On 09/06/2013 07:32 AM, Steve Wray wrote:
> Believe it or not, the firewall is doing something. Mostly its rate
> limiting and sanity checking. We are working toward a more robust
> firewall but our application is pretty sensitive to closed ports and
> doesn't have a connection tracking module. Shorewall is definitely
> helping, even at this stage though, on our other servers. This is the
> only one with any shorewall problem.
>
> Here is the output as requested;
>
> WARNING: Option EXPORTPARAMS=Yes is deprecated
> /etc/shorewall/shorewall.conf (line 168) at
> /usr/share/shorewall/Shorewall/Config.pm line 3601
> Shorewall::Config::process_shorewall_conf(0, 0) called at
> /usr/share/shorewall/Shorewall/Config.pm line 3935
> Shorewall::Config::get_configuration(0, 0, 0) called at
> /usr/share/shorewall/Shorewall/Compiler.pm line 623
> Shorewall::Compiler::compiler('script', '', 'directory',
> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134
> WARNING: RFC1918_LOG_LEVEL=ULOG ignored. The 'norfc1918'
> interface/host option is no longer supported at
> /usr/share/shorewall/Shorewall/Config.pm line 4223
> Shorewall::Config::get_configuration(0, 0, 0) called at
> /usr/share/shorewall/Shorewall/Compiler.pm line 623
> Shorewall::Compiler::compiler('script', '', 'directory',
> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134
> ERROR: Log level INFO requires LOG Target in your kernel and iptables
> at /usr/share/shorewall/Shorewall/Config.pm line 964
> Shorewall::Config::fatal_error('Log level INFO requires LOG
> Target in your kernel and iptables') called at
> /usr/share/shorewall/Shorewall/Config.pm line 3376
> Shorewall::Config::require_capability('LOG_TARGET', 'Log level
> INFO', 's') called at /usr/share/shorewall/Shorewall/Config.pm line 2532
> Shorewall::Config::validate_level('info') called at
> /usr/share/shorewall/Shorewall/Chains.pm line 5174
> Shorewall::Chains::log_rule_limit('info', 'HASH(0xa56eb60)',
> 'sfilter', 'DROP', '', '', 'add', '') called at
> /usr/share/shorewall/Shorewall/Chains.pm line 5256
> Shorewall::Chains::log_rule('info', 'HASH(0xa56eb60)', 'DROP',
> '') called at /usr/share/shorewall/Shorewall/Misc.pm line 713
> Shorewall::Misc::add_common_rules(0) called at
> /usr/share/shorewall/Shorewall/Compiler.pm line 696
> Shorewall::Compiler::compiler('script', '', 'directory',
> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134S_FILTER_LOG_LEVEL defaults to 'info', so you need to change iot. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
