Thanks Tom, after copying the correct capabilities file everything works just fine!
Greetings Alex -----Ursprüngliche Nachricht----- Von: Tom Eastep [mailto:[email protected]] Gesendet: Dienstag, 15. November 2011 15:44 An: Shorewall Users Betreff: Re: [Shorewall-users] shorewall bridging firewall set up On Tue, 2011-11-15 at 14:29 +0000, [email protected] wrote: > But I'm actually getting another error: > > I'm running Centos 5.7 with iptables 1.3.5 And while compiling on the > management system with the command: > Shorewall load firewallDNSname I really recommend running 'shorewall check .' until you get the configuration clean. > > I receive the error: > ERROR: Your iptables is not recent enough to support bridge ports : > /opt/shwallexport/fw01/interface (line 233) You generate the capabilities file on the *firewall* system, and it is that system's iptables that is missing the "Repeat match" capability. In the capabilities file, it is listed as KLUDGEFREE. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
