Hello, I''m working on setting up shorewall and it won''t start.
See below:
# /etc/init.d/shorewall start
Starting "Shorewall firewall": /etc/init.d/shorewall: line 14: 498
Terminated $SRWL start >>$INITLOG 2>&1
/etc/init.d/shorewall: not done (check /var/log/shorewall-init.log).: No
such file or directory
partial cat of /etc/init.d/shorewall
#!/bin/sh
SRWL=/sbin/shorewall
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
# Note, set INITLOG to /dev/null if you do not want to
# keep logs of the firewall (not recommended)
INITLOG=/var/log/shorewall-init.log
test -x $SRWL || exit 0
test -x $WAIT_FOR_IFUP || exit 0
test -n $INITLOG || {
echo "INITLOG cannot be empty, please configure $0" ;
exit 1;
}
the last line of the snip from /etc/init.d/shorewall is line 14 (the close
brace)
Also /var/log/shorewall-init.log exists and is not empty.
The machine is a Debian 3.0 stable machine. I have pulled shorewall from
testing, so I''m using shorewall v2.0.2b
Any suggestions?
--
Edward Chase
Providence College
Information Technology
Protect your PC
http://www.microsoft.com/security/protect/
Edward Chase wrote:> Hello, I''m working on setting up shorewall and it won''t start. See below: > > # /etc/init.d/shorewall start > Starting "Shorewall firewall": /etc/init.d/shorewall: line 14: 498 > Terminated $SRWL start >>$INITLOG 2>&1 > /etc/init.d/shorewall: not done (check /var/log/shorewall-init.log).: No > such file or directory > > partial cat of /etc/init.d/shorewall > #!/bin/sh > > SRWL=/sbin/shorewall > WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup > # Note, set INITLOG to /dev/null if you do not want to > # keep logs of the firewall (not recommended) > INITLOG=/var/log/shorewall-init.log > > test -x $SRWL || exit 0 > test -x $WAIT_FOR_IFUP || exit 0 > test -n $INITLOG || { > echo "INITLOG cannot be empty, please configure $0" ; > exit 1; > } > the last line of the snip from /etc/init.d/shorewall is line 14 (the close > brace) > > Also /var/log/shorewall-init.log exists and is not empty. > > The machine is a Debian 3.0 stable machine. I have pulled shorewall from > testing, so I''m using shorewall v2.0.2b > > Any suggestions? >Yes -- Look at the error message(s) in /var/log/shorewall-init.log! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
> Edward Chase wrote: > > Hello, I''m working on setting up shorewall and it won''t start. See > > below: > > > > # /etc/init.d/shorewall start > > Starting "Shorewall firewall": /etc/init.d/shorewall: line 14: 498 > > Terminated $SRWL start >>$INITLOG 2>&1 > > /etc/init.d/shorewall: not done (check > /var/log/shorewall-init.log).: > > No such file or directory > > > > partial cat of /etc/init.d/shorewall > > #!/bin/sh > > > > SRWL=/sbin/shorewall WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup > > # Note, set INITLOG to /dev/null if you do not want to > > # keep logs of the firewall (not recommended) > > INITLOG=/var/log/shorewall-init.log > > > > test -x $SRWL || exit 0 > > test -x $WAIT_FOR_IFUP || exit 0 > > test -n $INITLOG || { > > echo "INITLOG cannot be empty, please configure $0" ; > > exit 1; > > } > > the last line of the snip from /etc/init.d/shorewall is > line 14 (the > > close > > brace) > > > > Also /var/log/shorewall-init.log exists and is not empty. > > > > The machine is a Debian 3.0 stable machine. I have pulled > shorewall > > from testing, so I''m using shorewall v2.0.2b > > > > Any suggestions? > > > > Yes -- Look at the error message(s) in /var/log/shorewall-init.log! > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.netDoh! No zones. I looked at that 3 times but didn''t see... Thanks. Now on to more refinement. Perhaps more questions later.
Edward Chase wrote:> > > > Doh! No zones. I looked at that 3 times but didn''t see... > > Thanks. > > Now on to more refinement. Perhaps more questions later.Sounds to me like you had better visit http://shorewall.net/shorewall_quickstart_guide.htm -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
> Edward Chase wrote: > > > > Doh! No zones. I looked at that 3 times but didn''t see... > > > > Thanks. > > > > Now on to more refinement. Perhaps more questions later. > > Sounds to me like you had better visit > http://shorewall.net/shorewall_quickstart_guide.htm > > -TomBeen working with that. It''s what''s got me this far. I see where I missed the zones file. I went from "Machine with one public IP address" to "Two interface system" to "Network interfaces". This link puts you below where the zones file is talked about.