Shorewall users - Feb 2005 - Fedora Core 3 / 2.6.9-1.667

I just installed Fedora Core 3

uname -r 
2.6.9-1.667

I got the latest shorewall''s rpm:

http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1
.noarch.rpm

Made my changes

Attempted to run shorewall and got:

[root@demo shorewall]# shorewall start
   ERROR: Can''t find iptables executable

I haven''t seen this before.

I tried to go through all the FAQs to see if this was a problem.  Is this a
problem?  Is there a solution?

Thanks.

Steven Frazier wrote:
> I just installed Fedora Core 3
> 
> uname -r 
> 2.6.9-1.667
> 
> I got the latest shorewall''s rpm:
> 
>
http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1
> .noarch.rpm
> 
> Made my changes
> 
> Attempted to run shorewall and got:
> 
> [root@demo shorewall]# shorewall start
>    ERROR: Can''t find iptables executable
> 
> I haven''t seen this before.
> 
> I tried to go through all the FAQs to see if this was a problem.  Is this a
> problem?  Is there a solution?
Possibly you should read the Shorewall 2.2.0 release notes (hint
IPTABLES option in shorewall.conf)

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

For whatever reason, I found out the answer in /etc/shorewall.conf
You have to specify where iptables is and put it in

Iptables=/sbin/iptables
> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Steven Frazier
> Sent: Saturday, February 12, 2005 9:40 PM
> To: shorewall-users@lists.shorewall.net
> Subject: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> I just installed Fedora Core 3
> 
> uname -r 
> 2.6.9-1.667
> 
> I got the latest shorewall''s rpm:
> 
> http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/sho
rewall-2.2.0-1
.noarch.rpm

Made my changes

Attempted to run shorewall and got:

[root@demo shorewall]# shorewall start
   ERROR: Can''t find iptables executable

I haven''t seen this before.

I tried to go through all the FAQs to see if this was a problem.  Is this a
problem?  Is there a solution?

Thanks.


_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users@lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm

Thanks, Tom, I read further and found it.  I am so used to shorewall working
out of the box for so many years, I was surprised to find it didn''t
this
time.  Thanks.


> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 9:50 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Steven Frazier wrote:
> > I just installed Fedora Core 3
> > 
> > uname -r
> > 2.6.9-1.667
> > 
> > I got the latest shorewall''s rpm:
> > 
> > 
> http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2
> > .2.0-1
> > .noarch.rpm
> > 
> > Made my changes
> > 
> > Attempted to run shorewall and got:
> > 
> > [root@demo shorewall]# shorewall start
> >    ERROR: Can''t find iptables executable
> > 
> > I haven''t seen this before.
> > 
> > I tried to go through all the FAQs to see if this was a 
> problem.  Is 
> > this a problem?  Is there a solution?
> 
> Possibly you should read the Shorewall 2.2.0 release notes 
> (hint IPTABLES option in shorewall.conf)
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
> 
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>

Tom Eastep wrote:
> Steven Frazier wrote:
> 
>>I just installed Fedora Core 3
>>
>>uname -r 
>>2.6.9-1.667
>>
>>I got the latest shorewall''s rpm:
>>
>>http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1
>>.noarch.rpm
>>
>>Made my changes
>>
>>Attempted to run shorewall and got:
>>
>>[root@demo shorewall]# shorewall start
>>   ERROR: Can''t find iptables executable
>>
>>I haven''t seen this before.
>>
>>I tried to go through all the FAQs to see if this was a problem.  Is
this a
>>problem?  Is there a solution?
> 
> 
> Possibly you should read the Shorewall 2.2.0 release notes (hint
> IPTABLES option in shorewall.conf)
Also, you may wish to note that there are now RPMs taylored for
RedHat/Fedora -- please check the download page again.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Steven Frazier wrote:
> Thanks, Tom, I read further and found it.  I am so used to shorewall
working
> out of the box for so many years, I was surprised to find it
didn''t this
> time.  Thanks.
> 
Steve,

Anyone who installs a new major version of ANY package without reading
the release notes deserves whatever consequences that ensue.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Ok, thanks!

> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 10:05 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Tom Eastep wrote:
> > Steven Frazier wrote:
> > 
> >>I just installed Fedora Core 3
> >>
> >>uname -r
> >>2.6.9-1.667
> >>
> >>I got the latest shorewall''s rpm:
> >>
> >>http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/s
horewall-2
>>.2.0-1
>>.noarch.rpm
>>
>>Made my changes
>>
>>Attempted to run shorewall and got:
>>
>>[root@demo shorewall]# shorewall start
>>   ERROR: Can''t find iptables executable
>>
>>I haven''t seen this before.
>>
>>I tried to go through all the FAQs to see if this was a problem.  Is 
>>this a problem?  Is there a solution?
> 
> 
> Possibly you should read the Shorewall 2.2.0 release notes (hint 
> IPTABLES option in shorewall.conf)
Also, you may wish to note that there are now RPMs taylored for
RedHat/Fedora -- please check the download page again.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users@lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm

Understood.
> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 10:12 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Steven Frazier wrote:
> > Thanks, Tom, I read further and found it.  I am so used to 
> shorewall 
> > working out of the box for so many years, I was surprised 
> to find it 
> > didn''t this time.  Thanks.
> > 
> 
> Steve,
> 
> Anyone who installs a new major version of ANY package 
> without reading the release notes deserves whatever 
> consequences that ensue.
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>

Steven Frazier wrote:
> Understood.
> 
FWIW, I just installed Shorewall 2.2.0 on a Fedora Core 3 system using
my standard RPM and the one-interface sample (interfaces file and rules
file edited) and I didn''t have any problem similar to what you
reported.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

That''s strange.  I re-installed FC 3 after it didn''t work,
thinking I had my
updates screwed up somehow with yum and updates, when it failed the second
time, that''s when I starting looking and then eventually joined the
mailing
list.

I just edited my shorewall.conf

#IPTABLES=/sbin/iptables
IPTABLES
Änd could re-create the error.

Not sure what''s wrong but with the 
IPTABLES=/sbin/iptables

It works fine.


> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 11:00 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Steven Frazier wrote:
> > Understood.
> > 
> 
> FWIW, I just installed Shorewall 2.2.0 on a Fedora Core 3 
> system using my standard RPM and the one-interface sample 
> (interfaces file and rules file edited) and I didn''t have any 
> problem similar to what you reported.
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>

Steven Frazier wrote:
> That''s strange.  I re-installed FC 3 after it didn''t
work, thinking I had my
> updates screwed up somehow with yum and updates, when it failed the second
> time, that''s when I starting looking and then eventually joined
the mailing
> list.
> 
> I just edited my shorewall.conf
> 
> #IPTABLES=/sbin/iptables
> IPTABLES> 
> Änd could re-create the error.
> 
> Not sure what''s wrong but with the 
> IPTABLES=/sbin/iptables
> 
> It works fine.
What do you have PATH set to in shorewall.conf?

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Default:

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin


> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 11:15 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Steven Frazier wrote:
> > That''s strange.  I re-installed FC 3 after it didn''t
work,
> thinking I 
> > had my updates screwed up somehow with yum and updates, 
> when it failed 
> > the second time, that''s when I starting looking and then
eventually
> > joined the mailing list.
> > 
> > I just edited my shorewall.conf
> > 
> > #IPTABLES=/sbin/iptables
> > IPTABLES> > 
> > Änd could re-create the error.
> > 
> > Not sure what''s wrong but with the
> > IPTABLES=/sbin/iptables
> > 
> > It works fine.
> 
> What do you have PATH set to in shorewall.conf?
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>

Steven Frazier wrote:
> Default:
> 
> PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
> 
Interesting. Both

IPTABLES
and

IPTABLES=/sbin/iptables

work here. Do you have /usr/bin/which?

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Tom Eastep wrote:
> Steven Frazier wrote:
> 
>>Default:
>>
>>PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
>>
> 
> 
> Interesting. Both
> 
> IPTABLES> 
> and
> 
> IPTABLES=/sbin/iptables
> 
> work here. Do you have /usr/bin/which?
> 
Or, put another way what does "rpm -q which" indicate?

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

I have:

iptables is located in /sbin/


> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net 
> [mailto:shorewall-users-bounces@lists.shorewall.net] On 
> Behalf Of Tom Eastep
> Sent: Saturday, February 12, 2005 11:23 PM
> To: Mailing List for Shorewall Users
> Subject: Re: [Shorewall-users] Fedora Core 3 / 2.6.9-1.667
> 
> 
> Steven Frazier wrote:
> > Default:
> > 
> > PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
> > 
> 
> Interesting. Both
> 
> IPTABLES> 
> and
> 
> IPTABLES=/sbin/iptables
> 
> work here. Do you have /usr/bin/which?
> 
> -Tom
> -- 
> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep@shorewall.net
> PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>

Steven Frazier wrote:
> I have:
> 
> iptables is located in /sbin/
> 
It would be useful to see a shell trace of the failure (see
http://shorewall.net/troubleshoot.htm).

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key