okay, let's hunt this down together, shall we. for i in `rpm -ql shorewall`; do echo $i && sudo grep -c run_iptables $i; done
Okay, that came from /usr/lib/shorewall/firewall. less it and /run_ip -- okay, it's a wrapper that provides a graceful exit in the event of iptables barfing. Because the line in question isn't using the wrapper, you don't get a graceful exit. iptables -t nat -A eth0_masq -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE now let's man iptables and walk through it. table nat, append a rule, eth0_masq source of 192.168.1.0/24 destination any, action masquerade. Uh-oh, that doesn't make any sense. Perhaps the intent was to use -i in order to specify an interface? eth0_masq is clearly one of your interface names. Jack On Wed, 2003-08-13 at 18:39, Jim C wrote: > Yeah, when looking at it, that is what I thought too at first but you > see that all through the trace and it only becomes a problem at this point. > Also keep in mind that it works find on a non-mosix kernel. This would > seem to indicate that it is a kernel issue not a shorewall issue. > So here is what I think the question is: What kernel feature is > shorewall trying to use in those last couple of lines? > > >ever see Sesame Street? They've got this really cool song, it goes "One > >of these things is not like the other, one of these things is not the > >same..." :-) > > > >Try using run_iptables instead of iptables. > > > > > > > > > > ______________________________________________________________________ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
