Problem starting shorewall6 (or possibly shorewall) on boot
Hello!
When I boot my machine something like the following is printed:
[ 50.220571] xt_addrtype: ipv6 does not support BROADCAST matching
Starting Shorewall firewall: not done.
Starting Shorewall6 firewall: not done.
[FAIL] startpar: service(s) returned failure: shorewall shorewall6 ... failed!
(Copied from tty to paper to mail so it may not be verbatim, the only
part of it I can find in my logs is: [ 50.220571] xt_addrtype: ipv6
does not support BROADCAST matching. Also, the timing of the
xt_addrtype messages varies somewhat... )
After boot my ip{,6}tables look like this:
% sudo iptables -L -n -v
Chain INPUT (policy DROP 343 packets, 21602 bytes)
pkts bytes target prot opt in out source destination
4705 624K ACCEPT all -- * * 0.0.0.0/00.0.0.0/0
ctstate RELATED,ESTABLISHED
416 28236 ACCEPT all -- lo * 0.0.0.0/00.0.0.0/0
0 0 ACCEPT udp -- eth0 * 0.0.0.0/00.0.0.0/0
udp dpts:67:68
0 0 ACCEPT udp -- tun0 * 0.0.0.0/00.0.0.0/0
udp dpts:67:68
0 0 ACCEPT udp -- vpn0 * 0.0.0.0/00.0.0.0/0
udp dpts:67:68
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/00.0.0.0/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT udp -- eth0 eth00.0.0.0/00.0.0.0/0
udp dpts:67:68
0 0 ACCEPT udp -- tun0 tun00.0.0.0/00.0.0.0/0
udp dpts:67:68
0 0 ACCEPT udp -- vpn0 vpn00.0.0.0/00.0.0.0/0
udp dpts:67:68
Chain OUTPUT (policy ACCEPT 8425 packets, 1006K bytes)
pkts bytes target prot opt in out source destination
% sudo ip6tables -L -n -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
96 27292 ACCEPT all * * ::/0 ::/0
ctstate RELATED,ESTABLISHED
0 0 ACCEPT all * * fe80::/10::/0
0 0 ACCEPT all * * ::/0 fe80::/10
0 0 ACCEPT all * * ::/0 ff00::/8
29 2580 ACCEPT all lo * ::/0 ::/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all * * ::/0 ::/0
ctstate RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT 134 packets, 30472 bytes)
pkts bytes target prot opt in out source destination
At this point starting shorewall-init, shorewall and shorewall6 produces
no errors:
% sudo service shorewall-init start
Initializing Shorewall-based firewalls: Stopping Shorewall
done.
Stopping Shorewall6
done.
done.
% sudo service shorewall start
Starting Shorewall firewall: done.
% sudo service shorewall6 start
Starting Shorewall6 firewall: done.
and results in shorewall populated ip{,6}tables which I will only send
if asked in order to keep the noise down.
I'd very much appreciate suggestions for provoking troubleshooting this,
ideally ways to provoke it after boot.
Best regards
/Ulrik Haugen
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87iox7sdb4@lydia.haugen.se
Re: kill the child process
* Shao Zhang [EMAIL PROTECTED]: In my C program, I have created a child process to do some timeout stuff in case something goes wrong. But when I exit the main program, how do I kill this child process since I no longer need it?? I have checked the man page for wait... but is there anyway to instantly kill this child process?? Have a look at 'man 2 kill' instead. The PID is the returnvalue from fork. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: X11: Zoom not working since upgrade to slink
* Johann Spies [EMAIL PROTECTED]: Sorry, I did not make it very clear. I am talking about the zoom-function described in /etc/XF86Config: # Uncomment this to disable the CrtlAltKP_+/KP_- mode switching # sequences. This allows clients to receive these key events. #DontZoom The mode-switching is not working although the above lines are an exact copy of the relevant part of my XF86Config. Just some obvious things that you've probably thought of already; * Does it say 'DontZoom' on a line somewhere else in the file that _isn't_ commented out? * Do you have more than one videomode? I don't know if I should hope that it helps or not:-) -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: XDMCP without xdm?
