Hi, On 2014-11-05 16:44, Tom Eastep wrote: > On 11/5/2014 5:14 AM, Thomas D. wrote: >> Hi, >> >> the patch works, but: >> >> >> 1) I need to restart shorewall twice again: >> >> 0: Running system with linux-3.17.2 >> >> 1: Applying the patch >> >> 2: # shorewall safe-restart >> [...] >> Setting up log backend >> /var/lib/shorewall/.start: line 2079: echo: write error: No such >> file or directory >> WARNING: Unable to set log backend to nf_log_ipv4 >> >> 3: # shorewall safe-restart >> => 2nd restart succeeded >> >> That's not a good user experience. >> >> >> 2) I now have a working compiled firewall in /var/lib/shorewall. >> When I now reboot from linux-3.17.2 back into linux-3.16.6, >> the firewall script still works. No error on start, LOG_BACKEND >> will be set to ipt_LOG. >> >> But when I restart again, this time from linux-3.16.6 back to >> linux-3.17.2 (a typical upgrade scenario), the first boot with >> linux-3.17.2 will show me the following error >> >> [...] >> * Starting shorewall ... >> /var/lib/shorewall/.start: line 2079: echo: write error: No such file >> or directory >> WARNING: Unable to set log backend to nf_log_ipv4 >> >> I need to restart shorewall by hand to get this fixed. > > Upstream have clearly changed the module names *again*. Can you send me > the output of "lsmod" so I can try to understand what they have changed?
Requested information attached. -Thomas
vm-gentoo-x64 ~ # uname -r 3.17.2-gentoo vm-gentoo-x64 ~ # cat /proc/net/netfilter/nf_log 0 NONE (nfnetlink_log) 1 NONE (nfnetlink_log) 2 nf_log_ipv4 (nf_log_ipv4,nfnetlink_log) 3 NONE (nfnetlink_log) 4 NONE (nfnetlink_log) 5 NONE (nfnetlink_log) 6 NONE (nfnetlink_log) 7 NONE (nfnetlink_log) 8 NONE (nfnetlink_log) 9 NONE (nfnetlink_log) 10 nf_log_ipv6 (nf_log_ipv6,nfnetlink_log) 11 NONE (nfnetlink_log) 12 NONE (nfnetlink_log) vm-gentoo-x64 ~ # lsmod Module Size Used by nf_log_ipv6 4814 0 nf_log_ipv4 4247 5 nf_log_common 3382 2 nf_log_ipv4,nf_log_ipv6 xt_recent 9704 1 xt_comment 1040 12 ipt_REJECT 2421 4 xt_addrtype 2963 5 xt_mark 1323 1 xt_CT 4372 22 xt_multiport 1869 2 xt_NFLOG 1233 0 nfnetlink_log 8857 1 xt_NFLOG xt_LOG 1457 5 nf_nat_tftp 1057 0 nf_nat_snmp_basic 8022 0 nf_conntrack_snmp 1574 3 nf_nat_snmp_basic nf_nat_sip 8922 0 nf_nat_pptp 2413 0 nf_nat_proto_gre 1549 1 nf_nat_pptp nf_nat_irc 1659 0 nf_nat_h323 6542 0 nf_nat_ftp 1985 0 nf_nat_amanda 1315 0 ts_kmp 1909 5 nf_conntrack_amanda 2996 3 nf_nat_amanda nf_conntrack_sane 4549 2 nf_conntrack_tftp 4355 3 nf_nat_tftp nf_conntrack_sip 23152 3 nf_nat_sip nf_conntrack_proto_udplite 4569 0 nf_conntrack_proto_sctp 8283 0 nf_conntrack_pptp 5184 3 nf_nat_pptp nf_conntrack_proto_gre 5043 1 nf_conntrack_pptp nf_conntrack_netlink 28463 0 nfnetlink 6571 2 nfnetlink_log,nf_conntrack_netlink nf_conntrack_netbios_ns 1297 2 nf_conntrack_broadcast 1383 2 nf_conntrack_netbios_ns,nf_conntrack_snmp nf_conntrack_irc 4529 3 nf_nat_irc nf_conntrack_h323 53671 5 nf_nat_h323 nf_conntrack_ftp 7549 3 nf_nat_ftp xt_tcpudp 2547 37 xt_conntrack 3312 5 iptable_mangle 1743 1 iptable_nat 2914 0 nf_conntrack_ipv4 8417 28 nf_defrag_ipv4 1654 1 nf_conntrack_ipv4 nf_nat_ipv4 3823 1 iptable_nat nf_nat 14961 10 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,nf_nat_proto_gre,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,iptable_nat nf_conntrack 80833 29 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,nf_conntrack_proto_udplite,nf_nat,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_conntrack_proto_sctp,nf_conntrack_netlink,nf_conntrack_broadcast,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,iptable_nat,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp iptable_raw 1502 1 iptable_filter 1762 1 ip_tables 