Hi There,
I am having problem with shorewall accounting
I install shorewall 4.0.14.2 via apt-get lenny version
Here is my accounting
#ACTION CHAIN SOURCE DESTINATION PROTOCOL DEST
SOURCE
# PORT PORT
hedges:COUNT - ppp0 10.1.1.5 - - -
hedges:COUNT - 10.1.1.5 ppp0 - - -
DONE hedges
desi:COUNT - ppp0 10.1.1.12 - - -
desi:COUNT - 10.1.1.12 ppp0 - - -
DONE desi
inneke:COUNT - ppp0 10.1.1.11 - - -
inneke:COUNT - 10.1.1.11 ppp0 - - -
DONE inneke
peter:COUNT - ppp0 10.1.1.10 - - -
peter:COUNT - 10.1.1.10 ppp0 - - -
DONE peter
When I start shorewall with accounting, it generate errors:
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Validating Policy file...
Determining Hosts in Zones...
net Zone: ppp0:0.0.0.0/0
loc Zone: eth1:0.0.0.0/0
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
/usr/share/shorewall-shell/compiler: line 286: exists_hedges
=Yes: command not found
/usr/share/shorewall-shell/compiler: line 286: exists_desi
=Yes: command not found
/usr/share/shorewall-shell/compiler: line 286: exists_inneke
=Yes: command not found
/usr/share/shorewall-shell/compiler: line 286: exists_peter
=Yes: command not found
Creating Interface Chains...
Compiling Common Rules
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling /etc/shorewall/rules...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling Traffic Control Rules...
Compiling Rule Activation...
Compiling IP Forwarding...
Shorewall configuration compiled to /var/lib/shorewall/.start
Starting Shorewall....
Initializing...
Clearing Traffic Control/QOS
Deleting user chains...
Enabling Loopback and DNS Lookups
Setting up Accounting...
iptables v1.3.6: multiport needs `-p tcp', `-p udp', `-p sctp' or `-p dccp'
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.6: multiport needs `-p tcp', `-p udp', `-p sctp' or `-p dccp'
Try `iptables -h' or 'iptables --help' for more information.
ERROR: Command "/sbin/iptables -A hedges -i ppp0 -d 10.1.1.5 -m multiport
--sports -
" Failed
IP Forwarding Enabled
Terminated
But if I start shorewall without accounting, everything working OK
What mistake I did?
Thanks for any clue and support
Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now
http://au.docs.yahoo.com/homepageset/?p1=other&p2=au&p3=tagline
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
