-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 12/09/2016 09:49 AM, Csányi Pál wrote: > Hi Tomas, > > 2016-12-09 11:57 GMT+01:00 Thomas Deutschmann <[email protected]>: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 >> >> Hi, >> >> On 2016-12-09 09:41, Csányi Pál wrote: >>> Hi, >>> >>> I'm running Shorewall 5.0.11 on Gentoo linux system. This is on >>> my laptop. >>> >>> Today I realize that that I can't start shorewall service on >>> my system. >>> >>> I recently build my new kernel: 4.4.26-gentoo #1 SMP >>> >>> [..,] >>> >>> I am trying to follow this: >>> http://www.shorewall.net/troubleshoot.htm >>> >>> Here I found that that maybe the cause of this error is the >>> REJECT support in kernel. In the >>> /var/lib/shorewall/.iptables-restore-input file at line 195 is >>> only: COMMIT >> >> Have you tried running `shorewall debug restart` like written in >> the troubleshooting guide? This should show you exactly the rule >> which is failing. > > I just run it and get that rule: > > iptables: No chain/target/match by that name. ERROR: Command > "/sbin/iptables --wait -t filter -A INPUT -j LOG --log-level 6 > --log-prefix "Shorewall:INPUT:REJECT:"" Failed > >> If you think this is related to REJECT target, check if >> "ipt_REJECT" kernel module is loaded using "lsmod". > > nf_reject_ipv4 16384 1 ipt_REJECT > > so I think the ipt_REJECT kernel module is loaded. > > I'm running syslog-ng. In it's log I find aonly two lines when > started Shorewall: ec 9 18:48:01 cspg pali[5475]: ERROR:Shorewall > start failed Dec 9 18:48:01 cspg pali[5502]: Shorewall Stopped > >
Your kernel doesn't have logging support. - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYSu/+AAoJEJbms/JCOk0Q/AsP/1fpxLi42kdWq2V0q/CVhbhK 1aqoW2qrsGTpSQmFW9da8+IFhnnIfKmRhBmDHJYI9S2sXGwr3HLr57Rcf0Y5mKW/ FSWfNFJA8OV4WwTscQEo6R6COsb2LvasYo/OjUPG5ZO5NvdRfaXvjIzcV8iY7+wt tkrboD57J1gDzT850Wxi5/UmOSbUxZSfCMr9ffTN30TuyHXMJqML8ORiQfcVs0i2 GMAd+imQPC1LSyUH0JLGgmTNyfEPbHOaJeeqGv0ZJceJhEwXYY8SqGNOTovbVG1I a4dr+YdAwt3AFViZ0jcbKzYPSSNecxobqAT1IK/5t4HZE9Q2HuEYeCnmLO+BmTgT FuBb+6kqFACdfUw8U9Rrq88Oht9LQdeh2TeIuDh+vi1GrpoKni1PN3WAxp658o/w xRIRXyIdueHss7Yp9CuzqRF502n4FRqvC4DDLvENlFAc0FZTpbKWcu8kWF4m938/ idEJS1Xy6IqLt83G3cFMeMfyKUkPvpPtOGLNFv07MJTz81toSa6iPU16BVeGkkoH p7YP523v4xUrfZL0R99vS59au787vQE8jXIecCtUW85FNhc/ozIfMX/3Uq36yFqm UW4SGpkE+38Nr9MQKzR9hCkKjn/ch2vIFJr96J9J6FKznQj37VbtCPGyaWmSOQHU 6TrxftWuTOHDPN8Orfvw =x5xQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
