Bug#760551: shorewall: example 'universal' fails after upgrade

Andreas B. Mundt Fri, 05 Sep 2014 01:16:03 -0700

Package: shorewall
Version: 4.6.3-1
Severity: normal

Hi,


after the latest update of shorewall the 'universal' example
configuration fails:

   $ sudo shorewall start
   Compiling...
   Processing /etc/shorewall/params ...
   Processing /etc/shorewall/shorewall.conf...
   Loading Modules...
   Compiling /etc/shorewall/zones...
   Compiling /etc/shorewall/interfaces...
   Determining Hosts in Zones...
   Locating Action Files...
   Compiling /etc/shorewall/policy...
   Adding rules for DHCP
   Compiling TCP Flags filtering...
   Compiling Kernel Route Filtering...
   Compiling Martian Logging...
   Compiling MAC Filtration -- Phase 1...
   Compiling /etc/shorewall/rules...
   Compiling /etc/shorewall/conntrack...
   Compiling MAC Filtration -- Phase 2...
   Applying Policies...
   Compiling /usr/share/shorewall/action.Drop for chain Drop...
   Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast...
   Generating Rule Matrix...
   Optimizing Ruleset...
   Creating iptables-restore input...
   Shorewall configuration compiled to /var/lib/shorewall/.start
   Starting Shorewall....
      ERROR: No network interface available: Firewall state not changed
   Terminated

The configuration worked fine before.  With the help of [1], I found
that modifying '/etc/shorewall/interfaces' fixed/worked around the issue:

   andi@flashgordon:/etc/shorewall$ diff -u interfaces interfaces.good
   --- interfaces  2014-09-05 09:58:21.616550151 +0200
   +++ interfaces.good     2014-09-04 14:27:06.630210721 +0200
   @@ -11,4 +11,4 @@
    
###############################################################################
    #ZONE  INTERFACE       OPTIONS
    -      lo              ignore
   -net    all             dhcp,physical=+,routeback,optional
   +net    eth0            dhcp,routeback,optional

Looks like the wildcard '+' is not working as expected.

Thanks,

        Andi

[1] <URL:https://bbs.archlinux.org/viewtopic.php?pid=1449379#p1449379>


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages shorewall depends on:
ii  bc                     1.06.95-9
ii  debconf [debconf-2.0]  1.5.53
ii  iproute                1:3.16.0-1
ii  iproute2               3.16.0-1
ii  iptables               1.4.21-2
ii  perl-modules           5.20.0-4
ii  shorewall-core         4.6.3-1

shorewall recommends no packages.

Versions of packages shorewall suggests:
ii  make           4.0-8
pn  shorewall-doc  <none>


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Bug#760551: shorewall: example 'universal' fails after upgrade

Reply via email to