Displaying 20 results from an estimated 22 matches for "subsyslock".
2013 Sep 20
2
touch complain when shorewall start
hello, while starting shorewall4.5.20 on debian7 I get the following
from touch
touch: cannot touch `/var/lock/subsys/shorewall'': No such file or
directory
The needed file can not be created because the directory subsys is
not present!
If I creat the folder manuallly touch does not complain when
shorewall start! Thus it would be nice if durring start shorewall
could check if the
2006 Oct 23
3
command not found error
I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I
start Shorewall I get this:
/usr/share/shorewall/firewall: line 204: 4: command not found
I looked there and found this:
# Run ip and if an error occurs, stop the firewall and quit
#
run_ip() {
if ! ip $@ ; then
if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"ip
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
...39;'
+ trap ''my_mutex_off; exit 2'' 1 2 3 4 5 6 9
+ command=start
+ ''['' 1 -ne 1 '']''
+ do_initialize
+ export LC_ALL=C
+ LC_ALL=C
+ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
+ terminator=startup_error
+ version=
+ FW=
+ SUBSYSLOCK=
+ STATEDIR=
+ ALLOWRELATED=Yes
+ LOGRATE=
+ LOGBURST=
+ LOGPARMS=
+ ADD_IP_ALIASES=
+ ADD_SNAT_ALIASES=
+ TC_ENABLED=
+ LOGUNCLEAN=
+ BLACKLIST_DISPOSITION=
+ BLACKLIST_LOGLEVEL=
+ CLAMPMSS=
+ ROUTE_FILTER=
+ NAT_BEFORE_RULES=
+ DETECT_DNAT_IPADDRS=
+ MUTEX_TIMEOUT=
+ NEWNOTSYN=
+ LOGNEWNOTSYN=
+...
2003 Jan 09
0
new debian release for shorewall-1.3.12
Hello,
I build a new debian release 1.3.12stable-3 to fix some bugs.
ChangeLog
---------
1.3.12stable-3
* /var/state/ does no longer exist. The SUBSYSLOCK variable of
shorewall.conf is set to /var/lib/shorewall/state according to FSH
(closes: #174776).
* /usr/lib/shorewall contained only architecture independent files, those
files are moved to /usr/share/shorewall according to FSH (closes: #173266)
1.3.12stable-2
* included in shorewall-doc s...
2002 Mar 12
0
Shorewall 1.2.9
This version of Shorewall includes the ability to filter by MAC address.=20
The following problems have been corrected:
1. Change LOCKFILE to SUBSYSLOCK in /etc/shorewall/shorewall.conf.
2. The firewall will no longer start if no interfaces are defined.
3. Replaced ''let'' builtin with ''expr'' so that Shorewall will work with
ash.
-Tom
--=20
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://...
2003 Mar 21
1
Shorewall config format
Hi,
I''m a long time shorewall user and I like it very much. There is only
one thing were I''m not always happy with: the config files.
There has been discussion on the list about the comments in the files.
My concern is that I loose overview over my configuration because of the
many config files. Of course there are advantages too but I thinking
wether another config format would
2002 May 14
4
Redirect loc::80 to fw::3128 not work
...CCEPT loc $FW::3128 tcp www
ACCEPT loc $FW tcp ssh
ACCEPT net $FW tcp ssh,auth
ACCEPT $FW net udp ntp
#[/etc/shorewall/shorewall.conf]--------------------------------------------
---
FW=fw
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
ALLOWRELATED="yes"
MODULESDIR=""
LOGRATE="1/minute"
LOGBURST="5"
LOGUNCLEAN=info
LOGFILE="/var/log/messages"
NAT_ENABLED="Yes"
MANGLE_ENABLED="Yes"
IP_FORWARDING="On&quo...
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
...LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall/action:/etc/shorewall/custom:/etc/shorewall:/usr/share/shorewall
FW=fw
IP_FORWARDING=Off
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
TC_ENABLED=Yes
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER...
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
...CCEPT loc $FW::3128 tcp www
ACCEPT loc $FW tcp ssh
ACCEPT net $FW tcp ssh,auth
ACCEPT $FW net udp ntp
#[/etc/shorewall/shorewall.conf]--------------------------------------------
---
FW=fw
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
ALLOWRELATED="yes"
MODULESDIR=""
LOGRATE="1/minute"
LOGBURST="5"
LOGUNCLEAN=info
LOGFILE="/var/log/messages"
NAT_ENABLED="Yes"
MANGLE_ENABLED="Yes"
IP_FORWARDING="On&quo...
