thr3ads.net - Shorewall users - shorewall-lite error (something happend in 3.4.3) [May 2007]

If this information is useful, please help other people find it:
Share via:

Farkas Levente

2007-May-27 13:37 UTC

shorewall-lite error (something happend in 3.4.3)

hi,
we use shorewall and shorewall-lite and everything is configured on a
central server. until now i change something on the server and run:
# shorewall reload portal
but now i''ve got an error and it do not connect to the portal neither
reload shorewall with this error:
-----------------------------------
   WARNING: Shorewall startup is disabled. To enable startup, set
STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
LOGFILE (/var/log/netfilter.log) does not exist!
-----------------------------------
and of course on the central server we don''t run shorewall so we
don''t
need to enable shorewall and don''t have the log file.
this should be useful to fix.
yours.

-- 
  Levente                               "Si vis pacem para bellum!"

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Tom Eastep

2007-May-28 03:24 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

Farkas Levente wrote:> hi,
> we use shorewall and shorewall-lite and everything is configured on a
> central server. until now i change something on the server and run:
> # shorewall reload portal
> but now i''ve got an error and it do not connect to the portal
neither
> reload shorewall with this error:
> -----------------------------------
>    WARNING: Shorewall startup is disabled. To enable startup, set
> STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
> LOGFILE (/var/log/netfilter.log) does not exist!
> -----------------------------------
> and of course on the central server we don''t run shorewall so we
don''t
> need to enable shorewall and don''t have the log file.
> this should be useful to fix.
The LOGFILE problem was corrected in release 3.4.3.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Farkas Levente

2007-May-28 09:23 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

Tom Eastep wrote:> Farkas Levente wrote:
>> hi,
>> we use shorewall and shorewall-lite and everything is configured on a
>> central server. until now i change something on the server and run:
>> # shorewall reload portal
>> but now i''ve got an error and it do not connect to the portal
neither
>> reload shorewall with this error:
>> -----------------------------------
>>    WARNING: Shorewall startup is disabled. To enable startup, set
>> STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
>> LOGFILE (/var/log/netfilter.log) does not exist!
>> -----------------------------------
>> and of course on the central server we don''t run shorewall so
we don''t
>> need to enable shorewall and don''t have the log file.
>> this should be useful to fix.
> 
> The LOGFILE problem was corrected in release 3.4.3.
the strange thing it IS happened in 3.4.3 but not in earlier. so it was
not corrected in 3.4.3 rather it''s goes wrong in 3.4.3. imho...

-- 
  Levente                               "Si vis pacem para bellum!"

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Farkas Levente

2007-May-28 09:27 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

Farkas Levente wrote:> Tom Eastep wrote:
>> Farkas Levente wrote:
>>> hi,
>>> we use shorewall and shorewall-lite and everything is configured on
a
>>> central server. until now i change something on the server and run:
>>> # shorewall reload portal
>>> but now i''ve got an error and it do not connect to the
portal neither
>>> reload shorewall with this error:
>>> -----------------------------------
>>>    WARNING: Shorewall startup is disabled. To enable startup, set
>>> STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
>>> LOGFILE (/var/log/netfilter.log) does not exist!
>>> -----------------------------------
>>> and of course on the central server we don''t run shorewall
so we don''t
>>> need to enable shorewall and don''t have the log file.
>>> this should be useful to fix.
>> The LOGFILE problem was corrected in release 3.4.3.
> 
> the strange thing it IS happened in 3.4.3 but not in earlier. so it was
> not corrected in 3.4.3 rather it''s goes wrong in 3.4.3. imho...
and it''s also strange that "shorewall reload -s portal" works
even with
3.4.3.


-- 
  Levente                               "Si vis pacem para bellum!"

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Tom Eastep

2007-May-28 10:07 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

Farkas Levente wrote:
> 
> the strange thing it IS happened in 3.4.3 but not in earlier. so it was
> not corrected in 3.4.3 rather it''s goes wrong in 3.4.3. imho...
> 
The problem only occurs when running as root.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Tom Eastep

2007-May-28 10:38 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

Tom Eastep wrote:> Farkas Levente wrote:
> 
>> the strange thing it IS happened in 3.4.3 but not in earlier. so it was
>> not corrected in 3.4.3 rather it''s goes wrong in 3.4.3.
imho...
>>
> 
> The problem only occurs when running as root.
Please try the attached patch. It is against the current 3.4 SVN so it
will apply with a 5-line offset.

