thr3ads.net - Shorewall users - [Shorewall-users] `find_interface

If this information is useful, please help other people find it:
Share via:

Costantino Balletta

2002-Oct-11 19:50 UTC

[Shorewall-users] `find_interface_address'' issue

I''m running Shorewall 1.3.8-1 with ''loc'',
''dmz'' and ''net'' zones.

The dmz hosts an http server.

When I try to access it from a computer in ''loc'' using its dmz
subnet
address it works, whereas when I attempt to access it using the ISP 
assigned (dynamic) IP address the browser reports the the page is not 
accessible.

Amongst the list of actions to implement in order to fix the issue 
it is said to add in ''params'' the line

	ETH0_IP=`find_interface_address eth0`

When I start the firewall an error message is issued.
See the console log excerpt below.

I would appreciate it if a kind soul would provide help to fix this 
problem.

Thanks,

   Costantino

---------------------------------------

[root@tappeto shorewall]# rpm -qa |grep shorewall
shorewall-1.3.8-1
[root@tappeto shorewall]# shorewall start
       [...some cut..]
   Rule "ACCEPT fw dmz udp 20" added.
   Rule "ACCEPT fw dmz tcp 21" added.
   Rule "ACCEPT fw dmz udp 21" added.
   Rule "ACCEPT loc fw tcp 23" added.
   Rule "ACCEPT loc fw udp 23" added.
   Rule "ACCEPT loc dmz tcp 23" added.
   Rule "ACCEPT loc dmz udp 23" added.
   Rule "ACCEPT loc dmz tcp 80" added.
   Rule "ACCEPT loc dmz udp 80" added.
iptables v1.2.5: host/network `find_interface_address'' not found
Try `iptables -h'' or ''iptables --help'' for more
information.
Terminated
[root@tappeto shorewall]#

Tom Eastep

2002-Oct-11 19:57 UTC

head link

[Shorewall-users] `find_interface_address'' issue

Costantino Balletta wrote:> I''m running Shorewall 1.3.8-1 with ''loc'',
''dmz'' and ''net'' zones.
> 
> The dmz hosts an http server.
> 
> When I try to access it from a computer in ''loc'' using
its dmz subnet
> address it works, whereas when I attempt to access it using the ISP 
> assigned (dynamic) IP address the browser reports the the page is not 
> accessible.
> 
> Amongst the list of actions to implement in order to fix the issue 
> it is said to add in ''params'' the line
> 
> 	ETH0_IP=`find_interface_address eth0`
Have you written the command exactly like that with the back single quotes 
(e.g., "`")? From the symptoms, it looks like you have written the
command

	ETH0_IP=''find_interface_address eth0''

(i.e., with single forward quotes "''").

I assume that you are then using $ETH0_IP in a rule, correct?

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Shorewall users - Oct 2002 - `find_interface_address'' issue

[Shorewall-users] `find_interface_address'' issue

[Shorewall-users] `find_interface_address'' issue