>> I get the following when trying to start shorewall: >> >> WARNING: Zone loc is empty >> ERROR: Unable to determine the routes through interface "wlan0" >> >> My interfaces file has: >> >> loc wlan0 detect tcpflags,detectnets,nosmurfs >> >> Where do I need to look for my error? > > If you have that line in your interfaces file, then I suspect that: > > a) You are using shorewall-shell.
I'm using Gentoo's /etc/init.d/shorewall. > b) That line is the last line in the file. > c) The line is not terminated by a newline character. This causes the > shell's 'read' built-in command to simply ignore the line. I re-wrote newline characters with the same result, and I do have the commented DO NOT REMOVE line as the last line. > That's why all of the sample configuration files in older versions of > Shorewall end in a line such as: > > #MUST BE LAST -- DO NOT REMOVE > > The ERROR (Unable to determine...) is caused by having a line such as > this in /etc/shorewall/masq: > > ethX wlan0 > > This requires that wlan0 be up and configured when Shorewall starts. In > particular, the command 'ip route ls dev wlan0' must succeed; if it does > not, then you get the error you mention. I think something is wrong with my wlan0. I'm going to try and figure that out. > In Shorewall 4.4, that entry in the masq file generates a WARNING. It is > much preferred to replace wlan0 with the network served by wlan0 (e.g., > 192.168.1.0/24) so that Shorewall will start even if routing is not > configured on the interface. If my router's IP is 192.168.0.1, would I specify 192.168.0.0/24 as the ADDRESS? - Grant ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
