On 7/6/2014 2:45 AM, Lee Brown wrote: > Dear All, > > I could find no reference to SELinux in the documentation to this, > hopefully it helps others. > When I added ipset into the mix and played around from the command > line, everything worked as expected. However during boot, shorewall > complains: > > 00:36:00 ERROR: ipset names in Shorewall configuration files require > Ipset Match in your kernel and iptables /etc/shorewall/rules (line 39) > > And immediately after boot a shorewall start is totally successful. > This is a SELinux enforcement issue in my case: > which may be resolved with: > > semanage fcontext -a -t iptables_exec_t /path/to/ipset > restorecon -v /path/to/ipset > > (you'll need policycoreutils-python installed) > > documented at: > > https://lists.fedoraproject.org/pipermail/selinux/2010-June/012680.html
Thanks Lee. I've added FAQ 103. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
