search for: stop_firewall

...; 22 -gt 29 '']'' + iptables -A smurfs -s 10.1.1.255 -j LOG --log-level info --log-prefix Shorewall:smurfs:DROP: iptables: No chain/target/match by that name + ''['' 1 -ne 0 '']'' + ''['' -z '''' '']'' + stop_firewall + ''['' -n /var/lib/shorewall/shorewall.xykwKq '']'' + rm -f /var/lib/shorewall/shorewall.xykwKq + set +x # lsmod Module Size Used by ipt_SAME 2560 0 ipt_REJECT 5504 0 ipt_state 2176 2 ipt_multiport...

...vel" ;; esac eval iptables -A $chain $@ $limit -j $LOGTYPE $LOGPARMS \ $loglevel \ --${log}-prefix ''"$(Logprintf "$LOGFORMAT" $chain $rulenum $disposition)"'' if [ $? -ne 0 ] ; then [ -z "$stopping" ] && { stop_firewall; exit 2; } fi if [ -n "$LOGRULENUMBERS" ]; then rulenum=$(($rulenum + 1)) eval ${chain}_logrules=$rulenum fi The $rulenum variable simply expands to nothing if LOGRULENUMBERS is not enabled; no need to remove it explicitly. We eliminate the other duplicate r...

The search capability at http://www.shorewall.net has been improved. - The quick search on the main page no longer includes the mailing list archives. - The extended search page (http://www.shorewall.net/htdig/search.html) allows you to search: a) the entire site (including the archives); b) the site excluding the archivesj; or, c) just the archives. - The mailing list information page

Hi Tom and other gurus, I modified SHOREWALL (version 2.0.15) for bridging and I cannot restart it. I got the following error ... Processing /etc/shorewall/policy... Policy ACCEPT for fw to net using chain fw2net Policy REJECT for fw to loc using chain all2all Policy DROP for net to fw using chain net2all Policy ACCEPT for loc to fw using chain loc2fw Policy ACCEPT for loc to net

...start" The output form "shorewall debug start 2> /home/stewart/trace" reveals an error " + iptables -A OUTPUT -o br0 -m physdev --physdev-out eth0 -j fw2net iptables: No chain/target/match by that name + ''['' -z '''' '']'' + stop_firewall" It looks to me that the Chain "fw2net" isn''t being recognised. Am I making a mistake here in assuming that the default zone "fw" exists as in the case of the 2 interface example? I include the following data for completeness :- 1) shorewall version 2.0.14...

...; + iptables -t mangle -A tcfor -p -j MARK --set-mark ''PORT(S)'' iptables v1.2.9: unknown protocol `-j'' specified Try `iptables -h'' or ''iptables --help'' for more information. + ''['' -z '''' '']'' + stop_firewall What I understand here is that shorewall doesn''t write the "tcp" protocol after the -p option. Am I right ? Is there a quick-fix for that ? Here is some information about my system : shorewall version 2.0.8 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue...

--------------Boundary-00=_0ISLLHMP6MR2D0LS3C6S Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Attached is an updated firewall script that gets the order of things corr= ect=20 (I hope) in the stop_firewall() function. -Tom --=20 Tom Eastep \ A Firewall for Linux 2.4.* AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net --------------Boundary-00=_0ISLLHMP6MR2D0LS3C6S Content-Type: application/x-shellscript; name="firewall" Content-Transfer-Encoding: base6...

...og-prefix Shorewall:newnotsyn:DROP: iptables v1.2.8: Couldn''t load match `-j'':/lib/iptables/libipt_-j.so: cannot open shared object file: No such file or direct ory Try `iptables -h'' or ''iptables --help'' for more information. + [ 2 -ne 0 ] + [ -z ] + stop_firewall + set +x Any hint how to fix this? -- Tuomo Soini <tis@foobar.fi>

...run_iptables -t nat -A eth0_masq -s 192.168.200.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE + iptables -t nat -A eth0_masq -s 192.168.200.0/255.255.255.0 -d 0.0.0.0/0 -j MASQUERADE iptables: No chain/target/match by that name + ''['' -z '''' '']'' + stop_firewall + set +x Processing /etc/shorewall/stop ... Processing /etc/shorewall/stopped ... Terminated

...l: line 204: 4: command not found I looked there and found this: # Run ip and if an error occurs, stop the firewall and quit # run_ip() { if ! ip $@ ; then if [ -z "$STOPPING" ]; then error_message "ERROR: Command \"ip $@\" Failed" stop_firewall exit 2 fi fi } I assume the error refers to the "ip" command, which is found on my system How can I fix this problem? The error does not seem to be fatal, the firewall does start. ------------------------------------------------------------------------- Using...

...-j DNAT --to-destination 192.168.140.2 ] + run_iptables -t nat -A net_dnat -p tcp -d 212.24.147.254 --dport http -j DNAT --to-destination 192.168.140.2 + iptables -t nat -A net_dnat -p tcp -d 212.24.147.254 --dport http -j DNAT --to -destination 192.168.140.2 iptables: Invalid argument + [ -z ] + stop_firewall + set +x Thank you very much for help Regards Dominik Strnad Senior Management Engineer Core Computer spol. s r.o. Olbrachtova 4, 140 00, Praha 4 tel.: +420 255 770 111 fax.: +420 255 770 120 gsm: +420 724 036 612 email: dstrnad@core.cz url: www.core.cz --- Odchozí zpráva neobsahuje viry. Zk...

....x.226 --sport 1024:65535 --dst-range 139.x.x.153-139.x.x.156 --dport 1024:65535 -j ''ACCEPT" Failed'' ERROR: Command "/usr/sbin/iptables -A WAN2INT -p udp -s 139.x.x.226 --sport 1024:65535 --dst-range 139.x.x.153-139.x.x.156 --dport 1024:65535 -j ACCEPT" Failed + stop_firewall + case $COMMAND in + set +x ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE...

...ADE" Failed'' + echo '' ERROR: Command "iptables -t'' nat -A eth0_masq -s 192.168.4.0/24 -d 0.0.0.0/0 -j ''MASQUERADE" Failed'' ERROR: Command "iptables -t nat -A eth0_masq -s 192.168.4.0/24 -d 0.0.0.0/0 -j MASQUERADE" Failed + stop_firewall + ''['' -n /var/lib/shorewall/shorewall.1l2H6U '']'' + rm -f /var/lib/shorewall/shorewall.1l2H6U + set +x

Hi, I installed the shorewall 1.3.8-2 debian package to my debian testing machine which serves as the gateway to the internet. Since I have two other machine connect to internet thru this gateway machine, I also downloaded the configuration guide for "basic two-interface firewall" and followed the instructions. When I try to start the shorewall I get the following message and can not

This is a minor release of Shorewall. WARNING: This release introduces incompatibilities with prior releases. See http://www.shorewall.net/upgrade_issues.htm. Changes are: a) There is now a new NONE policy specifiable in /etc/shorewall/policy. This policy will cause Shorewall to assume that there will never be any traffic between the source and destination zones. b) Shorewall no longer

...'' Error: Entries in /etc/shorewall/routes requires that your kernel and iptables have ROUTE target support'' Error: Entries in /etc/shorewall/routes requires that your kernel and iptables have ROUTE target support + ''['' restart = check '']'' + stop_firewall + ''['' -n /var/lib/shorewall/shorewall.oY8975 '']'' + rm -f /var/lib/shorewall/shorewall.oY8975 + case $COMMAND in + set +x Restoring Shorewall... Loading kernel modules... Restoring Proxy ARP... Restoring one-to-one NAT... Restoring ARP filtering... Restoring Accep...