On 8/13/2014 3:16 PM, PGNd wrote:
>> PHYSICALNAME.patch fixed the specific problem one user was having but
>> broke other working configurations. That having been said, it generated
>> errors in the providers file, not in the masq file. A follow-on patch
>> was committed to the 4.6.2 branch to correct the initial patch.
>
> I'll look for that. I suppose I should also set up to build from git sources
> so I can best test.
>
>> Try 'shorewall trace check -t' and see what that line of text is
>> expanding to. The compiler is parsing 'leaf-1' as the protocol and 'tcp'
>> as the port/service.
>
> Assuming that you wanted
>
> shorewall trace -t <command>
>
> rather than
>
> shorewall trace <command> -t
>
>
> cd /usr/local/etc/shorewall/IPv4
>
> shorewall trace -t reload -s ${TARGET}
> ...
> GS-----> }
> GS----->
> 15:01:35 Compiling /usr/local/etc/shorewall/IPv4/masq...
> IN===> tun1 10.0.11.16 203.0.113.212 tcp 25
> NF-(N)-> nat:tun1_masq
> NF-(A)-> nat:tun1_masq:1 -A tun1_masq -s
> 10.0.11.16 -p 6 --dport 25 -j SNAT --to-source 203.0.113.212 @@@
> /usr/local/etc/shorewall/IPv4/masq:17 @@@
> IN===> EXTIF 10.0.14.106 tcp 25,587
> NF-(N)-> nat:EXTIF_masq
> ERROR: Invalid/Unknown leaf-1 port/service (tcp)
> /usr/local/etc/shorewall/IPv4/masq (line 20) at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Config.pm line 1348.
> Shorewall::Config::fatal_error("Invalid/Unknown leaf-1
> port/service (tcp)") called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 429
> Shorewall::IPAddrs::validate_port(25, "tcp") called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/IPAddrs.pm line 477
> Shorewall::IPAddrs::validate_portpair1(25, "tcp") called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 274
> Shorewall::Nat::process_one_masq1("EXTIF", "10.0.14.106",
> "tcp", 25, "-", "-", "-", "-", "-", ...) called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 390
> Shorewall::Nat::process_one_masq() called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Nat.pm line 403
> Shorewall::Nat::setup_masq() called at
> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Compiler.pm line 818
> Shorewall::Compiler::compiler("script", "./firewall",
> "directory", ".", "verbosity", 1, "timestamp", 1, "debug", ...) called at
> /usr/lib/shorewall/compiler.pl line 152
>
> shorewall trace -t check .
> ...
> GS-----> }
> GS----->
> 15:03:52 Checking /usr/local/etc/shorewall/IPv4/masq...
> IN===> tun1 10.0.11.16 203.0.113.212 tcp 25
> NF-(N)-> nat:tun1_masq
> NF-(A)-> nat:tun1_masq:1 -A tun1_masq -s
> 10.0.11.16 -p 6 --dport 25 -j SNAT --to-source 203.0.113.212 @@@
> /usr/local/etc/shorewall/IPv4/masq:17 @@@
> IN===> EXTIF 10.0.14.106 tcp 25,587Looks like one of your variables is empty! -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