* Stuart Ballard [EMAIL PROTECTED]: Failing all this, is there a way to get a similar effect using startx? (ie, start an x session but run all programs from another machine). Use ssh! ssh will take care of seting up X-forwarding and setting the DISPLAY variable... On your client use startx with an xterm for your windowmanager. In the xterm ssh to the server and start the windowmanager of your choice from there. Now you're running all programs from your server. I've done this myself some times when the machine I'm at is really slow. I'm sure this could be automated if you use authentication keypairs... Do something like this in .xinitrc or whichever file is used with startx. -.xinitrc-- #if you have any special keybindings you'll want to do; xmodmap .Xmodmaprc #so your keybindings work when you type your password. ssh-add /dev/null some stuff you may wish to do... #On the last line you would normally 'exec' your windowmanager, but instead #ssh will start one on the remote machine... exec ssh your-hostname your-windowmanager-of-choice -.xinitrc-- Please note that I haven't tried this out, but it'll probably work... Take a look at the manpages for ssh, ssh-keygen and ssh-add and you'll get a feel for what to do. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: No sound from CDROM
* Steve George [EMAIL PROTECTED]: I have sound running fine on my machine for example I installed GNOME today and esd works fine. What has never worked is sound from the cdromI remember the sound HOWTO mentioning that this was a 'different' issue but I don't know what causes it. Could anyone point me in the right direction please? Do you have a wire going from your cdrom-drive to your soundcard? If no, then that's your problem -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: Humor a bit....
13. Runtime Error 6D at 417A:32CF: Incompetent User. How about Random Error? -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: uppgrading packages to unstable versions
Thanks to everyone who helped answer my questions. I found that when I installed the stable versions of the packages I tried to upgrade to unstable dselect didn't want to remove all those packages any more. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: uppgrading packages to unstable versions
* Shaleh [EMAIL PROTECTED]: unstable is now based on a new glibc. So if you want to migrate to it, tell dselect (or apt) to update based on the unstable directory and download the 40 - 80 some megs of updated packages. I'm afraid I choose a rather misleading subject, I'm not sure I want to upgrade to the unstable version of everything, I only intended to upgrade the packages required to run 2.2.x kernels. Whenever I select Install in dselect it sayes a lot of packages will be removed and asks if I understand that it's bad... How do I unmark all packages marked for uninstallation? Thanks in advance. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
uppgrading packages to unstable versions
I followed a link to http://www.uk.debian.org/releases/stable/running-kernel-2.2 It said one ought to upgrade a few packages to the unstable versions to run a 2.2.x kernel. I downloaded these and ran dpkg -i package.deb, downloaded a few more as dpkg complaind about dependencies, and when I thought I'd gotten enough packages I ran dselect and chose Install. This gave the following output: # dselect Reading Package Lists... Done Building Dependency Tree... Done Correcting dependencies... Done The following packages will be REMOVED: bibindex xcdroast raidtools libncurses4 tetex-extra dvidvi html2ps [ --- snip -- removed lot's of packege names ---] sysvinit rpncalc lftp dejagnu wdiff WARNING: The following essential packages will be removed This should NOT be done unless you know exactly what you are doing! util-linux libncurses4 (due to util-linux) bash libreadlineg2 (due to bash) bsdutils sysvinit (due to bsdutils) dpkg ncurses-bin 0 packages upgraded, 0 newly installed, 126 to remove and 0 not upgraded. 2 packages not fully installed or removed. Need to get 0b of archives. After unpacking 178Mb will be freed. You are about to do something potentially harmful To continue type in the phrase 'Yes, I understand this is bad' ?] Abort. This most certainly doesn't seem like something I want to do, but I suspect dselect will ask me if I want to remove them again... Now, could someone please tell me: How do I undo what I did? What went wrong? I've attached the commands I typed and the output I got. Thanks in advance. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts # dpkg -i kernel-source-2.2.1_2.2.1-1.deb sysutils_1.3.4.deb Selecting previously deselected package kernel-source-2.2.1. (Reading database ... 