On Saturday 15 April 2006 07:23, Steven Anderson wrote:> Dear Shorewall Community:
>
> Greetings! And thanks in advance for your help.
>
> I get the following error trying to start my xen shorewall dom0 setup. I
> would be very surprise to find out that it has more than 1 or 2 small
> differences from the xenmyway setup since it was a copy paste. I did have
> to move the ipsec line to a different config file as I interpreted the docs
> and the help of some to suggest but besides that I think they are
> identical. All help would be greatly appreciated.
>
I have made a couple of simple changes to your config which allowed me to
start it under Shorewall 3.0.6:
a) /etc/shorewall/rules
I moved the "SECTION NEW" above the rules where it belongs.
I''m not sure
what the point of the rules is in the first place since your effective
b) /etc/shorewall/masq
I deleted the entry you had added there. I''m not sure what you are
trying to
do with it but the entry that you had wouldn''t work (eth0
isn''t one of your
defined interfaces, traffic going out of the domUs won''t go through
eth0,
xen-br0 has no IP configuration (and is misspelled)).
c) /etc/shorewall/routestopped
I replaced ''xen-br0'' with ''xenbr0'' since
that is what your init script is
creating and that is what you have in /etc/shorewall/interfaces.
If those changes don''t allow Shorewall to start on your system then
please
capture a trace and send it to me personally.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key