>>>> I get the following when trying to start shorewall:
>>>>
>>>> WARNING: Zone loc is empty
>>>> ERROR: Unable to determine the routes through interface "wlan0"
>>>>
>>>> My interfaces file has:
>>>>
>>>> loc wlan0 detect tcpflags,detectnets,nosmurfs
>>>>
>>>> Where do I need to look for my error?
I'm having another crack at this.
>>> If you have that line in your interfaces file, then I suspect that:
>>>
>>> a) You are using shorewall-shell.
>>
>> I'm using Gentoo's /etc/init.d/shorewall.
>
> Uh -- Please type 'shorewall version -a'. That command will tell you
> what version of Shorewall you are using and which Shorewall product (if
> you are running Shorewall 4.0 or 4.2).
# shorewall version -a
3.4.8
>>> b) That line is the last line in the file.
>>> c) The line is not terminated by a newline character. This causes the
>>> shell's 'read' built-in command to simply ignore the line.
>>
>> I re-wrote newline characters with the same result, and I do have the
>> commented DO NOT REMOVE line as the last line.
>>
>
> Does the prior line end in a comment with '\' as the last character on
> the line? Might be helpful if you would attached your
> /etc/shorewall/interfaces file.
#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect
tcpflags,routefilter,nosmurfs,logmartians
loc wlan0 detect tcpflags,detectnets,nosmurfs
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
>>> That's why all of the sample configuration files in older versions of
>>> Shorewall end in a line such as:
>>>
>>> #MUST BE LAST -- DO NOT REMOVE
>>>
>>> The ERROR (Unable to determine...) is caused by having a line such as
>>> this in /etc/shorewall/masq:
>>>
>>> ethX wlan0
>>>
>>> This requires that wlan0 be up and configured when Shorewall starts. In
>>> particular, the command 'ip route ls dev wlan0' must succeed; if it does
>>> not, then you get the error you mention.
# ip route ls dev wlan0
# /etc/init.d/shorewall restart
* Restarting firewall ...
WARNING: Zone loc is empty
Shorewall is not running
ERROR: Unable to determine the routes through interface "wlan0"
/sbin/shorewall: line 665: 4862 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging re [ !! ]
It looks like the command executes without error, but I can't seem to
start shorewall. Could there still be a problem with wlan0, or does
'ip route ls dev wlan0' executing confirm all is well?
- Grant
> -Tom
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
