Hi Thomas, Thanks for reporting this problem. I certainly had not noticed it previously. I will investigate it in the next day or two and prepare and include when I upload the first 4.6.x packages (on which I am already tardy).
I am not concerned that much about testing, since whatever goes into unstable will propogate to testing within a couple of weeks. As far as a stable update goes, I am not sure if this meets the threshold. I will have to check and see where the stable release team is in the cycle for the next point release. Regards, -Roberto On Sun, Jun 15, 2014 at 02:55:12AM +0200, Thomas D. wrote: > Hi, > > in Debian's shorewall-init runscript there seems to be an error in the > shorewall_start function. See > <http://sourceforge.net/p/shorewall/code/ci/master/tree/Shorewall-init/init.debian.sh#l120>: > > > else > > echo echo_notdone > > fi > > done > > > > echo "done." > > > > return 0 > > } > > Instead of calling the echo_notdone function, it is echoing echo_notdone... > > Currently: > > > Sun Jun 15 02:21:53 2014: Initializing "Shorewall-based firewalls": > > Compiling... > > Sun Jun 15 02:21:53 2014: /var/lib/shorewall/firewall is up to date -- no > > compilation required > > Sun Jun 15 02:21:53 2014: echo_notdone > > Sun Jun 15 02:21:53 2014: Compiling... > > Sun Jun 15 02:21:53 2014: /var/lib/shorewall6/firewall is up to date -- no > > compilation required > > Sun Jun 15 02:21:53 2014: echo_notdone > > Sun Jun 15 02:21:53 2014: done. > > Sun Jun 15 02:21:56 2014: [....] Configuring network interfaces...Waiting > > for DAD... Done > > Sun Jun 15 02:21:59 2014: done. > > Sun Jun 15 02:21:59 2014: [ ok ] Cleaning up temporary files.... > > Sun Jun 15 02:21:59 2014: [ ok ] Setting up X socket directories... > > /tmp/.X11-unix /tmp/.ICE-unix. > > Sun Jun 15 02:21:59 2014: Starting "Shorewall firewall": done. > > Sun Jun 15 02:21:59 2014: Starting "Shorewall6 firewall": done. > > Sun Jun 15 02:21:59 2014: INIT: Entering runlevel: 2 > > If you fix the problem (remove the "echo") the new output will be > > > Sun Jun 15 02:39:09 2014: Initializing "Shorewall-based firewalls": > > Compiling... > > Sun Jun 15 02:39:09 2014: /var/lib/shorewall/firewall is up to date -- no > > compilation required > > Sun Jun 15 02:39:09 2014: not done. > > Sun Jun 15 02:39:12 2014: [....] Configuring network interfaces...Waiting > > for DAD... Done > > Sun Jun 15 02:39:15 2014: done. > > Sun Jun 15 02:39:15 2014: [ ok ] Cleaning up temporary files.... > > Sun Jun 15 02:39:15 2014: [ ok ] Setting up X socket directories... > > /tmp/.X11-unix /tmp/.ICE-unix. > > Sun Jun 15 02:39:15 2014: Starting "Shorewall firewall": done. > > Sun Jun 15 02:39:15 2014: Starting "Shorewall6 firewall": done. > > Sun Jun 15 02:39:15 2014: [FAIL] startpar: service(s) returned failure: > > shorewall-init ... failed! > > Sun Jun 15 02:39:15 2014: INIT: Entering runlevel: 2 > > This uncovers two additional problems: > > 1) shorewall-init isn't doing its job. I added "set -x" to see why > > > if [ -x ${STATEDIR}/$PRODUCT/firewall ]; then > > fails: > > > Sun Jun 15 02:46:43 2014: Initializing "Shorewall-based firewalls": + > > setstatedir > > Sun Jun 15 02:46:43 2014: + local statedir > > Sun Jun 15 02:46:43 2014: + [ -f /etc/shorewall/vardir ] > > Sun Jun 15 02:46:43 2014: + [ -n ] > > Sun Jun 15 02:46:43 2014: + STATEDIR=/var/lib//shorewall > > Sun Jun 15 02:46:43 2014: + [ shorewall = shorewall -o shorewall = > > shorewall6 ] > > Sun Jun 15 02:46:43 2014: + /sbin/shorewall -V0 compile -c > > Sun Jun 15 02:46:43 2014: Compiling... > > Sun Jun 15 02:46:43 2014: /var/lib/shorewall/firewall is up to date -- no > > compilation required > > Sun Jun 15 02:46:43 2014: + [ -x /var/lib//shorewall/shorewall/firewall ] > > Sun Jun 15 02:46:43 2014: + echo_notdone > > Sun Jun 15 02:46:43 2014: + echo not done. > > Sun Jun 15 02:46:43 2014: not done. > > Looks like $PRODUCT is not needed, because it is already set with STATEDIR? > > > 2) The shorewall and shorewall6 runscript should start *after* > shorewall-init. > > > Tested with shorewall*-4.5.21.9-1 on Debian jessie/testing. But should > also affect stable (wheezy) and old stable (squeeze). > > > -Thomas > > ------------------------------------------------------------------------------ > HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions > Find What Matters Most in Your Big Data with HPCC Systems > Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. > Leverages Graph Analysis for Fast Processing & Easy Data Exploration > http://p.sf.net/sfu/hpccsystems > _______________________________________________ > Shorewall-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-devel -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
