<html><div style=''background-color:''><DIV>Hello everyone -</DIV> <DIV> </DIV> <DIV>I''m getting this error after "Adding Common rules."</DIV> <DIV>I''m running RH 8.0 latest kernel which is linux-2.4.18-18.8.0. I''m running 1.2.7a iptables.</DIV> <DIV>Has anyone seen this error! I have check the shorewall sire but nothing pertaing to this error.</DIV> <DIV> </DIV> <DIV>Dec 19 06:43:23 dem shorewall: Ipsecgw Zone: ipsec0:0.0.0.0/0<BR>Dec 19 06:43:24 dem shorewall: Deleting user chains...<BR>Dec 19 06:43:24 dem shorewall: Creating input Chains...<BR>Dec 19 06:43:24 dem shorewall: Configuring Proxy ARP<BR>Dec 19 06:43:24 dem shorewall: Setting up NAT...<BR>Dec 19 06:43:24 dem shorewall: Adding Common Rules<BR>Dec 19 06:43:24 dem shorewall: iptables: Invalid argument<BR>Dec 19 06:43:25 dem logger: Shorewall Stopped</DIV> <DIV> </DIV> <DIV>Thanks</DIV> <DIV>hallian</DIV></div><br clear=all><hr>MSN 8 helps <a href="http://g.msn.com/8HMTEN/2020">ELIMINATE E-MAIL VIRUSES. </a> Get 2 months FREE*.</html>
Hi Hallian, Am Mit, 2002-12-18 um 07.16 schrieb hallian hallian:> Hello everyone - > > I''m getting this error after "Adding Common rules." > I''m running RH 8.0 latest kernel which is linux-2.4.18-18.8.0. I''m > running 1.2.7a iptables. > Has anyone seen this error! I have check the shorewall sire but > nothing pertaing to this error. > > Dec 19 06:43:23 dem shorewall: Ipsecgw Zone: ipsec0:0.0.0.0/0 > Dec 19 06:43:24 dem shorewall: Deleting user chains... > Dec 19 06:43:24 dem shorewall: Creating input Chains... > Dec 19 06:43:24 dem shorewall: Configuring Proxy ARP > Dec 19 06:43:24 dem shorewall: Setting up NAT... > Dec 19 06:43:24 dem shorewall: Adding Common Rules > Dec 19 06:43:24 dem shorewall: iptables: Invalid argument > Dec 19 06:43:25 dem logger: Shorewall Stoppedseems that there is missing something in your kernel (iptables section) needed by shorewall. HTH Dennis Borngräber
--On Wednesday, December 18, 2002 01:16:35 AM -0500 hallian hallian <hallian@hotmail.com> wrote:> > > Hello everyone - > > I''m getting this error after "Adding Common rules." > I''m running RH 8.0 latest kernel which is linux-2.4.18-18.8.0. I''m > running 1.2.7a iptables. Has anyone seen this error! I have check the > shorewall sire but nothing pertaing to this error.Do did you follow the instructions at http://shorewall.sf.net/troubleshoot.htm under "If the firewall fails to start"? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Wednesday, December 18, 2002 07:23:15 AM -0800 Tom Eastep <teastep@shorewall.net> wrote:> > Do did you follow the instructions...Hmmm - I''m typing well this morning. Should have been "So did you follow...". -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Wednesday, December 18, 2002 01:16:35 AM -0500 hallian hallian <hallian@hotmail.com> wrote:> > I''m running RH 8.0 latest kernel which is linux-2.4.18-18.8.0. I''m > running 1.2.7a iptables.You can pretty much rule out that combination of software as being the cause in as much as I run the same combination myself. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Sunday, December 29, 2002 2:48 PM -0500 hallian hallian <hallian@hotmail.com> wrote:> Everyone -You are posting using HTML only so you''re not talking to anyone but me. See http://www.shorewall.net/mailing_list.htm.> > Finally, my machine was up and I ran the trace..... this is what I got! > when it failed right after ''Adding Common Rules.'' Not sure with the > error? anyone? > > Thanks, hallian > > > + read external interface internal allints localnat > + echo ''Adding Common Rules'' > + add_common_rules > + run_iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ echo -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ sed ''s/!/! /g'' > + iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > iptables: Invalid argument > + ''['' -z '''' '']'' > + stop_firewall > + stopping=Yes > + deletechain shorewallYour kernel doesn''t have REJECT target support. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Sunday, December 29, 2002 2:48 PM -0500 hallian hallian <hallian@hotmail.com> wrote:> > > > Everyone - > > Finally, my machine was up and I ran the trace..... this is what I got! > when it failed right after ''Adding Common Rules.'' Not sure with the > error? anyone? > > Thanks, hallian > > > + read external interface internal allints localnat > + echo ''Adding Common Rules'' > + add_common_rules > + run_iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ echo -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ sed ''s/!/! /g'' > + iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > iptables: Invalid argumentAnother possibility here is that your kernel and/or iptables are too old to support the "--reject-with" option on the REJECT target. I don''t recall when those were added... -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Sunday, December 29, 2002 3:57 PM -0500 hallian hallian <hallian@hotmail.com> wrote:> > > > Surprising I am using the latest 1.2.7a iptables and kernel 2.4.18-18 > which RH is using with v8.0Try this: iptables -N foo iptables -A foo -p tcp -j REJECT --reject-with tcp-reset Does that work? If not, what does "lsmod | grep REJECT" show? If so, what does "rpm -V shorewall" show? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
--On Sunday, December 29, 2002 2:48 PM -0500 hallian hallian <hallian@hotmail.com> wrote:> > Finally, my machine was up and I ran the trace..... this is what I got! > when it failed right after ''Adding Common Rules.'' Not sure with the > error? anyone? > > + read external interface internal allints localnat > + echo ''Adding Common Rules'' > + add_common_rules > + run_iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ echo -A reject -p tcp -j REJECT --reject-with tcp-reset > ++ sed ''s/!/! /g'' > + iptables -A reject -p tcp -j REJECT --reject-with tcp-reset > iptables: Invalid argumentTo close out this thread, the problem turned out to be a bogus version of iptables. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net
Seemingly Similar Threads
- install asterisk without FXO PCI or modem? Is it possible! TXT FILE NOW!
- coloring wireframe plot with independent/separate matrix of color values.
- Conexant fax/modem not faxing with sendfax
- [LLVMdev] linux build problem
- lme4 problem: model defining and effect estimation ------ question from new bird to R community from SAS community