> PHYSICALNAME.patch fixed the specific problem one user was having but
> broke other working configurations. That having been said, it generated
> errors in the providers file, not in the masq file. A follow-on patch
> was committed to the 4.6.2 branch to correct the initial patch.
I'll look for that. I suppose I should also set up to build from git sources
so I can best test.
> Try 'shorewall trace check -t' and see what that line of text is
> expanding to. The compiler is parsing 'leaf-1' as the protocol and 'tcp'
> as the port/service.
Assuming that you wanted
shorewall trace -t <command>
rather than
shorewall trace <command> -t
cd /usr/local/etc/shorewall/IPv4
shorewall trace -t reload -s ${TARGET}
...
GS-----> }
GS----->
15:01:35 Compiling /usr/local/etc/shorewall/IPv4/masq...
IN===> tun1 10.0.11.16 203.0.113.212 tcp 25
NF-(N)-> nat:tun1_masq
NF-(A)-> nat:tun1_masq:1 -A tun1_masq -s
10.0.11.16 -p 6 --dport 25 -j SNAT --to-source 203.0.113.212 @@@
/usr/local/etc/shorewall/IPv4/masq:17 @@@
IN===> EXTIF 10.0.14.106 tcp 25,587
NF-(N)-> nat:EXTIF_masq
ERROR: Invalid/Unknown leaf-1 port/service (tcp)
/usr/local/etc/shorewall/IPv4/masq (line 20) at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Config.pm line 1348.
Shorewall::Config::fatal_error("Invalid/Unknown leaf-1
port/service (tcp)") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 429
Shorewall::IPAddrs::validate_port(25, "tcp") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 477
Shorewall::IPAddrs::validate_portpair1(25, "tcp") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 274
Shorewall::Nat::process_one_masq1("EXTIF", "10.0.14.106",
"tcp", 25, "-", "-", "-", "-", "-", ...) called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 390
Shorewall::Nat::process_one_masq() called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 403
Shorewall::Nat::setup_masq() called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Compiler.pm line 818
Shorewall::Compiler::compiler("script", "./firewall",
"directory", ".", "verbosity", 1, "timestamp", 1, "debug", ...) called at
/usr/lib/shorewall/compiler.pl line 152
shorewall trace -t check .
...
GS-----> }
GS----->
15:03:52 Checking /usr/local/etc/shorewall/IPv4/masq...
IN===> tun1 10.0.11.16 203.0.113.212 tcp 25
NF-(N)-> nat:tun1_masq
NF-(A)-> nat:tun1_masq:1 -A tun1_masq -s
10.0.11.16 -p 6 --dport 25 -j SNAT --to-source 203.0.113.212 @@@
/usr/local/etc/shorewall/IPv4/masq:17 @@@
IN===> EXTIF 10.0.14.106 tcp 25,587
NF-(N)-> nat:EXTIF_masq
ERROR: Invalid/Unknown leaf-1 port/service (tcp)
/usr/local/etc/shorewall/IPv4/masq (line 20) at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Config.pm line 1348.
Shorewall::Config::fatal_error("Invalid/Unknown leaf-1
port/service (tcp)") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 429
Shorewall::IPAddrs::validate_port(25, "tcp") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 477
Shorewall::IPAddrs::validate_portpair1(25, "tcp") called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 274
Shorewall::Nat::process_one_masq1("EXTIF", "10.0.14.106",
"tcp", 25, "-", "-", "-", "-", "-", ...) called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 390
Shorewall::Nat::process_one_masq() called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 403
Shorewall::Nat::setup_masq() called at
/usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Compiler.pm line 818
Shorewall::Compiler::compiler("script", "", "directory",
"/usr/local/etc/shorewall/IPv4", "verbosity", 1, "timestamp", 1, "debug", ...)
called at /usr/lib/shorewall/compiler.pl line 152
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
