I installed the cvs update from yesterday (9/20) with the tcrules icmp fix.
Shorewall refuses to start when it hits the case statement at 2835.
It reports too many arguments in statement and that it is missing a
'']''
Here is the code segment:
multiport
case $proto in
ipp2p|IPP2P)
[ "x$port" = "x-" ] && port="ipp2p"
r="${r}-p tcp -m ipp2p --${port} "
     ;;
icmp|ICMP|1)
r="${r}-p icmp "
[ "x$port" Â = "x-" ] || r="${r}--icmp-type
$port"
;;
*)
[ "x$proto" Â = "x-" Â ] && proto=all
[ "x$proto" Â = "x" Â ] && proto=all
[ "$proto" Â = "all" ] || r="${r}-p $proto "
[ "x$port" Â = "x-" Â ] || r="${r}--dport $port
"
;;
esac
This code segment will start (from 2.4.4 tar file)
It does not have the icmp update.
if [ "x$proto" = xipp2p ]; then
[ "x$port" = "x-" ] && port="ipp2p"
r="${r}-p tcp -m ipp2p --${port} "
else
[ "x$proto" = "x-" ] && proto=all
[ "x$proto" = "x" ] && proto=all
[ "$proto" = "all" ] || r="${r}-p $proto "
[ "x$port" = "x-" ] || r="${r}--dport $port
"
fi
[ "x$sport" = "x-" ] || r="${r}--sport $sport "
run_iptables2 -t mangle -A $chain $r -j $target $mark
}
What is this character? : it looks like a capitol A in VI but  on a
windows box?
I have not tested with this removed but I think this could be the problem?
I am using bash 2.05b on Slackware.
Thanks
--John Hill
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache''s Geronimo App Server.
Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
On Wednesday 21 September 2005 11:52, John Hill wrote:> I installed the cvs update from yesterday (9/20) with the tcrules icmp fix. > > Shorewall refuses to start when it hits the case statement at 2835.Thanks -- don''t know what happened there but I''m trying a different text editor that is easier on my arthritic hands than emacs is (avoids the need for control sequences). Looks like I''m not quite up to speed on it yet. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
NO problem. BTW this was in CVS 2.4.4. I''m a bit confused. I thought 2.4.4 was stable. After looking at the CVS site, I found 2.5.5 ( different code than what is in question) and 2.5.6 ( same code). 2.4.3 is the listed release? I use the provider config to balance 2 isp''s. I also use the tcrules config to force protocols out desired ports. What version should I use that is stable that supports this? Thanks --john> -----Original Message----- > From: shorewall-users-admin@lists.sourceforge.net > [mailto:shorewall-users-admin@lists.sourceforge.net] On > Behalf Of Tom Eastep > Sent: Wednesday, September 21, 2005 2:13 PM > To: shorewall-users@lists.sourceforge.net > Subject: Re: [Shorewall-users] Shorewall 2.4.4 CVS last night error > > On Wednesday 21 September 2005 11:52, John Hill wrote: > > I installed the cvs update from yesterday (9/20) with the > tcrules icmp fix. > > > > Shorewall refuses to start when it hits the case statement at 2835. > > Thanks -- don''t know what happened there but I''m trying a > different text > editor that is easier on my arthritic hands than emacs is > (avoids the need > for control sequences). Looks like I''m not quite up to speed > on it yet. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key >------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
On Wednesday 21 September 2005 12:27, John Hill wrote:> NO problem. > > BTW this was in CVS 2.4.4. > > I''m a bit confused. I thought 2.4.4 was stable.It is.> After looking at the CVS > site, I found 2.5.5 ( different code than what is in question) and 2.5.6 ( > same code).2.5 is the Development release.> 2.4.3 is the listed release?Listed where?> > I use the provider config to balance 2 isp''s. I also use the tcrules config > to force protocols out desired ports. > What version should I use that is stable that supports this?2.4.4 -- but if you download from CVS you get what you get. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
> 2.5 is the Development release. > > > 2.4.3 is the listed release? > > Listed where?http://sourceforge.net/projects/shorewall> > > > > I use the provider config to balance 2 isp''s. I also use > the tcrules config > > to force protocols out desired ports. > > What version should I use that is stable that supports this? > > 2.4.4 -- but if you download from CVS you get what you get. >2.4.4 tar works fine. I''ll check later with 2.4.4 cvs about the icmp fix? Good to see you are still around. FYI: Shorewall is hands down the best IPTABLES configuration tool I have found. I''m not the sharpest iptables user, Shorewall makes it happen for me. Thanks --John ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
On Wednesday 21 September 2005 12:27, John Hill wrote:> NO problem. > > BTW this was in CVS 2.4.4. >Shorewall-2_4_4 is a tag that corresponds to the Shorewall 2.4.4 release. The content of the files with that tag is fixed and doesn''t change. SHOREWALL_2_4 is a CVS branch which contains the latest code that will eventually be released (in this case as 2.4.5). That branch is dynamic and isn''t recommended for general use because it may not have been throughly tested yet. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Wednesday 21 September 2005 12:45, John Hill wrote:> > 2.5 is the Development release. > > > > > 2.4.3 is the listed release? > > > > Listed where? > > http://sourceforge.net/projects/shorewall >Damn! I wish I''d never heard of Sourceforge. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Got it. Some software sites I deal with use the stable number ie 2.4 as a way to send bug fixes for the stable release. Not a problem. Thanks Again --john> -----Original Message----- > From: shorewall-users-admin@lists.sourceforge.net > [mailto:shorewall-users-admin@lists.sourceforge.net] On > Behalf Of Tom Eastep > Sent: Wednesday, September 21, 2005 3:08 PM > To: shorewall-users@lists.sourceforge.net > Subject: Re: [Shorewall-users] Shorewall 2.4.4 CVS last night error > > On Wednesday 21 September 2005 12:27, John Hill wrote: > > NO problem. > > > > BTW this was in CVS 2.4.4. > > > > Shorewall-2_4_4 is a tag that corresponds to the Shorewall > 2.4.4 release. The > content of the files with that tag is fixed and doesn''t > change. SHOREWALL_2_4 > is a CVS branch which contains the latest code that will > eventually be > released (in this case as 2.4.5). That branch is dynamic and isn''t > recommended for general use because it may not have been > throughly tested > yet. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key >------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
On Wednesday 21 September 2005 13:22, John Hill wrote:> Got it. > > Some software sites I deal with use the stable number ie 2.4 as a way to > send bug fixes for the stable release. > > Not a problem.You will find bug fixes on all of the sites EXCEPT SOURCEFORGE in an ''errata'' sub-directory within the release''s directory. For example, bug fixes for 2.4.4 may be found in http://www.shorewall.net/pub/shorewall/2.4/shorewall-2.4.4/errata. A description of the known problems in 2.4.4 is at http://www.shorewall.net/pub/shorewall/2.4/shorewall-2.4.4/known_problems.txt. You will note that the tcrules icmp change is not found in either place. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key