Gupi, Stefaniu Criste
2003-Mar-10 00:25 UTC
[Shorewall-users] 1.3.14 masq setup for two interfaces
Hello to you all. Here''s my issue: (1) installed RH8.0 on a dual-network board machine - external eth0 with static IP address (for testing issues is 10.23.21.250) - internal eth1 with (192.168.1.254) 2) installed Shorewall 1.3.14, OK 3) copied and modified the two-interface example files, OK The /etc/shorewall/masq file has the following information: ************* eth0 eth1 10.23.21.250 ************* The /etc/shorewall/interfaces file has the following information: ************* eth0 detect eth1 detect ************* the bad result is the following: ################################# ... Masquerading Subnets and Hosts To 0.0.0.0/0 from 192.168.1.0/24 through 10.23.21.250 iptables v1.2.6a: host/network ''default'' not found Try ''iptables -h'' or ''iptables --help'' for more information Processing /etc/shorewall/stop ... Processing /etc/shorewall/stopped ... Terminated ... ################################# I syuppose is a very minor missing or error in my setup files, but I cannot guess what. Please advice if you quickly see the solution, or ask me for more details (I am going to write down all other needed data now). Thanks, Stefaniu Criste
--On Monday, March 10, 2003 10:23:40 AM +0200 "Gupi, Stefaniu Criste" <scriste@ursus.ro> wrote:> > the bad result is the following: >################################# > ... > Masquerading Subnets and Hosts > To 0.0.0.0/0 from 192.168.1.0/24 through 10.23.21.250 > iptables v1.2.6a: host/network ''default'' not found > Try ''iptables -h'' or ''iptables --help'' for more information > Processing /etc/shorewall/stop ... > Processing /etc/shorewall/stopped ... > Terminated > ... >################################# >Please follow the instructions at http://www.shorewall.net/troubleshoot.htm under the heading "If the firewall fails to start". -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep wrote:> > > --On Monday, March 10, 2003 10:23:40 AM +0200 "Gupi, Stefaniu Criste" > <scriste@ursus.ro> wrote: > >> >> the bad result is the following: >> ################################# >> ... >> Masquerading Subnets and Hosts >> To 0.0.0.0/0 from 192.168.1.0/24 through 10.23.21.250 >> iptables v1.2.6a: host/network ''default'' not found >> Try ''iptables -h'' or ''iptables --help'' for more information >> Processing /etc/shorewall/stop ... >> Processing /etc/shorewall/stopped ... >> Terminated >> ... >> ################################# >> > > Please follow the instructions at > http://www.shorewall.net/troubleshoot.htm under the heading "If the > firewall fails to start".Although, if I was forced to guess, I would suspect that the default route is configured through your ''local'' interface (eth1) which is silly if eth0 is the external interface. I''ll change the code to not give this error but then when you make this mistake, you will encounter more subtile problems. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
--On Monday, March 10, 2003 04:27:08 PM +0200 "Gupi, Stefaniu Criste" <scriste@ursus.ro> wrote:> Thanks Tom! > > Being in a biiiig hurry, the solution (for the moment) > was to install 1.3.12, which works perfect! > > Anyway, I will replicate the incident on an identical machine these days > and come back with details. >I think that you''ll find that the default route thing would have fixed it anyway. I''ve also changed the code which you can find through http://www.shorewall.net/errata.htm -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net