Shorewall users - Dec 2011 - Shorewall 4&6 TC with classify => ERROR: Unknown Class

Hi folks,

I''ve been working on my traffic shaping setup lately and ran into a bit
of a wall when using shorewall6 and TC_ENABLED=Shared with classify mode 
(not packet marks). I''m using shorewall 4.4.25.3-1 from Debian Wheezy.

My setup is as follows:

tcdevices:
eth1.1  -               700kbit         classify

tcclasses:
eth1.1:110              -       4*full/10       full            10      
tcp-ack,tos-minimize-delay
eth1.1:120              -       5*full/10       full            20      
default
eth1.1:130              -       1*full/10       full            30

shorewall/tcrules:
1:110   81.187.55.86    -               udp
1:110   -               81.187.55.86    udp
1:110   -               -               icmp
1:110   81.187.55.94    -               udp     -       27005
1:110   -               81.187.55.94    udp     27005
1:110   -               -               tcp     53
1:110   -               -               udp     53
1:110   -               -               all     -       -       -       
-       :512

1:130   -               -               -       -       -       -       
-       -       Minimize-Cost

shorewall6/tcrules:
1:110   -               -               ipv6-icmp
1:110   -               -               tcp     domain
1:110   -               -               udp     domain
1:110   -               -               tcp     -       domain
1:110   -               -               udp     -       domain
1:110   -               -               all     -       -       -       
-       :512

1:130   -               -               all     -       -       -       
-       -       Minimize-Cost

Shorewall (IPv4) starts up fine. The problem starts when I try to 
check/start shorewall6. When I do this, I get:

ERROR: Unknown Class (1:110)} : /etc/shorewall6/tcrules (line 16)

Am I missing something?

Looking at the code in Perl/Shorewall/Tc.pm, it seems as though the 
%classids hash isn''t populated if TC_ENABLED=Shared. The attached patch
fixes this for me.

Cheers,
Chris

-- 
Chris Boot
bootc@bootc.net



------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d

On Dec 5, 2011, at 11:52 AM, Chris Boot wrote:
> 
> Shorewall (IPv4) starts up fine. The problem starts when I try to
check/start shorewall6. When I do this, I get:
> 
> ERROR: Unknown Class (1:110)} : /etc/shorewall6/tcrules (line 16)
> 
> Am I missing something?
> 
> Looking at the code in Perl/Shorewall/Tc.pm, it seems as though the
%classids hash isn''t populated if TC_ENABLED=Shared. The attached patch
fixes this for me.
> 
Applied.

Thanks, Chris

-Tom

Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________





------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d