Hello List!
I have some trouble with using Shorewall-4.0.2 under OpenVZ
environment.
When i try to use shorewall in virtual server i can't use iptables modules
loading Shorewall feature. I create empty /etc/shorewall/modules file and
'shorewall check' command runs fine. But when i start 'shorewall' i get
follow error (at the end of list):
gate / # shorewall start
Compiling...
Compiling /etc/shorewall/zones...
Compiling /etc/shorewall/interfaces...
Determining Hosts in Zones...
Preprocessing Action Files...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Compiling /etc/shorewall/policy...
Compiling /etc/shorewall/routestopped for critical hosts...
Compiling /etc/shorewall/routestopped...
Adding Anti-smurf Rules
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling /etc/shorewall/masq...
Compiling MAC Filtration -- Phase 1...
Compiling /etc/shorewall/rules...
Generating Transitive Closure of Used-action List...
Processing /usr/share/shorewall/action.Reject for chain Reject...
Processing /usr/share/shorewall/action.Drop for chain Drop...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Generating Rule Matrix...
Creating iptables-restore input...
Shorewall configuration compiled to /var/lib/shorewall/.start
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Setting up ARP filtering...
Setting up Route Filtering...
Setting up Martian Logging...
Setting up Accept Source Routing...
IP Forwarding Enabled
Setting up Proxy ARP...
Setting up Traffic Control...
Preparing iptables-restore input...
Running iptables-restore...
WARNING: Error inserting x_tables
(/lib/modules/2.6.18-028stab035/kernel/net/netfilter/x_tables.ko):
Operation not permitted
FATAL: Error inserting ip_tables
(/lib/modules/2.6.18-028stab035/kernel/net/ipv4/netfilter/ip_tables.ko):
Operation not permitted
WARNING: Error inserting x_tables
(/lib/modules/2.6.18-028stab035/kernel/net/netfilter/x_tables.ko):
Operation not permitted
FATAL: Error inserting ip_tables
(/lib/modules/2.6.18-028stab035/kernel/net/ipv4/netfilter/ip_tables.ko):
Operation not permitted
Processing /etc/shorewall/start ...
Processing /etc/shorewall/started ...
done.
In virtual server Shorewall can't found iptables modules but it
loaded and working ('x_tables' and 'ip_tables' also). How i can disable
this check of modules presence (when shorewall 'Running
iptables-restore...').
Thank you very much.
Aleksandr Shubik
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
