On Mon, 2006-11-13 at 07:39 -0800, Tom Eastep wrote: > Wratmoko Hadi HSW wrote: > > On Mon, 2006-11-13 at 16:52 +1000, Paul Gear wrote: > >> Wratmoko Hadi HSW wrote: > >>> Dear all, > >>> > >>> After update from 3.2.4 to 3.2.5 version > >>> my maclist seem not working > >>> stop with this error : > >>> > >>> Setting up MAC Filtration -- Phase 1... > >>> iptables v1.3.6: policy match: invalid policy `--dir' > >>> Try `iptables -h' or 'iptables --help' for more information. > >>> ERROR: Command "/sbin/iptables -A eth1_fwd -s 0.0.0.0/0 -m state > >>> --state NEW -m policy --pol --dir in -j eth1_mac" Failed > >> Have you also upgraded your kernel and/or iptables? If you downgrade > >> your shorewall package to 3.2.4, does it work again? > >> > >> Paul > > > > Yes, it work fine if downgrade into into 3.2.4 version > > Please try the attached patch against the 3.2.5 'compiler' file > (/usr/share/shorewall/complier). > > Thanks, > -Tom
I ready patch compiler file, maclist verification seem works again IP Forwarding Enabled Setting up SYN Flood Protection... Setting up IPSEC management... Setting up MAC Filtration -- Phase 1... Setting up Rules... Setting up Tunnels... Setting up Actions... Creating action chain Drop Creating action chain Reject Creating action chain dropBcast Creating action chain dropInvalid Creating action chain dropNotSyn Setting up MAC Filtration -- Phase 2... Applying Policies... Setting up Masquerading/SNAT... Setting up TOS... Setting up ECN... Setting up TC Rules... Activating Rules... Processing /etc/shorewall/start ... Processing /etc/shorewall/started ... here some log Nov 14 10:19:15 pantheon kernel: Shorewall:eth1_mac:REJECT:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:b9:8a:48:c0:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=59529 PROTO=UDP SPT=68 DPT=67 LEN=308 thanks for advanced ------------------------------------------------------ Wratmoko Hadi HSW GSM : +62.8157115488 CDMA : +62.22.91175530 E-Mail : [EMAIL PROTECTED] System & Network Dev Pacific Telematika Indonesia Phone : +62.22.7308600 Fax : +62.22.7308601 Bandung - Indonesia http://www.bdg.pacific.net.id ------------------------------------------------------ Tue Nov 14 09:32:16 WIT 2006 Linux 2.6.17-1.2142_FC4 GNU/Linux Linux Counter #361972 KPLI #022-200011-495 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
