On 8/13/10 9:49 PM, Hellmut Tümmler wrote:
> Hi Tom,
>
> trying the port forwarding/NAT as discribed in
> shorewall-4.4.11.2/html/FAQ.htm#DNS-DNAT
>
> #shorewall version
> 4.4.11.2
>
> #grep PPP /etc/shorewall/rules
> DNAT loc loc:10.10.1.55 tcp www - $PPP0_IP
>
> #grep PPP /etc/shorewall/init
> PPP0_IP=`find_first_interface_address ppp0`
>
>
> The method works fine when PPP0_IP is set from the params file, but fails on
> 'shorewall restart' if tried from the init script
>
>
> #shorewall trace restart
> ...snip...
> GS-----> run_init_exit() {
> GS----->
> GS-----> progress_message2 Processing /etc/shorewall/init ...
> GS----->
> GS-----> #
> GS-----> # Shorewall version 4 - Init File
> GS-----> #
> GS-----> # /etc/shorewall/init
> GS-----> #
> GS-----> # Add commands below that you want to be executed at the
> beginning of
> GS-----> # a "shorewall start" or "shorewall restart" command.
> GS-----> #
> GS-----> # For additional information, see
> GS-----> # http://shorewall.net/shorewall_extension_scripts.htm
> GS-----> #
> GS----->
> ###############################################################################
> GS----->
> GS-----> echo 1 > /proc/sys/net/ipv4/tcp_syncookies
> GS----->
> GS-----> PPP0_IP=`find_first_interface_address ppp0`
> GS----->
> GS----->
> ###############################################################################
> GS-----> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
> GS-----> }
>
> ...snip...
>
> ERROR: Undefined shell variable ($PPP0_IP) : /etc/shorewall/rules (line
> 101)
> at /usr/share/shorewall/Shorewall/Config.pm line 792
> Shorewall::Config::fatal_error('Undefined shell variable ($PPP0_IP)')
> called at /usr/share/shorewall/Shorewall/Config.pm line 1843
> Shorewall::Config::read_a_line() called at
> /usr/share/shorewall/Shorewall/Rules.pm line 1639
> Shorewall::Rules::process_rules() called at
> /usr/share/shorewall/Shorewall/Compiler.pm line 740
> Shorewall::Compiler::compiler('script',
> '/var/lib/shorewall/.restart',
> 'directory', '', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
> /usr/share/shorewall/compiler.pl line 111
>
>
> need more info?No - that section of the FAQ is in error. You should be using the technique described in http://www.shorewall.net/CompiledPrograms.html#Converting I'll correct the FAQ. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
