On 9.6.2011 15:21, Tom Eastep wrote: > On 06/09/2011 06:11 AM, Tom Eastep wrote: >> On 06/09/2011 02:50 AM, Florian Piekert wrote: >>> Hello, >>> >>> I am experiencing problems getting shorewall restarted after today's update >>> to 4.4.20.1 (from the last recent one, 4.4.19something) whereas the former >>> version was not returning any problems. >>> >>> I am running an opensuse 11.4 (patched up-to-date) 64bit (was never an issue >>> until now). >>> >>> shorewall restart yields: >>> ... >>> Running /usr/sbin/iptables-restore... >>> iptables-restore v1.4.10: Couldn't load target >>> `dsl0_fwd':/usr/lib/xtables/libipt_dsl0_fwd.so: cannot open shared object >>> file: No such file or directory >>> >>> Error occurred at line: 113 >>> Try `iptables-restore -h' or 'iptables-restore --help' for more information. >>> ERROR: iptables-restore Failed. Input is in >>> /var/lib/shorewall/.iptables-restore-input >>> Restoring Shorewall... >>> ... >>> IPv4 Forwarding Enabled >>> Processing /etc/shorewall/restored ... >>> Shorewall restored from /var/lib/shorewall/restore >>> /usr/share/shorewall/lib.common: line 69: 20137 Terminated >>> $SHOREWALL_SHELL $script $options $@ >>> >>> >>> Config includes: >>> >>> masq: >>> dsl0 eth_s37_0 >>> >>> zones: >>> fw firewall >>> net >>> loc >>> >>> interfaces: >>> loc eth_s37_0 detect >>> net dsl0 detect >>> net eth_s3_0 detect >>> >>> >>> Any pointers or is this a bug in this new version? >> I would like both Florian and Ivica to: >> >> a) shorewall show -f capabilities> /etc/shorewall/caps >> b) tar -zcf shorewall.tgz /etc/shorewall >> c) Send me the tarball (send it to my email address, not to the list) > One thing you might try in the mean time is to set OPTIMIZE=0. Errors > such as this one are usually caused by a bug in the optimizer. > > -Tom
Hi Tom Thanks for reply, sending it on your mail address in few minutes. Update (hate to update myself ... :) /etc/init.d/shorewall start Compiling... Shorewall configuration compiled to /var/lib/shorewall/.start Starting Shorewall.... iptables: Memory allocation problem. done. iptables: Memory allocation problem. <--- is this one responsable for all the trouble? System log: Jun 9 14:26:23 SERVER root: Shorewall Stopped Jun 9 14:26:34 SERVER kernel: [10347.789389] vmap allocation failed - use vmalloc=<size> to increase size. Jun 9 14:26:34 SERVER kernel: [10347.789396] vmalloc size=796000 start=f77fe000 end=feffe000 node=0 gfp=d2 Jun 9 14:26:34 SERVER kernel: [10347.789401] Pid: 29852, comm: iptables Not tainted 2.6.32.36-0.5-pae #1 Jun 9 14:26:34 SERVER kernel: [10347.789403] Call Trace: Jun 9 14:26:34 SERVER kernel: [10347.789423] [<c02069a1>] try_stack_unwind+0x1b1/0x1f0 Jun 9 14:26:34 SERVER kernel: [10347.789429] [<c020596f>] dump_trace+0x3f/0xe0 Jun 9 14:26:34 SERVER kernel: [10347.789435] [<c02065ab>] show_trace_log_lvl+0x4b/0x60 Jun 9 14:26:34 SERVER kernel: [10347.789440] [<c02065d8>] show_trace+0x18/0x20 Jun 9 14:26:34 SERVER kernel: [10347.789447] [<c05311a9>] dump_stack+0x6d/0x74 Jun 9 14:26:34 SERVER kernel: [10347.789456] [<c02c17e9>] alloc_vmap_area+0x279/0x290 Jun 9 14:26:34 SERVER kernel: [10347.789462] [<c02c18a5>] __get_vm_area_node+0xa5/0x160 Jun 9 14:26:34 SERVER kernel: [10347.789467] [<c02c1c5e>] __vmalloc_node+0x9e/0xd0 Jun 9 14:26:34 SERVER kernel: [10347.789472] [<c02c1f2d>] vmalloc_node+0x2d/0x40 Jun 9 14:26:34 SERVER kernel: [10347.789500] [<f7a6b2b5>] xt_alloc_table_info+0xc5/0xe0 [x_tables] Jun 9 14:26:34 SERVER kernel: [10347.789517] [<f7a7c3c2>] do_replace+0x72/0x150 [ip_tables] Jun 9 14:26:34 SERVER kernel: [10347.789526] [<c04bf90e>] nf_sockopt+0x12e/0x140 Jun 9 14:26:34 SERVER kernel: [10347.789533] [<c04bf973>] nf_setsockopt+0x23/0x30 Jun 9 14:26:34 SERVER kernel: [10347.789538] [<c04cc99d>] ip_setsockopt+0x8d/0xa0 Jun 9 14:26:34 SERVER kernel: [10347.789544] [<c0492f13>] sock_common_setsockopt+0x23/0x30 Jun 9 14:26:34 SERVER kernel: [10347.789552] [<c04909ca>] sys_setsockopt+0x6a/0xc0 Jun 9 14:26:34 SERVER kernel: [10347.789558] [<c04929d4>] sys_socketcall+0x144/0x2c0 Jun 9 14:26:34 SERVER kernel: [10347.789563] [<c0203144>] sysenter_do_call+0x12/0x22 Jun 9 14:26:34 SERVER root: Shorewall started Thanks, regards Ivica ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
