https://qa.mandrakesoft.com/show_bug.cgi?id=1952
Product: drakxtools
Component: drakxtools
Summary: drakgw doesn't work due to configuring shorewall
incorrectly
Version: 9.1-2mdk
Platform: PC
OS/Version: All
Status: UNCONFIRMED
Severity: normal
Priority: P2
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
I hope this isn't due to a stale config anywhere (I've been running Cooker since
before 9.0). On my system, drakgw currently doesn't work. It runs fine and
reports success, but the shorewall settings it creates are wrong and break
shorewall. It creates a /etc/shorewall/interfaces file with this lines (among
all the comments):
net eth0 detect
masq eth1 detect
loc eth1 detect
This is invalid according to the comments in the same file, which state that you
can only specify each interface *once* in the interfaces file. If a single
interface needs to use multiple zones, as seems to be the case, it says these
need to be defined in /etc/shorewall/hosts and the zone for the interface should
be set to "-".
The upshot of all this is that the shorewall service does not start, complaining
about the multiple instances of eth1 in the /etc/shorewall/interfaces file. This
makes internet connection sharing configuration impossible and may break
existing setups, which is a severe problem, IMO.
I have confirmed this with several ways of setting up internet connection
sharing. At first I set up the firewall first then configured ICS, then I
removed shorewall entirely and attempted to set up ICS without configuring the
firewall. The resulting /etc/interfaces files was the same in both cases, and
did not work.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
