Srinivasa Hebbar
2008-Jan-18 14:23 UTC
Shorewall stopped with comma seperated SUBNET in masq
Hello,
I am getting the following error in shorewall 3.4.4
Setting up Masquerading/SNAT...
iptables v1.3.3: host/network `192.168.1.1,192.168.1.3'' not found
Try `iptables -h'' or ''iptables --help'' for more
information.
ERROR: Command "/sbin/iptables -t nat -A eth0_masq -s
192.168.1.1,192.168.1.3 -d 0.0.0.0/0 -j MASQUERADE" Failed
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
eth0 192.168.1.1,192.168.1.3
According to the manual SUBNET/SOURCE can be comma seperated
values.
SOURCE (Formerly called SUBNET) â {interface|address[,address]}[exclusion]
Please let me know if I am doing anything wrong.
Thanks,
Hebbar.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Tom Eastep
2008-Jan-18 15:35 UTC
Re: Shorewall stopped with comma seperated SUBNET in masq
Srinivasa Hebbar wrote:> > SOURCE (Formerly called SUBNET) â {interface|address[,address]}[exclusion] > > Please let me know if I am doing anything wrong.You are not doing anything wrong. It''s a bug in Shorewall 3.x and Shorewall-shell 4.x. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Roberto C. Sánchez
2008-Jan-21 05:25 UTC
Re: Shorewall stopped with comma seperated SUBNET in masq
On Fri, Jan 18, 2008 at 07:53:17PM +0530, Srinivasa Hebbar wrote:> Hello, > > I am getting the following error in shorewall 3.4.4 > > Setting up Masquerading/SNAT... > iptables v1.3.3: host/network `192.168.1.1,192.168.1.3'' not found > Try `iptables -h'' or ''iptables --help'' for more information. > ERROR: Command "/sbin/iptables -t nat -A eth0_masq -s > 192.168.1.1,192.168.1.3 -d 0.0.0.0/0 -j MASQUERADE" Failed > > #INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC > eth0 192.168.1.1,192.168.1.3 >The attached patch fixes the problem. It will be incorporated in the next release. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Srinivasa Hebbar
2008-Jan-22 12:52 UTC
Re: Shorewall stopped with comma seperated SUBNET in masq
Dear Roberto, This patch fixed the problem. Thanks alot. Regards, Hebbar.> On Fri, Jan 18, 2008 at 07:53:17PM +0530, Srinivasa Hebbar wrote: > > Hello, > > > > I am getting the following error in shorewall 3.4.4 > > > > Setting up Masquerading/SNAT... > > iptables v1.3.3: host/network `192.168.1.1,192.168.1.3'' not found > > Try `iptables -h'' or ''iptables --help'' for more information. > > ERROR: Command "/sbin/iptables -t nat -A eth0_masq -s > > 192.168.1.1,192.168.1.3 -d 0.0.0.0/0 -j MASQUERADE" Failed > > > > #INTERFACE SUBNET ADDRESS PROTO PORT(S) > > IPSEC eth0 192.168.1.1,192.168.1.3 > > The attached patch fixes the problem. It will be incorporated in the > next release. > > Regards, > > -Roberto------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/