[EMAIL PROTECTED] wrote: > Hi, > > i've been trying, for a few days, to migrate from shorewall 2.2.4 to > 3.4.2, then 3.4.4 > > After reading several times instructions on migration, new manpages and > features, I can't figure out why it's still not working. > > I may have missed something important or completly numb but can't figure > out what as when I run shorewall check, it says to me : > > ... > Checking Rule Activation... > Shorewall configuration verified > > but when I run shorewall start, I get : > > ... > Compiling Rule Activation... > Shorewall configuration compiled to /var/lib/shorewall/.start > /var/lib/shorewall/.start: line 1508: syntax error near unexpected token `}' > /var/lib/shorewall/.start: line 1508: `}' > > After looking at /var/lib/shorewall/.start, the problem seems to be more > near line 839 which corresponds to my first DNAT rule ..
Sure would be good if you would show us your "first DNAT rule". There was a problem like this corrected in 3.4.4 but you seem to have found another one. . > > the generated code seems lacking a "done" command : > > ..... > addr=$(find_first_interface_address eth0) > run_iptables -t nat -N net0_dnat > > for adr in $addr; do > run_iptables -t nat -A net0_dnat -p tcp --dport 57 -d $adr -j DNAT > --to-destination 10.2.22.5 > run_iptables -A net02lan2 -p tcp -d 10.2.22.5 --dport 57 -j ACCEPT > progress_message " Rule \"DNAT net0 lan2:10.2.22.5 tcp 57 \" added." > > ^^^^^ shouldn't there be a "done" here ? > > addr=$(find_first_interface_address eth0) > > for adr in $addr; do > ..... > > I do think about a misconfiguration from my side but as I get no errors, > I can't figure it out ...it looks like something is fooling the compiler > as he doesn't generate a correct bash script > > Sorry for bothering you with such a silly thing, I would appreciate it if you would: a) shorewall show -f capabilities > /etc/shorewall/capabilities b) Tar up your /etc/shorewall directory and send the tarball to be personally. Thanks, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
