thr3ads.net - Shorewall users - Bug in 2.4.6 [Nov 2005]

If this information is useful, please help other people find it:
Share via:

Tom Eastep

2005-Nov-02 21:11 UTC

Bug in 2.4.6

I''ve just learned that there is a bug in 2.4.6:

    Entries for openvpn tunnels (including openvpnclient and
    openvpnserver) that specify a port but no protocol cause startup
    errors similar to the following:

           iptables v1.3.3: unknown protocol `1194'' specified
           Try `iptables -h'' or ''iptables --help'' for
more information.
           ERROR: Command "/usr/sbin/iptables -A net2fw -p 1194 -s
           0.0.0.0/0 --sport 1194 -j ACCEPT" Failed

    The problem may be worked around by specifying the protocol as well
    (e.g., "openvpn:udp:3455).

There is also a corrected ''firewall'' file available in

	http://www1.shorewall.net/pub/shorewall/2.4/shorewall-2.4.6/errata/

Replace /usr/share/shorewall/firewall with that file.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Apparently Analagous Threads

Search for more apparently analagous threads

Shorewall users - Nov 2005 - Bug in 2.4.6

Bug in 2.4.6

Apparently Analagous Threads

Wisdom of the Ancients