Hello, this is my first posting on this list and unfortunately discribes a serious problem which I think will hit us all these days since there were some kernel flaws that forces the use of current kernel versions. I''ve upgraded firewall machines to latest fedora core 6 versions of all packages and am now experiencing problems with FTP connections (maybe there are more protocols affected). These problems occur because shorewall cannot load helper kernel modules which are needed. I''ve traced this problems to the new kernel 2.6.20 which has some differences in its modules tree. ip_conntrack_ftp no longer exists and is replaced by nf_conntrack_ftp and nf_nat_ftp. Loading these solves connection problems immediately. The question is now how long does it take until a new shorewall-release will fix /usr/share/shorewall/modules or is it required to change this manually. Is anybody else experiencing the same flaws and has an appropriate fix for this? I''ve manually loaded the missing modules but I need a better solution. Greetings, Frank ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Frank Wittig wrote:> > Is anybody else experiencing the same flaws and has an appropriate > fix for this? I''ve manually loaded the missing modules but I need a > better solution.Check recent posts on this list -- I posted an updated /usr/share/shorewall/modules file within the last several days. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Tom Eastep wrote:> Frank Wittig wrote: > >> Is anybody else experiencing the same flaws and has an appropriate >> fix for this? I''ve manually loaded the missing modules but I need a >> better solution. > > Check recent posts on this list -- I posted an updated > /usr/share/shorewall/modules file within the last several days.There are now updated modules files available: Shorewall 3.2 - http://www.shorewall.net/pub/shorewall/3.2/shorewall-3.2.9/ Shorewall 3.4 - http://www.shorewall.net/pub/shorewall/3.4/shorewall-3.4.1/ Check the ''known_problems.txt'' file in the directory corresponding to your release. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Hi Tom, hello list, I''m sorry for duplicating this issue but the last message I see in the archive (link points to http://sourceforge.net/mailarchive/forum.php?forum=shorewall-users) is from October 2006. Maybe there''s something wrong with the list archive or the link to it... I''ve got the right file now. Thanks for the links. Greetings, Frank Tom Eastep <teastep@shorewall.net> [19.03.2007 18:00]:> Check recent posts on this list -- I posted an updated > /usr/share/shorewall/modules file within the last several days.------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Frank Wittig wrote:> Hi Tom, > hello list, > > I''m sorry for duplicating this issue but the last message I see in > the archive (link points to > http://sourceforge.net/mailarchive/forum.php?forum=shorewall-users) > is from October 2006. Maybe there''s something wrong with the list > archive or the link to it... >The official archive is at gmame, not at Sourceforge (see the "Search the List Archives" link at the top of the Shorewall home page). The Sourceforge list archive facility is a cruel joke that is basically useless. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV