Hi, I''ve this problem: h''m trying to use the knock daemon under bering uclibc 3.x, and after verified the requirements for the package and configured all the configs, if i try to simulate the functionality using this command: shorewall add eth0:195.110.96.67 knock it gives me this error: shorewall add eth0:195.110.96.67 knock /usr/share/shorewall/firewall: /usr/share/shorewall/firewall: 1: validate_hosts_file: not found /usr/share/shorewall/firewall: /usr/share/shorewall/firewall: 1: chain_exists: not found ERROR: Unknown interface eth0 i have a knock zone in the zones files, and an entry in the hosts file like this (knock eth0:0.0.0.0/0) Any suggestions? ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Hi, I''ve this problem: h''m trying to use the knock daemon under bering uclibc 3.x, and after verified the requirements for the package and configured all the configs, if i try to simulate the functionality using this command: shorewall add eth0:195.110.96.67 knock it gives me this error: shorewall add eth0:195.110.96.67 knock /usr/share/shorewall/firewall: /usr/share/shorewall/firewall: 1: validate_hosts_file: not found /usr/share/shorewall/firewall: /usr/share/shorewall/firewall: 1: chain_exists: not found ERROR: Unknown interface eth0 i have a knock zone in the zones files, and an entry in the hosts file like this (knock eth0:0.0.0.0/0) Any suggestions? ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Thu, 2006-08-24 at 10:40 +0200, Giacomo Lancella wrote:> > i have a knock zone in the zones files, and an entry in the hosts file > like this (knock eth0:0.0.0.0/0) > > > Any suggestions?Which version of Shorewall? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
The shorewall version i use is 3.3.2 supplied by leaf bering uClibc 3.x ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Thu, 2006-08-24 at 18:01 +0200, Giacomo Lancella wrote:> The shorewall version i use is 3.3.2 supplied by leaf bering uClibc > 3.xThere is no Shorewall version 3.3.2 What is the output of "shorewall version"? Also, please provide a trace: shorewall trace add eth0:195.110.96.67 knock 2> trace Forward the ''trace'' file (preferably compressed). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Thu, 2006-08-24 at 10:42 +0200, Giacomo Lancella wrote:> > > i have a knock zone in the zones files, and an entry in the hosts file > like this (knock eth0:0.0.0.0/0) > > > Any suggestions?I have two (and you can disregard my last post about a trace, assuming that you are actually running Shorewall version 3.2.2): a) There is a corrected /usr/share/shorewall/firewall script available at http://www1.shorewall.net/pub/shorewall/3.2/shorewall-3.2.2/errata/Shorewall/firewall b) If you have defined knock in /etc/shorewall/hosts the way that you describe then there is no point in adding ANY address through eth0 to knock since knock already contains all hosts routed through that interface. You usually make your dynamic zones empty initially (simply declare them in /etc/shorewall/zones) but don''t mention them in /etc/shorewall/interfaces or /etc/shorewall/hosts). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Hi Tom, sorry i mistyped it, the version is 3.2.2. I''ve attached the output of the trace. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Thu, 2006-08-24 at 22:59 +0200, Giacomo Lancella wrote:> Hi Tom, > > sorry i mistyped it, the version is 3.2.2. I''ve attached the output of > the trace.Hi Giacomo, See my last post on this thread -- I posted a solution for the ''not found'' problems and offered you some configuration advice. Cheers, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642