Datensätze hängen

[Snooops]

Servus,
hier ist der Debug

Code:

DEBUG: push_el() sub_name: mngr_start_up(), msg: Starting...
DEBUG: push_el() sub_name: lock_system(), msg: Starting...
DEBUG: push_el() sub_name: lock_system(), msg: Ending...
DEBUG: push_el() sub_name: get_conf(), msg: Starting...
DEBUG: push_el() sub_name: get_file(), msg: Starting...
DEBUG: push_el() sub_name: get_file(), msg: Ending...
DEBUG: push_el() sub_name: setup_main_vars(), msg: Starting...
DEBUG: push_el() sub_name: decrypt_db_password(), msg: Starting...
DEBUG: push_el() sub_name: decrypt_db_password(), msg: Ending...
DEBUG: push_el() sub_name: setup_main_vars(), msg: Ending...
DEBUG: push_el() sub_name: get_conf(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: mngr_start_up(), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: processing 22, vendeto.de, toadd.
DEBUG: push_el() sub_name: sys_command(), msg: Starting...
DEBUG: push_el() sub_name: sys_command('/var/www/ispcp/engine/ispcp-als-mngr 22 1>/var/log/ispcp/ispcp-als-mngr.stdout 2>/var/log/ispcp/ispcp-als-mngr.stderr'), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: processing 23, vendeto.com, toadd.
DEBUG: push_el() sub_name: sys_command(), msg: Starting...
DEBUG: push_el() sub_name: sys_command('/var/www/ispcp/engine/ispcp-als-mngr 23 1>/var/log/ispcp/ispcp-als-mngr.stdout 2>/var/log/ispcp/ispcp-als-mngr.stderr'), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: sys_command(), msg: Starting...
^[[BDEBUG: push_el() sub_name: sys_command('/var/www/ispcp/engine/ispcp-serv-mngr 0 0 2 0 0 1>/var/log/ispcp/ispcp-serv-mngr.stdout 2>/var/log/ispcp/ispcp-serv-mngr.stderr'), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: processing 5, change.
DEBUG: push_el() sub_name: sys_command(), msg: Starting...
DEBUG: push_el() sub_name: sys_command('/var/www/ispcp/engine/ispcp-htusers-mngr 5 1>/var/log/ispcp/ispcp-htusers-mngr.stdout 2>/var/log/ispcp/ispcp-htusers-mngr.stderr'), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: processing 5 -> 5, change.
DEBUG: push_el() sub_name: sys_command(), msg: Starting...
DEBUG: push_el() sub_name: sys_command('/var/www/ispcp/engine/ispcp-htgroups-mngr 5 1>/var/log/ispcp/ispcp-htgroups-mngr.stdout 2>/var/log/ispcp/ispcp-htgroups-mngr.stderr'), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: doSQL(), msg: Starting...
DEBUG: push_el() sub_name: doSQL(), msg: Ending...
DEBUG: push_el() sub_name: mngr_engine(), msg: Ending...
DEBUG: push_el() sub_name: mngr_shut_down(), msg: Starting...
DEBUG: push_el() sub_name: mngr_shut_down(), msg: Ending...

hier ist meine Iptables rule:

Code:

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
export PATH

LSMOD="lsmod"
MODPROBE="modprobe"
IPTABLES="iptables"
IP6TABLES="ip6tables"
IPTABLES_RESTORE="iptables-restore"
IP6TABLES_RESTORE="/sbin/ip6tables-restore"
IP="ip"
LOGGER="logger"


log() {
  echo "$1"
  test -x "$LOGGER" && $LOGGER -p info "$1"
}

check_file() {
  test -r "$2" || {
    echo "Can not find file $2 referenced by AddressTable object $1"
    exit 1
  }
}

va_num=1
add_addr() {
  addr=$1
  nm=$2
  dev=$3

  type=""
  aadd=""

  L=`$IP -4 link ls $dev | head -n1`
  if test -n "$L"; then
    OIFS=$IFS
    IFS=" /:,<"
    set $L
    type=$4
    IFS=$OIFS
    if test "$type" = "NO-CARRIER"; then
      type=$5
    fi

    L=`$IP -4 addr ls $dev to $addr | grep inet | grep -v :`
    if test -n "$L"; then
      OIFS=$IFS
      IFS=" /"
      set $L
      aadd=$2
      IFS=$OIFS
    fi
  fi
  if test -z "$aadd"; then
    if test "$type" = "POINTOPOINT"; then
      $IP -4 addr add $addr dev $dev scope global label $dev:FWB${va_num}
      va_num=`expr $va_num + 1`
    fi
    if test "$type" = "BROADCAST"; then
      $IP -4 addr add $addr/$nm dev $dev brd + scope global label $dev:FWB${va_num}
      va_num=`expr $va_num + 1`
    fi
  fi
}

