We are happy to announce global availability of Dome Firewall Virtual Appliance 2.6.0 and Central Manager 1.4.0. This release provides several improvements and various fixes. This post communicates all the major changes in Dome Firewall 2.6.0 and Central Manager 1.4.0.
What’s New ?
L2TP VPN Support: By using L2TP IPSEC PSK client-to-site VPN tunnels now can be created for mobile devices, smartphones and tablets.
Dome Firewall Central Manager now can be used for managing VPN settings and users of multiple remote Dome Firewalls from a single window and without having to leave your seat.
A new bootable USB Script is available for creating USB Sticks for installing Dome Firewall 2.6.0 physical machines of your choice. Please check below for How-to.
All previous versions of Dome Firewall Central Manager are updated to 1.4.0 and in order to upgrade Dome Firewall to latest version go to System > Firmware and hit Upgrade button. For more info please visit: https://help.comodo.com/topic-451-1-...e-Version.html
Feel free to check the attached Release Notes for further information.
Click here to learn more about Dome Firewall and get your own copy of the software today, it’s FREE!!
How to create USB Sticks for installing Dome Firewall 2.6.0 to hardware appliance of your Choice:
This guide will help you create USB installation sticks for Dome Firewall 2.6.0.
Prequisites:
Ubuntu 14.04 (or an equivalent debian distro)
A Dome Firewall 2.6.0 ISO image to use
A USB flash disk of at least 2GB ( Warning : the contents of the disk will be completely erased after the operation)
Now your USB installation stick is ready to be used! All you have to do is insert USB into the phsyical appliance of your choice and hit Enter in the installation screen that shows “Install Dome Firewall”
You may want to try using a different browser if your current one is still not allowing you to download it. If somehow you are still unable to download it, feel free to copy+paste the contents of the shell script below:
#!/bin/bash
export THIS=$(basename $0)
if [ $# -ne 2 ]; then
echo "usage: $THIS [usb_dev_entry] [Comodo_UTM_iso]"
echo
echo "example:"
echo " $THIS /dev/sdb ~/Downloads/ComodoUTM-1-1-0-598-i386.iso"
exit 1;
fi
export FLASH=$1
export ISO_IMAGE=$2
export PRIMARY_PARTITION=${FLASH}1
export LABEL="Comodo_UTM"
export PTYPE=msdos
export FLASH_MNT_DIR=$(tempfile)
export ISO_MNT_DIR=$(tempfile)
# Environmental variables
export BAUD=${BAUD-115200}
ask_question() {
local QUESTION="$*"
while [ 1 ]; do
echo -n "$QUESTION (y/n): "
read ANSWER
[ -n "$ANSWER" ] || continue
if [ "$ANSWER" == "y" ]; then
return 0
elif [ "$ANSWER" == "n" ]; then
return 1
fi
done
}
get_flash_size() {
parted -s $FLASH print|awk '/^Disk/ {print $3}'|sed 's/[Mm][Bb]//'
}
print_flash_partitions() {
parted -s $FLASH print|awk '/^ / {print $1}'
}
remove_all_partitions() {
echo "+ Removing all partitions on $FLASH"
if ! ask_question " ! All the data on $FLASH will be lost. Do you want to continue ?"; then
echo "Quiting"
exit 0
fi
for v_partition in $(print_flash_partitions); do
echo -n " -> removing ${FLASH}${v_partition} "
parted -s $FLASH rm ${v_partition} && echo "ok" || echo "failed"
done
}
create_partition_table() {
local SIZE=$1
echo "+ Creating a new partition on $FLASH"
parted -a optimal $FLASH mklabel $PTYPE
parted -a optimal -- $FLASH unit compact mkpart primary ext3 "1" "-1"
parted $FLASH set 1 boot on
mkdosfs -n "$LABEL" $PRIMARY_PARTITION && echo "OK. That's it"
}
create_temp_dirs() {
rm -f $FLASH_MNT_DIR $ISO_MNT_DIR
mkdir -p $FLASH_MNT_DIR
mkdir -p $ISO_MNT_DIR
}
get_flash_uuid() {
blkid|grep ${PRIMARY_PARTITION}|awk '{gsub(/UUID=/, "", $3); print $3;}'|tr -d '"'
}
mount_iso_and_flash() {
# Mount ISO image
mount -o loop $ISO_IMAGE $ISO_MNT_DIR || return 1
# Mount FLASH disk
mount $PRIMARY_PARTITION $FLASH_MNT_DIR || return 1
rm -rf $FLASH_MNT_DIR/*
}
copy_iso_files() {
echo "+ Copying ISO files"
#rsync -ah --progress $ISO_MNT_DIR/isolinux/ $FLASH_MNT_DIR/syslinux/ --exclude=postinstall
rsync -ah --progress $ISO_MNT_DIR/isolinux/ $FLASH_MNT_DIR/syslinux/
sleep 2
rsync -ah --progress $ISO_MNT_DIR/ks $FLASH_MNT_DIR/
