Hello all,
I''ve recently upgraded a Suse 9.1 box to Suse 9.2 (reinstall
actually). This is mainly a test server that I use for testing our
device with nat/snat etc. I just got around to reinstalling Shorewall
2.2.4, and I''m having an odd problem at startup I was hoping someone
could perhaps shed some light on.
I''ve created a very basic setup just to get Shorewall reinstalled,
then I was going to tweak it from there. During startup, all goes fine
until it gets to the "rules" file, then the follow message is
displayed:
-------------------------------
Masqueraded Networks and Hosts:
Processing /etc/shorewall/tos...
Processing /etc/shorewall/ecn...
Activating Rules...
Bad argument `10net0net_ipsec_options''
Try `iptables -h'' or ''iptables --help'' for more
information.
ERROR: Command "/usr/sbin/iptables -A 0net_hosts_fwd -s 0net_hosts -m
policy --pol ipsec --dir in 10net0net_ipsec_options
10net0net_ipsec_in_options -j 10net_frwd" Failed
Processing /etc/shorewall/stop ...
Disabling IPV6...
-------------------------------
"tunnels" and "ipsec" are both empty, as is the
"rules" file at the
moment.
I have "zones" and "interfaces" setup.
------------ zones -------------
#ZONE DISPLAY COMMENTS
10net 10net 10.10/16 network
20net 20net 192.168.20/24 Corp nework
17220 17220 172.20.1/24 WIFI test network
17230 17230 172.30.1/24 WIFI test network
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT
REMOVE--------------------------------
--------- interfaces -----------
#ZONE INTERFACE BROADCAST OPTIONS
#
10net eth0 10.10.255.255 dhcp
20net eth1 192.168.20.255 dhcp
17220 eth2 172.20.1.255 dhcp
17230 eth3 172.30.1.255 dhcp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
--------------------------------
I also have "masq" setup:
-------------- masq -------------
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
eth0 eth2
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
---------------------------------
I have no IPSEC or VPN configure setup in shorewall on this system, nor
do I need any. Anyone seen this before?
Misc info below:
----------------------------
Linux spong 2.6.8-24.14-default #1 Tue Mar 29 09:27:43 UTC 2005 i686
athlon i386 GNU/Linux
iptables v1.2.11
shorewall version (installed via noarch rpn)
2.2.4
----------------------------
Thanks in advance,
Kevin.