‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On April 16, 2018 12:16 PM, <colony.th...@protonmail.ch> wrote:
> > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On April 16, 2018 11:30 AM, Tom Eastep teas...@shorewall.net wrote: > > > On 04/16/2018 11:03 AM, colony.three--- via Shorewall-users wrote: > > > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > > > > > On April 16, 2018 10:56 AM, Tom Eastep teas...@shorewall.net wrote: > > > > > > > On 04/16/2018 10:50 AM, colony.three--- via Shorewall-users wrote: > > > > > > > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > > > > > > > > > On April 16, 2018 10:42 AM, Tom Eastep teas...@shorewall.net wrote: > > > > > > > > > > > On 04/16/2018 10:24 AM, colony.three--- via Shorewall-users wrote: > > > > > > > > > > > > > Anyone seen this? > > > > > > > > > > > > > > Nov 29 01:42:29 Compiling MAC Filtration -- Phase 2... > > > > > > > > > > > > > > Nov 29 01:42:29 Applying Policies... > > > > > > > > > > > > > > Nov 29 01:42:29 Compiling /usr/share/shorewall/action.Broadcast > > > > > > > for > > > > > > > > > > > > > > chain Broadcast... > > > > > > > > > > > > > > Nov 29 01:42:29 ERROR: Invalid parameter (DROP),Multicast(DROP) > > > > > > > > > > > > > > /usr/share/shorewall/action.Broadcast (line 1) > > > > > > > > > > > > > > from (line EOF) > > > > > > > > > > > > > > shorewall version > > > > > > > ================= > > > > > > > > > > > > > > 5.0.15.6 > > > > > > > > > > > > Don't see why you would be getting that message on 5.0.15.6. What > > > > > > does > > > > > > > > > > > > your /usr/share/shorewall/action.Broadcast look like? > > > > > > > > What is your setting of DROP_DEFAULT in shorewall.conf? > > > > > > > > -Tom > > > > > > DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" > > > > > > I didn't change it, but commenting it out does not help. Same with the > > > other settings which specify (DROP),Multicast(DROP). > > > > > > I do have a restrictive sysctl, if that makes any difference. It's > > > working fine on all my other (CentOS7.4) machines. (attached) > > > > Those setting are not valid on 5.0.15.6. The ability to list multiple > > > > actions wasn't introduced until Shorewall 5.1.2. > > > > -Tom > > Oh, Ok. I'd grafted in my config from CentOS to the Pi. > > Thanks Tom. Except same error, now that I've replaced those stanzas with: ACCEPT_DEFAULT="none" DROP_DEFAULT=Drop NFQUEUE_DEFAULT="none" QUEUE_DEFAULT="none" REJECT_DEFAULT=Reject I'd copied the whole /etc/shorewall directory from CentOS to Raspbian. I only find the bad stanzas in shorewall.conf but they're commented out now yet I get the same error. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
