Hello, Is there a way to run shorewall writing a debug to a file this is because alter working for about 5 minutes shorewall stops suddenly, with no apparent reason. Fernando Rodriguez V. frod@aitelecom.net
Sorry my shorewall version is 3.0.5 On a FC1 machine .. _____ De: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] En nombre de Fernando Rodriguez Enviado el: Martes, 21 de Febrero de 2006 01:56 p.m. Para: shorewall-users@lists.sourceforge.net Asunto: [Shorewall-users] Shorewall Stopping Hello, Is there a way to run shorewall writing a debug to a file this is because alter working for about 5 minutes shorewall stops suddenly, with no apparent reason. Fernando Rodriguez V. frod@aitelecom.net
On Tuesday 21 February 2006 11:55, Fernando Rodriguez wrote:> Hello, > > Is there a way to run shorewall writing a debug to a file this is because > alter working for about 5 minutes shorewall stops suddenly, with no > apparent reason.Your problem has nothing to do with Shorewall. Once "shorewall start" completes there is no Shorewall code running in your system whatsoever. If if it stops working after a few minutes, Shorewall isn''t the cause. Please give us the full details of what you are seeing and we;ll try to help. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
I run shorewall start Everything seems to work no problem 5 minutes or so after everything stops working I run Shorewall status Shorewall is stopped State:Started (Tue Feb 21 13:50:50 GMT-6 2006) That''s as far as I can see regarding Shorewall So I run Shorewall start And it runs perfectly again Or maybe I neet to log iptables or something that might be caising this problem .. Thanks -----Mensaje original----- De: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] En nombre de Tom Eastep Enviado el: Martes, 21 de Febrero de 2006 02:15 p.m. Para: shorewall-users@lists.sourceforge.net Asunto: Re: [Shorewall-users] Shorewall Stopping On Tuesday 21 February 2006 11:55, Fernando Rodriguez wrote:> Hello, > > Is there a way to run shorewall writing a debug to a file this is because > alter working for about 5 minutes shorewall stops suddenly, with no > apparent reason.Your problem has nothing to do with Shorewall. Once "shorewall start" completes there is no Shorewall code running in your system whatsoever. If if it stops working after a few minutes, Shorewall isn''t the cause. Please give us the full details of what you are seeing and we;ll try to help. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
On Tuesday 21 February 2006 12:25, Fernando Rodriguez wrote:> I run shorewall start > > Everything seems to work no problem > > 5 minutes or so after everything stops working > > I run Shorewall status > > Shorewall is stopped > State:Started (Tue Feb 21 13:50:50 GMT-6 2006) > > That''s as far as I can see regarding Shorewall > > So I run Shorewall start > > And it runs perfectly again > > Or maybe I neet to log iptables or something that might be caising this > problem ..Something in your system is clearing Netfilter. I suspect that your DHCP client is running a script on lease renewal that is causing this to happen. Another possiblility is that you have a frequently-running cron job that is clearing Netfilter. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Tuesday 21 February 2006 12:31, Tom Eastep wrote:> > Something in your system is clearing Netfilter. I suspect that your DHCP > client is running a script on lease renewal that is causing this to happen. > Another possiblility is that you have a frequently-running cron job that is > clearing Netfilter.You might check the list archives -- someone else had a similar problem a while back (only the problem happened every 12 hours or so IIRC) -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Fernando Rodriguez wrote:> Sorry my shorewall version is > > 3.0.5 > On a FC1 machine .. >aditinnaly.. Fedora COre 1 is unsupported software.. but looks like some thing is clearing netfilter, not a shorewall problem.
It seemed to be a problem with an upgrade of portsentry in /etc/cron.d/portsentry. That cleared the blocked hosts every 20 minutes .. Thanks For your support ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
Cristian Rodriguez wrote:> Fernando Rodriguez wrote: >>Sorry my shorewall version is >> >>3.0.5 >>On a FC1 machine .. >> > aditinnaly.. Fedora COre 1 is unsupported software..Does it somehow not meet the "Cristian''s approved distros" criteria? ;-) Paul ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
Paul Gear wrote:> Cristian Rodriguez wrote: >> Fernando Rodriguez wrote: >>> Sorry my shorewall version is >>> >>> 3.0.5 >>> On a FC1 machine .. >>> >> aditinnaly.. Fedora COre 1 is unsupported software.. > > Does it somehow not meet the "Cristian''s approved distros" criteria? ;-) >Im refering to official vendor support.. ;-)