The shorewall dont't start and I get two sort of errors
first one:
Compiling...
FATAL: Error inserting nf_conntrack_h323
(/lib/modules/2.6.22.9-0.4-xen/kernel/net/netfilter/nf_conntrack_h323.ko):
Unknown symbol in module, or unknown parameter (see dmesg)
WARNING: Error inserting nf_conntrack_h323
(/lib/modules/2.6.22.9-0.4-xen/kernel/net/netfilter/nf_conntrack_h323.ko):
Unknown symbol in module, or unknown parameter (see dmesg)
FATAL: Error inserting nf_nat_h323
(/lib/modules/2.6.22.9-0.4-xen/kernel/net/ipv4/netfilter/nf_nat_h323.ko):
Unknown symbol in module, or unknown parameter (see dmesg)
starting go forward and when I get second one all stops:
Applying Policies...
Activating Rules...
iptables: Invalid argument
ERROR: Command "/usr/sbin/iptables -A OUTPUT -o xenbr0 -j xenbr0_out"
Failed
Processing /etc/shorewall/stop ...
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 366: 6164 Terminated
${VARDIR}/.start $debugging start
I have similar configuration on OpenSuse 10.2 and SHOREWALL 3.2.x and
work just fine.
I attach end from my trace file, were shorewall start stops-terminated.
---------------------------------------------------------------------------
+ run_iptables -A xenbr0_out -m physdev --physdev-out peth0 -j fw2all
+ '[' -n '' ']'
+ /usr/sbin/iptables -A xenbr0_out -m physdev --physdev-out peth0 -j fw2all
+ '[' 0 -ne 0 ']'
+ run_iptables -A xenbr0_in -m physdev --physdev-in peth0 -j net2fw
+ '[' -n '' ']'
+ /usr/sbin/iptables -A xenbr0_in -m physdev --physdev-in peth0 -j net2fw
+ '[' 0 -ne 0 ']'
+ run_iptables -A eth0_out -d 0.0.0.0/0 -j fw2all
+ '[' -n '' ']'
+ /usr/sbin/iptables -A eth0_out -d 0.0.0.0/0 -j fw2all
+ '[' 0 -ne 0 ']'
+ run_iptables -A eth0_in -s 0.0.0.0/0 -j net2fw
+ '[' -n '' ']'
+ /usr/sbin/iptables -A eth0_in -s 0.0.0.0/0 -j net2fw
+ '[' 0 -ne 0 ']'
+ run_iptables -A xenbr0_fwd -m physdev --physdev-in peth0 -o xenbr0 -m
physdev --physdev-out vif+ -j net2dmz
+ '[' -n '' ']'
+ /usr/sbin/iptables -A xenbr0_fwd -m physdev --physdev-in peth0 -o
xenbr0 -m physdev --physdev-out vif+ -j net2dmz
+ '[' 0 -ne 0 ']'
+ run_iptables -A eth0_fwd -s 0.0.0.0/0 -o xenbr0 -m physdev
--physdev-out vif+ -j net2dmz
+ '[' -n '' ']'
+ /usr/sbin/iptables -A eth0_fwd -s 0.0.0.0/0 -o xenbr0 -m physdev
--physdev-out vif+ -j net2dmz
+ '[' 0 -ne 0 ']'
+ run_iptables -A FORWARD -i xenbr0 -j xenbr0_fwd
+ '[' -n '' ']'
+ /usr/sbin/iptables -A FORWARD -i xenbr0 -j xenbr0_fwd
+ '[' 0 -ne 0 ']'
+ run_iptables -A INPUT -i xenbr0 -j xenbr0_in
+ '[' -n '' ']'
+ /usr/sbin/iptables -A INPUT -i xenbr0 -j xenbr0_in
+ '[' 0 -ne 0 ']'
+ run_iptables -A OUTPUT -o xenbr0 -j xenbr0_out
+ '[' -n '' ']'
+ /usr/sbin/iptables -A OUTPUT -o xenbr0 -j xenbr0_out
iptables: Invalid argument
+ '[' 1 -ne 0 ']'
+ error_message 'ERROR: Command "/usr/sbin/iptables -A' OUTPUT -o xenbr0
-j 'xenbr0_out" Failed'
+ echo ' ERROR: Command "/usr/sbin/iptables -A' OUTPUT -o xenbr0 -j
'xenbr0_out" Failed'
ERROR: Command "/usr/sbin/iptables -A OUTPUT -o xenbr0 -j xenbr0_out"
Failed
+ stop_firewall
+ case $COMMAND in
+ set +x
/sbin/shorewall: line 366: 5707 Terminated
${VARDIR}/.start $debugging start
--------------------------------------------------------------------------------------------------------------------
Best regards,
Aleksander
--
Aleksander Bastl, manager WWW: http://www.bass.si
BASS d.o.o. E-mail: [EMAIL PROTECTED]
Ul. XIV. divizije 14 Tel: +386-34-900-900
SI-3000 Celje Fax: +386-3-425-77-66
Slovenia-Europe
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
