Grant wrote: > > I get the following when trying to start shorewall: > > WARNING: Zone loc is empty > ERROR: Unable to determine the routes through interface "wlan0" > > My interfaces file has: > > loc wlan0 detect tcpflags,detectnets,nosmurfs > > Where do I need to look for my error?
If you have that line in your interfaces file, then I suspect that: a) You are using shorewall-shell. b) That line is the last line in the file. c) The line is not terminated by a newline character. This causes the shell's 'read' built-in command to simply ignore the line. That's why all of the sample configuration files in older versions of Shorewall end in a line such as: #MUST BE LAST -- DO NOT REMOVE The ERROR (Unable to determine...) is caused by having a line such as this in /etc/shorewall/masq: ethX wlan0 This requires that wlan0 be up and configured when Shorewall starts. In particular, the command 'ip route ls dev wlan0' must succeed; if it does not, then you get the error you mention. In Shorewall 4.4, that entry in the masq file generates a WARNING. It is much preferred to replace wlan0 with the network served by wlan0 (e.g., 192.168.1.0/24) so that Shorewall will start even if routing is not configured on the interface. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
