Shorewall devel - Aug 2003 - Mandrake Connection Sharing facility problem.

Hello everybody,

To make all clear;  I am newbee in shorewall, but...

I''ve tried to connect two computers by Mandrake Connection Sharing
facility.
(Mandrake 9.1).
Briefly, the problem is that after all that auto-configuration activities the 
network is completely down, just because shorewall. 

The result of calling `shorewall debug start` by hand is available at the end 
of the message. (several lines from the end of the printout).

my network configuration is: 

DEVICE=eth0
BOOTPROTO=dhcp
NETMASK=255.255.255.0
ONBOOT=yes
MII_NOT_SUPPORTED=yes
NEEDHOSTNAME=yes

DEVICE=eth1
BOOTPROTO=static
IPADDR=192.168.200.13
NETMASK=255.255.255.0
NETWORK=192.168.200.0
BROADCAST=192.168.200.255
ONBOOT=yes

Does anybody have an idea what is wrong?

-- 

Best regards,

Konrad Ku?akowski

------------------------- `shorewall debug start` --------------------------

....
+ chain=eth0_masq
+ iface+ source=192.168.200.0/255.255.255.0
+ ''['' -n '''' -a -n ''''
'']''
+ destination=0.0.0.0/0
+ ''['' -n '''' '']''
+ destnet=-d 0.0.0.0/0
+ ''['' -n 192.168.200.0/255.255.255.0 '']''
+ ''['' -n '''' '']''
+ addnatrule eth0_masq -s 192.168.200.0/255.255.255.0 -d 0.0.0.0/0 -j 
MASQUERADE
+ ensurenatchain eth0_masq
+ havenatchain eth0_masq
+ eval test ''"$eth0_masq_nat_exists"'' = Yes
++ test '''' = Yes
+ createnatchain eth0_masq
+ run_iptables -t nat -N eth0_masq
+ iptables -t nat -N eth0_masq
+ eval eth0_masq_nat_exists=Yes
++ eth0_masq_nat_exists=Yes
+ run_iptables2 -t nat -A eth0_masq -s 192.168.200.0/255.255.255.0 -d 
0.0.0.0/0 -j MASQUERADE
+ ''['' ''x-t nat -A eth0_masq -s
192.168.200.0/255.255.255.0 -d 0.0.0.0/0 -j
MASQUERADE'' = ''x-t nat -A eth0_masq -s
192.168.200.0/255.255.255.0 -d
0.0.0.0/0 -j MASQUERADE'' '']''
+ run_iptables -t nat -A eth0_masq -s 192.168.200.0/255.255.255.0 -d 0.0.0.0/0 
-j MASQUERADE
+ iptables -t nat -A eth0_masq -s 192.168.200.0/255.255.255.0 -d 0.0.0.0/0 -j 
MASQUERADE
iptables: No chain/target/match by that name
+ ''['' -z '''' '']''
+ stop_firewall
+ set +x
Processing /etc/shorewall/stop ...
Processing /etc/shorewall/stopped ...
Terminated

On Mon, 2003-08-25 at 12:44, Konrad Kulakowski wrote:
> Hello everybody,
> 
> To make all clear;  I am newbee in shorewall, but...
> 
> I''ve tried to connect two computers by Mandrake Connection Sharing
facility.
> (Mandrake 9.1).
> Briefly, the problem is that after all that auto-configuration activities
the
> network is completely down, just because shorewall. 
> 
> The result of calling `shorewall debug start` by hand is available at the
end
> of the message. (several lines from the end of the printout).
> 
> my network configuration is: 
> 
> DEVICE=eth0
> BOOTPROTO=dhcp
> NETMASK=255.255.255.0
> ONBOOT=yes
> MII_NOT_SUPPORTED=yes
> NEEDHOSTNAME=yes
> 
> DEVICE=eth1
> BOOTPROTO=static
> IPADDR=192.168.200.13
> NETMASK=255.255.255.0
> NETWORK=192.168.200.0
> BROADCAST=192.168.200.255
> ONBOOT=yes
> 
> Does anybody have an idea what is wrong?
Looks like your kernel doesn''t have masquerade support. Did you build
it
yourself?

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

On Mon, 2003-08-25 at 12:47, Tom Eastep wrote:
> On Mon, 2003-08-25 at 12:44, Konrad Kulakowski wrote:
> > Hello everybody,
> > 
> > To make all clear;  I am newbee in shorewall, but...
> > 
> > I''ve tried to connect two computers by Mandrake Connection
Sharing facility.
> > (Mandrake 9.1).
> > Briefly, the problem is that after all that auto-configuration
activities the
> > network is completely down, just because shorewall. 
And by the way, your network is only completely down because you don''t
know how to work around the problem.

a) shorewall clear #That will remove all Shorewall generated rules
b) chkconfig --level 35 shorewall off #Will keep Shorewall from starting
again

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net