That's exactly the issue. It seems that on the update to Ubuntu 19.10, the version of libvirt also got bumped up and this chain seems to be something new created by it. What seems to be happening is that Shorewall is ignoring all the libvirt-created chains on bootup, except this one. So it removes the chain, but doesn't remove the reference to it. Thus, when trying to do the restore portion of the new rule creation, this chain is referenced even though it no longer exists b/c shorewall itself clobbered it. Not sure if this is by design, an oversight, or a bug. But if shorewall clobbers existing chains then it should make sure to not reference them further during rule construction, or vice-versa (if it's going to reference them, it should make sure they're preserved!). Cheers.
On Sat, 2020-02-15 at 18:14 -0600, Justin Pryzby wrote: > On Sat, Feb 15, 2020 at 05:20:41PM -0600, Diego Rivera wrote: > > Running /sbin/iptables-restore --wait 60...iptables-restore v1.8.3 > > (legacy): Couldn't load > > target `LIBVIRT_PRT':No such file or > > directory > > Error > > occurred at line: 19Try `iptables-restore -h' or 'iptables-restore --help' > > for > > more information. ERROR: > > /sbin/iptables-restore --wait 60 > > Failed. > > This error is coming from iptables-restore. > LIBVIRT_PRT doesn't seem to be a part of shorewall. > It looks like the error may be with libvirt ? -- Diego Rivera
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
