Shorewall users - Aug 2002 - Cannot start shorewall 1.3.6

I tried to setup shorewall 1.3.6 on my debian-box. I adapted the 
Two-interface sample, my box is connected to the internet via ADSL (using 
pptp to the modem at interface eth1, eth0 is the local interface).

In masq I have the following entry:
ppp0	192.168.24.0/24

When I start shorewall I get the following error:
Processing /etc/shorewall/shorewall.conf ...
Processing /etc/shorewall/params ...
Starting Shorewall...
Loading Modules...
Initializing...
Determining Zones...
   Zones: net loc adsl
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
   Net Zone: ppp0:0.0.0.0/0
   Local Zone: eth0:0.0.0.0/0
   Local Zone: eth1:0.0.0.0/0
Deleting user chains...
Creating input Chains...
Configuring Proxy ARP
Setting up NAT...
Adding Common Rules
IP Forwarding Enabled
Processing /etc/shorewall/tunnels...
Processing /etc/shorewall/rules...
   Rule "ACCEPT loc fw tcp 53" added.
   Rule "ACCEPT loc fw udp 53" added.
   Rule "ACCEPT loc fw tcp 80" added.
   Rule "ACCEPT loc fw tcp 21" added.
   Rule "ACCEPT loc fw tcp 25" added.
   Rule "ACCEPT loc fw tcp 110" added.
   Rule "ACCEPT loc fw tcp 143" added.
   Rule "ACCEPT loc fw tcp 22" added.
   Rule "ACCEPT net fw tcp 22" added.
   Rule "DNAT net loc:192.168.24.10 tcp 5631" added.
   Rule "DNAT net loc:192.168.24.10 udp 5632" added.
Adding rules for DHCP
Setting up ICMP Echo handling...
Processing /etc/shorewall/policy...
   Policy ACCEPT for fw to net using chain fw2net
   Policy DROP for net to fw using chain net2all
   Policy DROP for net to loc using chain net2all
   Policy REJECT for loc to fw using chain all2all
   Policy ACCEPT for loc to net using chain loc2net
   Policy ACCEPT for loc to adsl using chain loc2adsl
   Policy ACCEPT for adsl to loc using chain adsl2loc
Masqueraded Subnets and Hosts:
/etc/init.d/shorewall: ._masq_nat_exists=Yes: command not found
   To 0.0.0.0/0 from  through .
   To 0.0.0.0/0 from 192.168.24.0/24 through ppp0
iptables: Chain already exists
Terminated /etc/init.d/shorewall start

I tried shorewall debug start 2>/tmp/trace but looking on trace I cannot 
find what''s wrong.

Thank you for your help!
Regards
Alois

On Thursday 22 August 2002 04:25 am, Alois Schneider
wrote:
> I tried to setup shorewall 1.3.6 on my debian-box. I adapted the
> Two-interface sample, my box is connected to the internet via ADSL (using
> pptp to the modem at interface eth1, eth0 is the local interface).
>
> In masq I have the following entry:
> ppp0=09192.168.24.0/24
>
> When I start shorewall I get the following error:
> Processing /etc/shorewall/shorewall.conf ...
> Processing /etc/shorewall/params ...
> Starting Shorewall...
> Loading Modules...
> Initializing...
> Determining Zones...
>    Zones: net loc adsl
> Validating interfaces file...
> Validating hosts file...
> Validating Policy file...
> Determining Hosts in Zones...
>    Net Zone: ppp0:0.0.0.0/0
>    Local Zone: eth0:0.0.0.0/0
>    Local Zone: eth1:0.0.0.0/0
> Deleting user chains...
> Creating input Chains...
> Configuring Proxy ARP
> Setting up NAT...
> Adding Common Rules
> IP Forwarding Enabled
> Processing /etc/shorewall/tunnels...
> Processing /etc/shorewall/rules...
>    Rule "ACCEPT loc fw tcp 53" added.
>    Rule "ACCEPT loc fw udp 53" added.
>    Rule "ACCEPT loc fw tcp 80" added.
>    Rule "ACCEPT loc fw tcp 21" added.
>    Rule "ACCEPT loc fw tcp 25" added.
>    Rule "ACCEPT loc fw tcp 110" added.
>    Rule "ACCEPT loc fw tcp 143" added.
>    Rule "ACCEPT loc fw tcp 22" added.
>    Rule "ACCEPT net fw tcp 22" added.
>    Rule "DNAT net loc:192.168.24.10 tcp 5631" added.
>    Rule "DNAT net loc:192.168.24.10 udp 5632" added.
> Adding rules for DHCP
> Setting up ICMP Echo handling...
> Processing /etc/shorewall/policy...
>    Policy ACCEPT for fw to net using chain fw2net
>    Policy DROP for net to fw using chain net2all
>    Policy DROP for net to loc using chain net2all
>    Policy REJECT for loc to fw using chain all2all
>    Policy ACCEPT for loc to net using chain loc2net
>    Policy ACCEPT for loc to adsl using chain loc2adsl
>    Policy ACCEPT for adsl to loc using chain adsl2loc
> Masqueraded Subnets and Hosts:
> /etc/init.d/shorewall: ._masq_nat_exists=3DYes: command not found
>    To 0.0.0.0/0 from  through .
>    To 0.0.0.0/0 from 192.168.24.0/24 through ppp0
> iptables: Chain already exists
> Terminated /etc/init.d/shorewall start
>
Please send me the trace....

-Tom
--=20
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net