52443 files and directories currently installed.) Unpacking kernel-source-2.2.1 (from kernel-source-2.2.1_2.2.1-1.deb) ... Preparing to replace sysutils 1.3.3.1 (using sysutils_1.3.4.deb) ... Unpacking replacement sysutils ... Setting up kernel-source-2.2.1 (2.2.1-1) ... dpkg: dependency problems prevent configuration of sysutils: sysutils depends on libc6 (= 2.1); however: Version of libc6 on system is 2.0.7.19981211-6. sysutils depends on libncurses4 (= 4.2-3.1); however: Version of libncurses4 on system is 4.2-3. dpkg: error processing sysutils (--install): dependency problems - leaving unconfigured Errors were encountered while processing: sysutils # dpkg -i libc6_2.1.1-0.2.deb libncurses4_4.2-3.2.deb dpkg: considering removing timezones in favour of libc6 ... dpkg: yes, will remove timezones in favour of libc6. dpkg: regarding libc6_2.1.1-0.2.deb containing libc6: libc6 conflicts with apt ( 0.1.10.1) apt (version 0.1.9) is installed. dpkg: error processing libc6_2.1.1-0.2.deb (--install): conflicting packages - not installing libc6 (Reading database ... 52456 files and directories currently installed.) Preparing to replace libncurses4 4.2-3 (using libncurses4_4.2-3.2.deb) ... Unpacking replacement libncurses4 ... dpkg: dependency problems prevent configuration of libncurses4: libncurses4 depends on libc6 (= 2.1); however: Version of libc6 on system is 2.0.7.19981211-6. dpkg: error processing libncurses4 (--install): dependency problems - leaving unconfigured Errors were encountered while processing: libc6_2.1.1-0.2.deb libncurses4 # dpkg -i apt_0.3.4.deb (Reading database ... 52456 files and directories currently installed.) Preparing to replace apt 0.1.9 (using apt_0.3.4.deb) ... Unpacking replacement apt ... Setting up apt (0.3.4) ... ldconfig: warning: /usr/lib/libtcpwrapGK.so.1 is not a symlink ldconfig: warning: /usr/lib/libomniORB2.so.6 is not a symlink ldconfig: warning: /usr/lib/libomniLC.so.2 is not a symlink ldconfig: warning: /usr/lib/libomnithread.so.2 is not a symlink # dselect Reading Package Lists... Done Building Dependency Tree... Done Correcting dependencies... Done The following packages will be REMOVED: bibindex xcdroast raidtools libncurses4 tetex-extra dvidvi html2ps isapnptools emacs19-el xfonts-scalable procps timidity-patches filerunner telnet xproc aalib-bin tetex-base dpkg-perl libguile4 tcl8.0-dev xbase-clients oleo util-linux mysql-dev xterm ncftp acct screen bc sysutils dc typist mc mh nn scotty sc bash libgpmg1 tk8.0-dev scwm talk modconf tcsh-i18n tcsh dvilx sirc tix41 xfonts-75dpi tetex-bin python-net cftp python-base ytalk cam playmidi emacsen-common tetex-doc libreadlineg2-dev ddd libncurses4-dev python-tk aalib1 bug zircon iptraf xlbiff aumix dftp intlfonts-european gdb tkps xfonts-base libreadlineg2 bsdutils gom gpm metamail jed kbd mysql-server cron dpkg tkrat telnetd mtr tkstep8.0 bsdmainutils pkg-order netpbm fmirror netdiag aalib1-dev xfonts-100dpi xftp gimp vim tcl8.0 modutils netstd dpkg-ftp
Re: Printing:connection to 'localhost' failed - Connection refused
* Johann Spies [EMAIL PROTECTED]: connection to 'localhost' failed - Connection refused job 'cfA576Johann' transfer to [EMAIL PROTECTED] failed I had the same problem, I used the lprng package. This package I understand has more features for use in networks, however if you only use one local printer you're better off with the lpr package witch is easier to setup. I tried for a couple of weeks to get lprng to work and then gave up. As soon as I had installed lpr instead my printer began working. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: use the Windowkeys
* Pierfrancesco Caci [EMAIL PROTECTED]: I don't have a very clear picture of what the different Meta, Mode_switch and Multi mean. Does someone know what they are or where can I read some descriptions? I always found the man pages of xkeycaps, loadkeys etc. somewhat cryptical The Meta, Mode_switch etc. are just names for the keys; the key labled 'q' is named 'q', the key labled ',' is named 'comma'. The Meta_L and Meta_R are the keys on my keyboard that had the wintendo- logo on them (I've put stickers on) and the Menu key had the menu-and-pointer on it. This is a good idea. So you can free the Alt-F1 that most window managers use for the drop down menus Yes, but that's not all! (With a salesmans voice:-) This way I dont really need to bind those functions th the F-keys, I use almost only win-letter as I find that more convinient to type, and I can keep my fingers in touch posision (not beeing good at typing I need that even more). If the swedish keyb. is similar to the italian one, you have a Alt-Gr key on the right side, don't you? Yes. That's the one named Mode_switch I think this is the same as my Alt-Gr which generates Mod_3, so perhaps you could just bind some key to Mod_3. I've tried but didn't succeed. How did you do this? I selected swedish keyboard-layout when the installation program asked me what kind of keyboard I have. Unless you have a fairly good idea of what you're doing I'd advice against selecting a keyboard-layout that differs from your keyboard. (Remembering the bad old dos days, and the frustration when your bootdisk didn't have the file...) Have a look in the /usr/doc/kbd directory, there might be something helpful there. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: Selecting dist. (Was: Where is /etc/rc.d/rc.local on Debian?)
