Displaying 20 results from an estimated 32 matches for "shorewall_shel".
Did you mean:
shorewall_shell
2008 Dec 31
5
Problem with "routeback, blacklist, tcpflags" in Shorewall 4.2.4-2
...#39;'iptables-restore --help'' for more information.
ERROR: iptables-restore Failed. Input is in
/var/lib/shorewall/.iptables-restore-input
Processing /etc/shorewall/stop ...
IPv4 Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 742: 32734 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
--
removing routeback,blacklist,tcpflags works fine.
Thanks!
Happy new year to all
------------------------------------------------------------------------------
2003 Oct 23
3
Shorewall backup configuration patch/hack
.../ http://www.datux.nl
-------------- next part --------------
578c578
< SHOREWALL_DIR=
---
> SHOREWALL_DIR=/etc/shorewall
679c679
< start|stop|restart|reset|clear|refresh|check)
---
> start|restart)
680a681
> #first try it the "normal" way:
682c683,709
< exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock $1
---
> $SHOREWALL_SHELL $FIREWALL $debugging $nolock $1
> RESULT=$?
> #exitcode 1 means something lame happend.
> [ $RESULT == 1 ] && exit 1;
> if [ $RESULT == 0 ] ; then
> #it worked, create a backup
> echo -n "* C...
2007 Aug 24
13
Shorewall 3.4.x - Error when (re) starting - segmentation fault
Shorewall 3.4.6 running on SuSE Linux 10.2
Compiling Rule Activation...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Restarting Shorewall....
/sbin/shorewall: line 665: 6782 Segmentation fault
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
got this with V3.4.4, updated to 3.4.6 this morning, but that didn''t help.
Does anybody have any hint for me ?
I am travelling onsite now to further debug the problem.
Regards from Germany.
--
Mit freundlichen Grüßen,
Philipp Rusch
---------...
2008 Dec 25
2
Problems with exclusion in host definition - shorewall 4.2.3 latest
...help'' for more information.
ERROR: Command "/usr/sbin/iptables -A eth2_fwd -p tcp -s
169.254.0.0/16!169.254.1.0/24 -j tcpflags" Failed
Processing /etc/shorewall/stop ...
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 742: 9333 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
--------------------------------------------------------
This is the corresponding entry in my hosts file:
INT eth2:1.1.1.100/32 routeback,blacklist,tcpflags
INT eth2:169.254.0.0/16!169.254.1.0/24 routeback,blacklist,tcpflags
INT eth2...
2007 Nov 15
3
ip6tables can't initialize ip6tables table filter
...t no problems, but when I try
to start shorewall I get this error a lot of time:
iptables: Invalid argument
ip6tables v1.3.6: can''t initialize ip6tables table `filter'': Bad file descriptor
and the Shorewall starting process ends with
/sbin/shorewall: line 656: 25228 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
What''s the problem?
I googled for this problem and it seems to be a kernel bug, but I am
in a domU...
Thank you very much!
Bye.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
D...
2003 Jul 22
0
Shorewall-1.4.6a
...amp;& STATEDIR=/var/state/shorewall
@@ -4728,10 +4732,6 @@
strip_file interfaces
strip_file hosts
#
- # Determine the capabilities of the installed iptables/netfilter
- #
- determine_capabilities
- #
# Check out the user''s shell
#
[ -n "$SHOREWALL_SHELL" ] || SHOREWALL_SHELL=/bin/sh
2007 May 22
1
Two questions about REDIRECT and iptables chain errors
...1.3.6.0debian1-5
on a debian sarge machine.
>From yesterday shorewall can''t start anymore and in the
shorewall-init.log I''ve this:
ERROR: Rule "REDIRECT lan 8081 tcp 80 " requires NAT which is
disabled
/sbin/shorewall: line 527: 17071 Terminated
$SHOREWALL_SHELL ${SHAREDIR}/compiler $debugging $nolock compile
${VARDIR}/.start
The rule REDIRECT is for dansguardian.
I''ve tried to comment that line and the new error occours:
iptables: No chain/target/match by that name
ERROR: Command "/sbin/iptables -A FORWARD -m state --state
ESTABLISHE...
2003 Jun 29
3
Snapshot 20030629
...on is available, the rule in the filter table
is extended to check that the original destination address was the
same as specified (or defaulted to) in the DNAT rule.
7) The shell used to interpret the firewall script
(/usr/share/shorewall/firewall) may now be specified using the
SHOREWALL_SHELL parameter in shorewall.conf.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net
2012 Mar 19
0
Shorewall 4.5.1.1
Shorewall 4.5.1.1 is now available for download.
Problems Corrected:
1) When checking or compiling for export (-e option), /sbin/shorewall
would previously issue a warning message if the SHOREWALL_SHELL
specified in the remote firewall''s shorewall.conf did not exist.