getInterfaceVarName() {
  echo $1 | sed 's/\./_/'
}

getaddr() {
  dev=$1
  name=$2
  L=`$IP -4 addr show dev $dev | grep inet | grep -v :`
  test -z "$L" && {
    eval "$name=''"
    return
  }
  OIFS=$IFS
  IFS=" /"
  set $L
  eval "$name=$2"
  IFS=$OIFS
}

getaddr6() {
  dev=$1
  name=$2
  L=`$IP -6 addr show dev $dev | grep inet6 | grep -v :`
  test -z "$L" && {
    eval "$name=''"
    return
  }
  OIFS=$IFS
  IFS=" /"
  set $L
  eval "$name=$2"
  IFS=$OIFS
}


getinterfaces() {
  NAME=$1
  $IP link show | grep ": $NAME" | while read L; do
    OIFS=$IFS
    IFS=" :"
    set $L
    IFS=$OIFS
    echo $2
  done
}


# increment ip address
incaddr()
{
  n1=$4
  n2=$3
  n3=$2
  n4=$1

  vn1=`eval  "echo \\$$n1"`

  R=`expr $vn1 \< 255`
  if test $R = "1"; then
    eval "$n1=`expr $vn1 + 1`"
  else
    eval "$n1=0"
    incaddr XX $n4 $n3 $n2
  fi
}


prolog_commands() {
echo "Running prolog script"

}

epilog_commands() {
echo "Running epilog script"

}

run_epilog_and_exit() {
  epilog_commands
  exit $1
}

if $IP link ls >/dev/null 2>&1; then
  echo;
else
  echo "iproute not found"
  exit 1
fi

prolog_commands


MODULES_DIR="/lib/modules/`uname -r`/kernel/net/"
MODULES=`find $MODULES_DIR -name '*conntrack*'|sed  -e 's/^.*\///' -e 's/\([^\.]\)\..*/\1/'`
for module in $MODULES; do
  if $LSMOD | grep ${module} >/dev/null; then continue; fi
  $MODPROBE ${module} ||  exit 1
done


# Using 0 address table files


# Configure interfaces




# Add virtual addresses for NAT rules


log 'Activating firewall script generated Sat Apr 03 18:55:38 2010  by Snooops'



# ================ IPv4


# ================ Table 'filter', automatic rules
$IPTABLES -P OUTPUT  DROP
$IPTABLES -P INPUT   DROP
$IPTABLES -P FORWARD DROP

cat /proc/net/ip_tables_names | while read table; do
  $IPTABLES -t $table -L -n | while read c chain rest; do
      if test "X$c" = "XChain" ; then
        $IPTABLES -t $table -F $chain
      fi
  done
  $IPTABLES -t $table -X
done


$IPTABLES -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# ================ Table 'filter', rule set Policy
# Policy compiler errors and warnings:
#
#
# Rule 0 (global)
#
echo "Rule 0 (global)"
#
# Allow all outgoing
#
$IPTABLES -A OUTPUT  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -o +   -m state --state NEW  -j ACCEPT
#
# Rule 1 (global)
#
echo "Rule 1 (global)"
#
#
#
$IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type any  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p icmp  -m icmp  --icmp-type any  -m state --state NEW  -j ACCEPT
#
# Rule 2 (global)
#
echo "Rule 2 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 21  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 21  -m state --state NEW  -j ACCEPT
#
# Rule 3 (global)
#
echo "Rule 3 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 80  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 80  -m state --state NEW  -j ACCEPT
#
# Rule 4 (global)
#
echo "Rule 4 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 443  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 443  -m state --state NEW  -j ACCEPT
#
# Rule 5 (global)
#
echo "Rule 5 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 143  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 143  -m state --state NEW  -j ACCEPT
#
# Rule 6 (global)
#
echo "Rule 6 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 110  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 110  -m state --state NEW  -j ACCEPT
#
# Rule 7 (global)
#
echo "Rule 7 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 25  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 25  -m state --state NEW  -j ACCEPT
#
# Rule 8 (global)
#
echo "Rule 8 (global)"
#
#
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 22  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 22  -m state --state NEW  -j ACCEPT
#
# Rule 9 (global)
#
echo "Rule 9 (global)"
#
# local backup
#
$IPTABLES -A INPUT -p tcp -m tcp  --dport 497  -m state --state NEW  -j ACCEPT
$IPTABLES -A INPUT -p udp -m udp  --dport 497  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p tcp -m tcp  --dport 497  -m state --state NEW  -j ACCEPT
$IPTABLES -A FORWARD  -i +  -p udp -m udp  --dport 497  -m state --state NEW  -j ACCEPT
#
# Rule 10 (global)
#
echo "Rule 10 (global)"
#
# Block all other
#
$IPTABLES -A INPUT  -j DROP
$IPTABLES -A FORWARD  -i +   -j DROP

epilog_commands

echo 1 > /proc/sys/net/ipv4/ip_forward

Und das Problem ist das egal was ich anlege, bearbeite oder lösche alles hängt in der Warteschleife und wird erst ausgeführt wenn ich ./ispcp-rqst-mngr ausführe.
Irgendeine Idee?