Public bug reported:
Binary package hint: shorewall
I was trying to do simple traffic shapping my computer through
Shorewall. I noticed that Hardy is, currently, unable to achieve such
task due to bug #194623. After disabling TC in shorewall.conf
'TC_ENABLED=No', Shorewall was still unable to start sucessfully,
issuing the following message on the log file:
...
15:17:25 Running /sbin/iptables-restore...
iptables-restore v1.3.8: Multiple `!' flags not allowed
Error occurred at line: 24
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
ERROR: iptables-restore Failed. Input is in
/var/lib/shorewall/.iptables-restore-input
...
Digging a little on the specified file - .iptables-restore-input -, I
discevered that the error was related to the following rule I've created
in 'tcrules' file:
1 $FW 0.0.0.0/0 tcp 22 - ivo+ssh
Removing the program setting from the line allowed Shorewall to startup
fine. I'm not sure this funcionallity is still working on latest kernel,
but the compiler let it pass and, furthermore, the error seems unrelated
to the kernel. This is the line I suppose generated the error message:
-A tcout -p 6 --dport 22 -m owner ! --cmd-owner ivo ! --uid-owner ! -j
MARK --set-mark 1
Removing the program setting also removed this line from .iptables-
restore-input file, so I think this is a compiler-related problem.
** Affects: shorewall (Ubuntu)
Importance: Undecided
Status: New
--
setting specific command on tcrules user field prevents firewall start
https://bugs.launchpad.net/bugs/239822
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
