gravity paul # /etc/init.d/shorewall start
* Starting firewall ...
WARNING: NAT disabled; masq rule ignored
iptables: No chain/target/match by that name
ERROR: Command "/sbin/iptables -A FORWARD -m state --state
ESTABLISHED,RELATED -j ACCEPT" Failed
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
/sbin/shorewall: line 375: 9373 Terminated ${VARDIR}/.start
$debugging start [ !! ]
gravity linux # lsmod
Module Size Used by
xt_tcpmss 1920 0
xt_tcpudp 2816 0
xt_pkttype 1664 0
iptable_raw 1920 0
xt_CLASSIFY 1664 0
xt_MARK 2048 0
xt_comment 1664 0
xt_length 1792 0
xt_policy 3200 0
xt_multiport 2816 0
iptable_mangle 2176 0
ipt_ULOG 6148 0
ipt_TTL 1920 0
ipt_ttl 1664 0
ipt_TOS 1792 0
ipt_tos 1408 0
ipt_REJECT 3200 0
ipt_recent 7064 0
ipt_owner 1792 0
ipt_LOG 5248 0
ipt_iprange 1664 0
ipt_ECN 2432 0
ipt_ecn 1920 0
ipt_ah 1664 0
ipt_addrtype 1664 0
iptable_filter 2304 1
ip_tables 9032 3 iptable_raw,iptable_mangle,iptable_filter
x_tables 10244 24
xt_tcpmss,xt_tcpudp,xt_pkttype,xt_CLASSIFY,xt_MARK,xt_comment,xt_length,xt_policy,xt_multiport,ipt_ULOG,ipt_TTL,ipt_ttl,ipt_TOS,ipt_tos,ipt_REJECT,ipt_recent,ipt_owner,ipt_LOG,ipt_iprange,ipt_ECN,ipt_ecn,ipt_ah,ipt_addrtype,ip_tables
i915 19840 2
michael_mic 2304 6
ieee80211_crypt_tkip 8960 3
8139cp 16256 0
pcmcia 32936 0
8139too 19072 0
ipw2100 58800 0
yenta_socket 21132 2
rsrc_nonstatic 9728 1 yenta_socket
pcmcia_core 31508 3 pcmcia,yenta_socket,rsrc_nonstatic
gravity linux #
and this is the kernel config
gravity linux # cat .config |grep -i IP_NF
CONFIG_IP_NF_QUEUE=y
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
gravity linux # grep ^[A-Za-z] /etc/shorewall/policy
loc net ACCEPT
loc $FW REJECT info
loc all REJECT info
net $FW DROP info
net loc DROP info
net all DROP info
all all REJECT info
gravity linux # grep ^[A-Za-z] /etc/shorewall/rules
DNS/ACCEPT $FW net
SSH/ACCEPT loc $FW
Ping/ACCEPT loc $FW
Ping/REJECT net $FW
ACCEPT $FW loc icmp
ACCEPT $FW net icmp
gravity linux # grep ^[A-Za-z] /etc/shorewall/interfaces
net eth1 detect
dhcp,tcpflags,routefilter,nosmurfs,logmartians
loc eth0 detect tcpflags,detectnets,nosmurfs
gravity linux # grep ^[A-Za-z] /etc/shorewall/zones
fw firewall
net ipv4
loc ipv4
gravity linux #
so is it a shorewall config problem or is it somewhere else ?
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