2006 Aug 29
3
masq problem
...quot;Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
IPSECFILE=zones
FW=
IP_FORWARDING=Keep
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
RETAIN_ALIASES=No
TC_ENABLED=Internal
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER=Yes
DETECT_DNAT_IPADDRS=No
MUTEX_T...
2007 Nov 10
2
Access Point with Ethernet.
...No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
FW=fw
IP_FORWARDING=On
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
RETAIN_ALIASES=No
TC_ENABLED=No
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER=Yes
DETECT_DNAT_IPADDRS=No
M...
2005 Apr 19
14
allow ssh access from net to fw?
...ILE=/var/log/firewall
LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
FW=fw
IP_FORWARDING=On
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
TC_ENABLED=No
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=yes
ROUTE_FILTER=Yes
DETECT_DNAT_IPADDRS=No
MUTE...
2009 Jun 27
1
Transparent Proxy Problem with Squid3 and Shorewall
...quot;Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
IPSECFILE=zones
LOCKFILE=
DROP_DEFAULT="Drop"
REJECT_DEFAULT="Reject"
ACCEPT_DEFAULT="none"
QUEUE_DEFAULT="none"
NFQUEUE_DEFAULT="none"
RSH_COMMAND=''ssh $...
2013 Jun 13
3
"Multiple Internet Connections" with four interfaces
Hi,
I was reading document http://shorewall.net/MultiISP.html#idp3634200.
Inspired by the document I was trying to establish the following changes:
* one additional interface: COMA_IF
* COM[A,B,C]_IF interfaces request IP address via DHCP
* all non-RFC 1918 destined trafic is NATed from INT_IF to COMA_IF
* all non-RFC 1918 destined trafic from GW is routed via COMB_IF by default
* non-RFC 1918
2004 Oct 29
8
No entries in the syslog, even though the LOG chains show counts
...:%s:"
LOGLIMIT=""
LOGBURST=""
BLACKLIST_LOGLEVEL=info
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
FW=fw
IP_FORWARDING=Keep
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=No
TC_ENABLED=No
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
CLAMPMSS=No
ROUTE_FILTER=Yes
DETECT_DNAT_IPADDRS=No
MUTEX_TIMEOUT=60...
2013 Sep 10
6
lsm configuration issues...
...S_LOG_LEVEL=info
CONFIG_PATH="${CONFDIR}/shorewall:${SHAREDIR}/shorewall"
GEOIPDIR=/usr/share/xt_geoip/LE
IPTABLES=
IP=
IPSET=
LOCKFILE=
MODULESDIR=
PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin"
PERL=/usr/bin/perl
RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
TC=
ACCEPT_DEFAULT=none
DROP_DEFAULT=Drop
NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none
REJECT_DEFAULT=Reject
RCP_COMMAND=''scp ${files} ${root}@${system}:${destination}''
RSH_COMMAND=''ssh ${root}@${system} ${command}''
ACCOUNTING=Yes
ACCOUNTING...
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
I have what strikes me as an odd problem with shorewall.
Let me describe my setup.
My desktop (alfred) is connected to the network
through an ADSL modem.
I am running rp-pppoe, and this works perfectly.
I have a small home network, with two LANs;
an Ethernet LAN (including a machine running Windows XP),
and a WiFi LAN, including the laptop (william) I am using now.
All the computers except for
2004 Dec 04
7
vpn-zone wide open
...LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
FW=fw
IP_FORWARDING=On
ADD_IP_ALIASES=Yes
ADD_SNAT_ALIASES=no
TC_ENABLED=Yes
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=Yes
CLAMPMSS=No
ROUTE_FILTER=No
DETECT_DNAT_IPADDRS=No
MUTE...
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2005 Apr 10
28
dumb, dumb question
I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall)
with 3 NIC cards.
Shorewall works great on the firewall machine. Bind also works (local
net machines get IPs fine). Under firestarter, all works great.
With shorewall, the loc machines can not route past the firewall. They
can connect to the firewall, but not past it.
Exactly what information should I post to get