On Friday 23 Nov 2012 19:41:01 Tom Eastep wrote: > On 11/23/12 7:35 AM, Steven Jan Springl wrote: > > the attached config. the following stoppedrules entry: > > NOTRACK fw:1.1.1.1 - icmp > > > > generates the following iptables rule: > > > > -A OUTPUT -p 1 -s 1.1.1.1 -j CT --notrack > > > > When command "shorewall stop" is issued the following error message is > > produced: > > > > iptables-restore: line 31 failed > > > > In /var/log/syslog the following message appears: > > > > Nov 23 15:23:24 l4 kernel: [ 3496.562820] x_tables: ip_tables: CT target: > > only valid in raw table, not filter > > Patch NOTRACK.patch attached. > > > While investigating the above error, I noticed that when the following > > > > commands are issued: > > shorewall debug stop > > shorewall debug try /etc/shorewall2A4 > > shorewall debug clear > > > > The debug option is ignored and iptables-restore is used. Is this > > expected? > > No. Patch DEBUG.patch attached. > > Thanks Steven, > -Tom
Tom Confirmed, the patches fix both issues. Thanks. Steven. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