2) The changes to TOS handling in 4.5.1 are incompatible with older
releases such as RHEL5 and derivatives. That has been corrected.
3) The rules compiler now verifies that the protocol is TCP, UDP, SCTP
or D...
2013 Sep 01
2
ICMP rate limit terminates shorewall
...- - 10/sec:20
shorewall starts fine on 2 of the systems but on the 3rd it fails to
start with the following error:
iptables-restore: line 119 failed
ERROR: iptables-restore Failed. Input is in
/var/lib/shorewall/.iptables-restore-input
/usr/share/shorewall/lib.common: line 113: 5485 Terminated
$SHOREWALL_SHELL $script $options $@
shorewall starts fine if I remove the rate limit. Can anyone tell me
what is wrong? I''ve tried 4.5.19 as well.
- Grant
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, m...
2007 May 04
0
Pls help on Shorewall installation
..."tc qdisc add dev eth0
root handle 1: htb default 13" Failed
May ?4 22:30:14 gateway shorewall: ? ?WARNING: DISABLE_IPV6=Yes in
shorewall.conf but this system does not appear to have ip6tables
May ?4 22:30:14 gateway shorewall: /sbin/shorewall: line 484: 11922 Terminated ? ? ? ? ? ? ?
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
May ?4 22:30:15 gateway shorewall: Processing /etc/shorewall/stop ...
May ?4 22:30:15 gateway shorewall: IP Forwarding Enabled
May ?4 22:30:15 gateway shorewall: Processing /etc/shorewall/stopped ...
May ?4 22:30:15 gateway shorewall: shorewall startup failed...
2005 May 24
4
Programming Languages?
Greetings,
What programming languages besides shell scripting are used in shorewall?
What knowledge is needed to help in shorewall development? I figure iptables is a goood
bet but is there anything else as well?
Thank you for your time.
Regards,
Jason
2005 Jun 08
3
DNAT Issue
I have a lan with shorewall running as firewall and two local machines,
where 10.1.1.2 and 10.1.1.15 are two internal mail servers and where
124.124.124.124 and 123.123.123.123 are the external IPs for the mail
servers.
The two mail servers need to communicate with each other via smtp
(for sending mail from domains hosted on one to the other) but its
giving issues.
Specificaly when one server
2003 Jul 04
3
Shorewall 1.4.6 Beta 1
...on is available, the rule in the filter
table
is extended to check that the original destination address was the
same as specified (or defaulted to) in the DNAT rule.
7) The shell used to interpret the firewall script
(/usr/share/shorewall/firewall) may now be specified using the
SHOREWALL_SHELL parameter in shorewall.conf.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
...OGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall/action:/etc/shorewall/custom:/etc/shorewall:/usr/share/shorewall
FW=fw
IP_FORWARDING=Off
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
TC_ENABLED=Yes
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAM...
2003 Jul 01
6
Shell Requirements for Shorewall 1.4.6
The 1.4.6 version of Shorewall makes additional demands on the shell. I
have found that both the RH9.0 version of ash and the version of ash
that has long been available from the Shorewall download sites are *not*
suitable for use with Shorewall 1.4.6. The LEAF Bering version of ash on
the other hand works fine.
Attached is a small shell program that will allow you to test your shell
for
2003 Jul 21
0
Shorewall 1.4.6
...on is available, the rule in the filter
table
is extended to check that the original destination address was the
same as specified (or defaulted to) in the DNAT rule.
7) The shell used to interpret the firewall script
(/usr/share/shorewall/firewall) may now be specified using the
SHOREWALL_SHELL parameter in shorewall.conf.
8) An ''ipcalc'' command has been added to /sbin/shorewall.
ipcalc [ <address> <netmask> | <address>/<vlsm> ]
Examples:
[root@wookie root]# shorewall ipcalc 192.168.1.0/24
CIDR=192.168.1.0/24...
2003 Dec 03
6
Zone Scalability
I''m happily running two four zone/four nic shorewall firewall
configuratoins. Great software, works as expected everytime! We are
conteplating a larger and more complex firewall configuration that may
include as many as twelve zones with trying to cram as many as 8+
interfaces into a single machine. Are there any draw backs to this
amount of zones and interfaces into a single
2006 Aug 29
3
masq problem
...log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
IPSECFILE=zones
FW=
IP_FORWARDING=Keep
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
RETAIN_ALIASES=No
TC_ENABLED=Internal
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER=Yes
DETECT_DNA...
2007 Nov 10
2
Access Point with Ethernet.
...%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
FW=fw
IP_FORWARDING=On
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
RETAIN_ALIASES=No
TC_ENABLED=No
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER=Yes
DETE...