thr3ads.net - Shorewall users - [Shorewall-users] Shorewall, Redhat9.0 and string matching [Jul 2003]

If this information is useful, please help other people find it:
Share via:

Bert Beaudin

2003-Jul-11 11:19 UTC

[Shorewall-users] Shorewall, Redhat9.0 and string matching

Hey all

            I have done this with no problems using slackware before but my
boss wants to use redhat.

 

1. Base install of redhat 9.0

2. String patch applied per info on netfilter website using patch-o-matic

3. Rebuild kernel according to info on Shorewall web site.

4. Rebuild iptables per info on netfilter website.

5. Made changes to bacis 3 nick config guide for my network. Basic rule set.
No string matching yet. 

6. Kernel boots but I get this message.

 

Processing /etc/shorewall/params ...

Processing /etc/shorewall/shorewall.conf...

Starting Shorewall...

Initializing...

Determining Zones...

   Zones: net loc dmz

Validating interfaces file...

Validating hosts file...

Validating Policy file...

Determining Hosts in Zones...

   Net Zone: eth0:0.0.0.0/0

   Local Zone: eth1:0.0.0.0/0

   DMZ Zone: eth2:0.0.0.0/0

Processing /etc/shorewall/init ...

iptables: No chain/target/match by that name

Processing /etc/shorewall/stop ...

iptables: No chain/target/match by that name

iptables: No chain/target/match by that name

iptables: Can''t delete chain with references left

Processing /etc/shorewall/stopped ...

Terminated

 

7. Ran shorewall debug start 2> /tmp/trace

 

See this at the end of my trace file

+ run_iptables -t mangle -F

+ iptables -t mangle -F

+ run_iptables -t mangle -X

+ iptables -t mangle -X

iptables: No chain/target/match by that name

+ ''['' -z '''' '']''

+ stop_firewall

+ set +x

iptables: No chain/target/match by that name

iptables: No chain/target/match by that name

iptables: Can''t delete chain with references left

 

cat /usr/src/linux/.config|grep MANGLE

CONFIG_IP_NF_MANGLE=y

 

Any help would be great. I wish I could just use Slackware.

 

Bert Beaudin

bert@uwc.net <mailto:bert@uwc.net> 

ext 266

Pieter Ennes

2003-Jul-11 15:06 UTC

head link

[Shorewall-users] Shorewall, Redhat9.0 and string matching

On Fri, 11 Jul 2003, Bert Beaudin wrote:
> + iptables -t mangle -X
>
> iptables: No chain/target/match by that name
My guess is that you do not have mangle support in your kernel. Try
loading the mangle module(s) or compiling the kernel. Otherwise set
MANGLE_ENABLED=No in shorewall.conf.

-- 
 - Pieter

Shorewall users - Jul 2003 - Shorewall, Redhat9.0 and string matching

[Shorewall-users] Shorewall, Redhat9.0 and string matching

[Shorewall-users] Shorewall, Redhat9.0 and string matching