17319 4 iptable_filter,iptable_mangle,iptable_nat,iptable_raw x_tables 21041 15 xt_mark,xt_CT,xt_comment,xt_recent,ip_tables,xt_tcpudp,xt_NFLOG,xt_conntrack,xt_LOG,xt_multiport,iptable_filter,ipt_REJECT,iptable_mangle,xt_addrtype,iptable_raw coretemp 6577 0 psmouse 17386 0 pcspkr 2118 0 i2c_piix4 9414 0 libcrc32c 1179 0 dm_log_userspace 11722 0 pcnet32 34318 0 mii 4815 1 pcnet32 e1000 106251 0 fuse 82431 1 nfs 204999 0 lockd 67596 1 nfs sunrpc 235655 2 nfs,lockd fscache 56356 1 nfs dm_snapshot 30337 0 dm_bufio 18893 1 dm_snapshot dm_mirror 13296 0 dm_region_hash 9320 1 dm_mirror dm_log 9122 3 dm_region_hash,dm_mirror,dm_log_userspace usb_storage 51715 0
vm-gentoo-x64 ~ # uname -r 3.16.7-gentoo vm-gentoo-x64 ~ # cat /proc/net/netfilter/nf_log 0 NONE (nfnetlink_log) 1 NONE (nfnetlink_log) 2 ipt_LOG (ipt_LOG,nfnetlink_log,ipt_ULOG) 3 NONE (nfnetlink_log) 4 NONE (nfnetlink_log) 5 NONE (nfnetlink_log) 6 NONE (nfnetlink_log) 7 NONE (nfnetlink_log) 8 NONE (nfnetlink_log) 9 NONE (nfnetlink_log) 10 ip6t_LOG (ip6t_LOG,nfnetlink_log) 11 NONE (nfnetlink_log) 12 NONE (nfnetlink_log) vm-gentoo-x64 ~ # lsmod Module Size Used by xt_recent 9704 1 xt_comment 1040 12 ipt_REJECT 2421 4 xt_addrtype 2963 5 xt_mark 1323 1 xt_CT 4372 22 xt_multiport 1869 2 ipt_ULOG 5195 0 xt_NFLOG 1233 0 nfnetlink_log 9049 1 xt_NFLOG xt_LOG 12716 5 nf_nat_tftp 1057 0 nf_nat_snmp_basic 8022 0 nf_conntrack_snmp 1574 3 nf_nat_snmp_basic nf_nat_sip 8922 0 nf_nat_pptp 2413 0 nf_nat_proto_gre 1549 1 nf_nat_pptp nf_nat_irc 1659 0 nf_nat_h323 6542 0 nf_nat_ftp 1985 0 nf_nat_amanda 1315 0 ts_kmp 1909 5 nf_conntrack_amanda 2996 3 nf_nat_amanda nf_conntrack_sane 4549 2 nf_conntrack_tftp 4355 3 nf_nat_tftp nf_conntrack_sip 23152 3 nf_nat_sip nf_conntrack_proto_udplite 4569 0 nf_conntrack_proto_sctp 8283 0 nf_conntrack_pptp 5184 3 nf_nat_pptp nf_conntrack_proto_gre 5043 1 nf_conntrack_pptp nf_conntrack_netlink 28463 0 nfnetlink 6193 2 nfnetlink_log,nf_conntrack_netlink nf_conntrack_netbios_ns 1297 2 nf_conntrack_broadcast 1383 2 nf_conntrack_netbios_ns,nf_conntrack_snmp nf_conntrack_irc 4529 3 nf_nat_irc nf_conntrack_h323 53671 5 nf_nat_h323 nf_conntrack_ftp 7549 3 nf_nat_ftp xt_tcpudp 2547 37 xt_conntrack 3312 5 iptable_mangle 1743 1 iptable_nat 2914 0 nf_conntrack_ipv4 8417 28 nf_defrag_ipv4 1654 1 nf_conntrack_ipv4 nf_nat_ipv4 3823 1 iptable_nat nf_nat 14961 10 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,nf_nat_proto_gre,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,iptable_nat nf_conntrack 80712 29 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,nf_conntrack_proto_udplite,nf_nat,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_conntrack_proto_sctp,nf_conntrack_netlink,nf_conntrack_broadcast,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,iptable_nat,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp iptable_raw 1502 1 iptable_filter 1762 1 ip_tables 17319 4 iptable_filter,iptable_mangle,iptable_nat,iptable_raw x_tables 21265 16 xt_mark,xt_CT,xt_comment,ipt_ULOG,xt_recent,ip_tables,xt_tcpudp,xt_NFLOG,xt_conntrack,xt_LOG,xt_multiport,iptable_filter,ipt_REJECT,iptable_mangle,xt_addrtype,iptable_raw coretemp 6577 0 pcspkr 2118 0 psmouse 17386 0 i2c_piix4 9414 0 libcrc32c 1179 0 dm_log_userspace 11722 0 pcnet32 34414 0 mii 4815 1 pcnet32 e1000 106027 0 fuse 82467 1 nfs 203600 0 lockd 67596 1 nfs sunrpc 234845 2 nfs,lockd fscache 56324 1 nfs dm_snapshot 30439 0 dm_bufio 18964 1 dm_snapshot dm_mirror 13296 0 dm_region_hash 9320 1 dm_mirror dm_log 9122 3 dm_region_hash,dm_mirror,dm_log_userspace usb_storage 51619 0
------------------------------------------------------------------------------
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