* Christian Dysthe [EMAIL PROTECTED]: now most users of Linux has been very well skilled in computer use. My girl friend has looked at my Linux installation and she wants it too. She will go out and buy Redhat. And as she says: Then I do not have to read all that stuff, at least not mailing lists and howto's just to install a driver These are the new Linux users. Like it or not. Thats quite unlike how I did, and how most people I know went about it. I just got the same distribution as a close friend of mine so I'd have someone to ask. After that I switched to Debian because I felt it was a good thing tm. I've got to learn how to do a lot of stuff in a different way now, but I've learnt a lot that didn't change and without that I might have needed a lot more time to learn everything I've gotten into my head so far. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: use the Windowkeys
* Pierfrancesco Caci [EMAIL PROTECTED]: :- Per-Olof == Per-Olof Widstrom [EMAIL PROTECTED] writes: Is there a way to have some use for the windowskey on the keyboard? I would like to put / in one of the windowkeys, and ~ on the other one. Is there a howto or something? I've used those keys for something different, but you may like that, or else someone else may... These are the lines of interest in my ~/.Xmodmaprc keycode 0x73 = Meta_L keycode 0x71 = Mode_switch Multi_key #I use a swedish keybooard. #Your mileage may vary. keycode 0x74 = Meta_R keycode 0x75 = Menu clear Mod1 clear Mod3 clear Mod4 addMod1= Alt_L Meta_R addMod3= Mode_switch addMod4= Meta_L Menu Which I call in my ~/.xsession with xmodmap .Xmodmaprc This lets me use Mod_4 for all windowmanager stuff like selecting, minimizing, maximizing etc. This way I don't have to use Alt-Ffoo but instead i can use Win-X to maximize, without worrying that I loose the possibility to use a keyboard shortcut in any application. Also swedish keyboards don't have a real Alt-key to the right of the spacebar which is annoying in netscape for instance - if I'm on the phone or whatever and only have one hand for typing I can't go back and forth without using the mouse. This way I have both the Alt- and Win-keys on both sides of the spacebar. Also I would like to be able to get a compose key to work with a us keyboard, so that I can generate accented vowels needed in italian language. I think this is the same as my Alt-Gr which generates Mod_3, so perhaps you could just bind some key to Mod_3. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: Bandwidth Control Program
* Russell Rademacher [EMAIL PROTECTED]: I am looking for a bandwidth control software so I can cramp down on the amount of bandwidth on certain network LANs that I am setting up here. In Have a look at traffic-shaper in the new kernels. I know it's in the 2.2.x I guess it could be found in a 2.1.x to... -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: CD-R/RW Question
Sorry for sending this to you twice Kenneth... Seems I just can't get used to the Reply-To's. * Kenneth Scharf [EMAIL PROTECTED]: I have also been told that the 2x and 4x drives only will write ONCE at that speed without powering down the computer (and therefore the drive) to let it cool down. But you can burn forever at 1x. Anyone had this problem? Nope. I roasted both slink cd's, one at 2x speed and one at 4x speed without powering down my pc. I have an HP cdwriter+ 8100 that roasts CD-Rs at 4x speed and CD-RWs at 2x speed. -- Ulrik Haugen [EMAIL PROTECTED] I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours. -- Stephen Roberts
Re: Home Page Design
Okay, everyone send e-mail to [EMAIL PROTECTED] and complain about unsolicited ads on our mailing list. Please don't! Try to get trough to [EMAIL PROTECTED] or something similar and urge them to remove salesjohn's access. Please note that I haven't tried to find out if usa.net is a proper domain... Regards Ulrik Haugen
Re: Printer config: still not there
Hi!
I'm having similar problems (ok, perhaps the similarities are just that
I to am having printing problems).
* Carl Fink [EMAIL PROTECTED]:
/etc/printcap refers to the generic dot matrix printer and printing
stairsteps off the edge of the page in two lines. No problem -- I
I guess I'll try this pretty soon.
have the printcap from my previous system archived, and that had the
And I have one for my HP OfficeJet, (really a DeskJet with a scanner
on top of it).
Copy that over the generic printcap, kill and restart lpd and *lpd
refuses to start*. That is, it (apparently) exits instantly on any
attempt to start it, without error messages to the console (even with
the -F flag) and without putting any messages in any system logs.
Now that's not what my lpd does. lpq just says Queue: no printable
jobs in queue no matter what I try to print with lpr, so I guess it just
discards whatever I send to it.
Is anyone working on a user-friendly printer setup program for Linux?
I might volunteer for such a project.
RedHat has a really nice program callied printtool in its Control panel.
I don't know how free it is but it did a great job of setting up my
printer when I used the lpd etc. that came with RedHat 5.2.
If I su to root and cat something to /dev/lp0 it goes to my printer
but with the famous stairstep effects...
This is the entry I have in my /etc/printcap
##PRINTTOOL3## LOCAL cdj550 300x300 a4 {} DeskJet550 3 1
lp:\
:sd=/var/spool/lpd/lp:\
:mx#0:\
:sh:\
:lp=/dev/lp0:\
:if=/var/spool/lpd/lp/filter:
