Hi Tom,
I applied the 4.0.4-1 rpm files on my current running version (SVN 7352 from
9/17/2007). (I had to use --nodeps because it did not find iptables, iproute,
/bin/sh and /usr/bin/perl as dependencies. Those are in the path but probably
not installed with RPM.)
I tried the shorewall check function on my current running configuration with
both compiler.
Problem #1:
`shorewall -v check -C perl` chokes on one line in the route_rules file:
Checking /etc/shorewall/providers ...
Provider "BDSL 1 256 main ppp1 194.152.155.65 track eth0,eth3" Checked
Provider "ADSL 2 512 main ppp0 194.152.155.72 track eth0,eth3" Checked
Provider "CABLE 3 1024 main eth4 84.3.248.1 track eth0,eth3" Checked
Routing rule "192.168.2.247 - CABLE 500" Checked
ERROR: Invalid IP Address (eth3) : /etc/shorewall/route_rules (line 2)
Meanwhile
`shorewall -v check -C shell` chokes on another line in the route_rules file:
Checking /etc/shorewall/providers...
Provider BDSL 1 256 main ppp1 194.152.155.65 track eth0,eth3 checked
Provider ADSL 2 512 main ppp0 194.152.155.72 track eth0,eth3 checked
Provider CABLE 3 1024 main eth4 84.3.248.1 track eth0,eth3 checked
Checking /etc/shorewall/route_rules...
ERROR: Invalid priority (500) in rule "192.168.2.247 - 500 CABLE"
Changing the priority to 1001 passes both lines in the shell compiler.
The route_rules file is the following:
#
# Shorewall version 3.2 - route_rules File
#
#
# For additional information, see http://www.shorewall.net/MultiISP.html
##############################################################################
#SOURCE DEST PROVIDER PRIORITY
$BELACLOC - CABLE 500
eth3 - BDSL 1000
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
This route_rules file runs fine with the 7352 svn version.
One can clearly see that the line number reported in shorewall perl is not
counting the comment lines either.
Problem #2:
`shorewall -v check -C shell` chokes on a tcrules mark value which passes the
perl compiler just fine:
Compiling /etc/shorewall/tcrules...
TC Rule "RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0 " checked
TC Rule "CONTINUE 0.0.0.0/0 0.0.0.0/0 all - - - !0 " checked
ERROR: Invalid Mark or Mask value: 518
HIGH_ROUTE_MARKS=Yes in the config file. Corresponding lines in tcrules:
#MARK SOURCE DEST PROTO DEST SOURCE USER TEST
LENGTH TOS
# PORT(S) PORT(S)
RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0
CONTINUE 0.0.0.0/0 0.0.0.0/0 all - - - !0
518 0.0.0.0/0 0.0.0.0/0 ipp2p:all
SAVE 0.0.0.0/0 0.0.0.0/0 all - - - !0
Hopefully this report sufficient to find the problem.
Best regards,
Andras
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