sleep 2
rsync -ah --progress $ISO_MNT_DIR/images $FLASH_MNT_DIR/
sleep 2
rsync -av --progress $ISO_IMAGE $FLASH_MNT_DIR/
sleep 2
# Remove all ISO specific files
find $FLASH_MNT_DIR -name TRANS*|xargs rm -f
echo "+ Unmounting $PRIMARY_PARTITION"
sync
umount $PRIMARY_PARTITION
echo "+ Running syslinux"
syslinux -i -d syslinux $PRIMARY_PARTITION
echo "+ Installing MBR"
install-mbr ${FLASH}
echo "+ Configuring syslinux.cfg"
mount $PRIMARY_PARTITION $FLASH_MNT_DIR
local UUID=$(get_flash_uuid)
cat<<EOF > $FLASH_MNT_DIR/syslinux/syslinux.cfg
default vesamenu.c32
prompt 0
menu background splash.jpg
menu title Welcome to ComodoUTM Installation!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color timeout_msg 0 #ffffffff #00000000
menu color timeout 0 #ffffffff #00000000
menu color cmdline 0 #ffffffff #00000000
serial 0 ${BAUD}
label ubnentry1
menu label ^Install or upgrade an existing system
kernel /syslinux/vmlinuz
append initrd=/syslinux/initrd.img LANG=en_US.UTF-8 repo=hd:UUID=${UUID}:/ ks=hd:UUID=${UUID}:/ks/ks.cfg console=tty0 console=ttyS0,${BAUD}n8
label ubnentry3
menu label ^Rescue installed system
kernel /syslinux/vmlinuz
append initrd=/syslinux/initrd.img rescue console=tty0 console=ttyS0,${BAUD}n8
label ubnentry4
menu label ^Memory test
kernel /syslinux/memtest
append initrd=/ubninit -
EOF
cp $ISO_MNT_DIR/ks-usb/ks.cfg $FLASH_MNT_DIR/ks/
echo "+ Unmounting $PRIMARY_PARTITION"
sync
umount $PRIMARY_PARTITION
}
cleanup_everything() {
echo "+ Finishing"
umount $PRIMARY_PARTITION 2>/dev/null
umount $ISO_MNT_DIR 2>/dev/null
rm -rf $FLASH_MNT_DIR $ISO_MNT_DIR
}
trap "cleanup_everything" EXIT
### main
remove_all_partitions && \
create_partition_table && \
create_temp_dirs && \
mount_iso_and_flash && \
copy_iso_files
UUID=$(get_flash_uuid)
cat<<EOF > $FLASH_MNT_DIR/syslinux/syslinux.cfg
default vesamenu.c32
prompt 0
menu background splash.jpg
menu title Welcome to ComodoUTM Installation!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color timeout_msg 0 #ffffffff #00000000
menu color timeout 0 #ffffffff #00000000
menu color cmdline 0 #ffffffff #00000000
serial 0 ${BAUD}
label ubnentry1
menu label ^Install or upgrade an existing system
kernel /syslinux/vmlinuz
append initrd=/syslinux/initrd.img LANG=en_US.UTF-8 repo=hd:UUID=${UUID}:/ ks=hd:UUID=${UUID}:/ks/ks.cfg console=tty0 console=ttyS0,${BAUD}n8
label ubnentry3
menu label ^Rescue installed system
kernel /syslinux/vmlinuz
append initrd=/syslinux/initrd.img rescue console=tty0 console=ttyS0,${BAUD}n8
label ubnentry4
menu label ^Memory test
kernel /syslinux/memtest
append initrd=/ubninit -
EOF
cp $ISO_MNT_DIR/ks-usb/ks.cfg $FLASH_MNT_DIR/ks/
echo "+ Unmounting $PRIMARY_PARTITION"
sync
umount $PRIMARY_PARTITION
been playing with dome firewall and central manager.
which port does Central manager communicate back to the firewall on?
Feature request:
need the ability for the firewall to send a custom domain name “firewall.yourdomain.com” instead of the internet IP set on the interface to Central Manager so that it can communicate with Firewalls behind an LTE/Gateway device that controls the internet breakout.
Thank you very much for providing us your suggestion for “[Dome Firewall Central Manager] Feature request: Ability to send us a custom domain instead of the internet IP”. Your input is important to us as it will help to improve the usefulness of C1 for the entire users community.
We have submitted your request to our product team. They will review it and determine where it will fit best on the product road-map. You will also receive an email from us shortly regarding on your other query.
Hi I have been testing Dome Firewall running on both VM and Hardware and there seems to be an issue with HTTPS/Web filtering it works intermittently and the service seems to crash often requiring a reboot of the VM or Hardware or making changes to the HTTPS proxy settings and updating which restarts the service.
We have created a support ticket in assisting you further with your report. Please check your forum registered email for some details we might need for investigation.