an instance of an object
[Error]   at InstanceManagerCLI.Core.DumpPorts (String SourceUser)

Mike posted this 01 February 2021

To clarify, is your amp user actually called 'amp' ?

martin posted this 01 February 2021

I'm having the same issue on Debian GNU/Linux 10 (buster). My amp user is 'amp'

Mike posted this 01 February 2021

Make sure the ampfirewall service is running and enabled.

stuart_jjj posted this 02 February 2021

Yes confirming that the user is ‘amp’.

The amp firewall.service fails if I add a custom port. It cannot be restarted until I remove the custom port.

Mike posted this 02 February 2021

What's the output of ampinstmgr updatefirewall amp as root?

martin posted this 02 February 2021

For me running updatefirewall as root it looks like this:

root@minecraft:~# ampinstmgr updatefirewall amp
[Info] AMP Instance Manager v2.1 built 27/01/2021 17:05
[Info] Release spec: Release - built by CUBECODERS/buildbot on CCL-DEV
[Info] Using iptables firewall.
[Error] IM was unable to execute the requested command.
[Error] TargetInvocationException
[Error] [0] (TargetInvocationException) : Exception has been thrown by the target of an invocation.
[Error]   at InstanceManagerCLI.Core.ExecuteCommand (Collections.Generic.List`1[T] Params, Collections.Generic.Dictionary`2[TKey,TValue] Args)
[Error] NullReferenceException
[Error] [1] (NullReferenceException) : Object reference not set to an instance of an object
[Error]   at InstanceManagerCLI.Core+<>c.<updatefirewall>b__93_5 (InstanceManagerPlugin.PortUsage u)
  at Linq.Enumerable+SelectListIterator`2[TSource,TResult].ToList ()
  at Linq.Enumerable.ToList[TSource] (Collections.Generic.IEnumerable`1[T] source)
  at InstanceManagerCLI.Core.UpdateFirewall (String SourceUser, Boolean DryRun)</updatefirewall>

Mike posted this 02 February 2021

There's a referencing issue preventing AMP from handling custom ports when ADS itself isn't what's loading the instances. The issue has been identified and fix and this fix will be included in the next update.

stuart_jjj posted this 4 weeks ago

Hi, I updated all instances (Minecraft java) to the 2.1.0.2 release. Attempting to add a custom port still fails but gives the error message 'Do you really want to delete this instance?' (OK). Luckily it did not delete the instance. Now the firewall rule for port 2556X/TCP is not being created, only the UDP rule for that port although the instance settings show TCP+UDP in the edit ports dialogue box. Affects all instances. Currently working around with manually added FW rules.

Close