I developed and tested the patch under Shorewall 4.0.0 Beta but because
I am currently away from home (and will be for the next week), I don''t
have access to my Shorewall 3.4 test system. I am therefore unable to
test the attached 3.4 version of the patch myself.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Farkas Levente

2007-May-28 12:51 UTC

head link

Re: shorewall-lite error (something happend in 3.4.3)

it seems to working (at least doesn''t stop anymore)
thanks the quick fix.
yours.

Tom Eastep wrote:> Tom Eastep wrote:
>> Farkas Levente wrote:
>>
>>> the strange thing it IS happened in 3.4.3 but not in earlier. so it
was
>>> not corrected in 3.4.3 rather it''s goes wrong in 3.4.3.
imho...
>>>
>> The problem only occurs when running as root.
> 
> Please try the attached patch. It is against the current 3.4 SVN so it
> will apply with a 5-line offset.
> 
> I developed and tested the patch under Shorewall 4.0.0 Beta but because
> I am currently away from home (and will be for the next week), I
don''t
> have access to my Shorewall 3.4 test system. I am therefore unable to
> test the attached 3.4 version of the patch myself.
> 
> -Tom
> 
> 
> ------------------------------------------------------------------------
> 
> Index: shorewall
> ==================================================================> ---
shorewall	(revision 6446)
> +++ shorewall	(working copy)
> @@ -152,15 +152,17 @@
>  	#
>  	export CONFIG_PATH
>  
> -	[ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
> +	if [ "$2" = Yes ]; then
> +	    [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
>  
> -	if [ -n "$(syslog_circular_buffer)" ]; then
> -	    LOGREAD="logread"
> -	elif [ -f $LOGFILE ]; then
> -	    LOGREAD="cat $LOGFILE"
> -	else
> -	    echo "LOGFILE ($LOGFILE) does not exist!" >&2
> -	    exit 2
> +	    if [ -n "$(syslog_circular_buffer)" ]; then
> +		LOGREAD="logread"
> +	    elif [ -f $LOGFILE ]; then
> +		LOGREAD="cat $LOGFILE"
> +	    else
> +		echo "LOGFILE ($LOGFILE) does not exist!" >&2
> +		exit 2
> +	    fi
>  	fi
>  
>  	if [ -n "$IPTABLES" ]; then
> @@ -196,20 +198,22 @@
>  
>  	export RESTOREFILE
>  
> -	case $STARTUP_ENABLED in
> -	    No|no|NO)
> -                echo "   WARNING: Shorewall startup is disabled. To
enable startup, set STARTUP_ENABLED=Yes in ${CONFDIR}/shorewall.conf"
>&2
> -		STARTUP_ENABLED> -		;;
> -	    Yes|yes|YES)
> -	        ;;
> -	    *)
> -		if [ -n "$STARTUP_ENABLED" ]; then
> -		    echo "   ERROR: Invalid Value for STARTUP_ENABLE:
$STARTUP_ENABLED" >&2
> -		    exit 2
> -		fi
> -		;;
> -	esac
> +	if [ "$2" = Yes ]; then
> +	    case $STARTUP_ENABLED in
> +		No|no|NO)
> +		    echo "   WARNING: Shorewall startup is disabled. To enable
startup, set STARTUP_ENABLED=Yes in ${CONFDIR}/shorewall.conf" >&2
> +		    STARTUP_ENABLED> +		    ;;
> +		Yes|yes|YES)
> +		    ;;
> +		*)
> +		    if [ -n "$STARTUP_ENABLED" ]; then
> +			echo "   ERROR: Invalid Value for STARTUP_ENABLE:
$STARTUP_ENABLED" >&2
> +			exit 2
> +		    fi
> +		    ;;
> +	    esac
> +	fi
>  
>  	case ${TC_ENABLED:=Internal} in
>  	    No|NO|no)
> @@ -1323,7 +1327,7 @@
>  
>  case "$COMMAND" in
>      start)
> -	get_config
> +	get_config No Yes
>  	shift
>  	start_command $@
>  	;;
> @@ -1339,12 +1343,12 @@
>  	compile_command $@
>  	;;
>      restart)
> -	get_config
> +	get_config No Yes
>  	shift
>  	restart_command $@
>  	;;
>      refresh)
> -	get_config
> +	get_config No Yes
>  	shift
>  	refresh_command $@
>  	;;
> 
> 
> ------------------------------------------------------------------------
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users

-- 
  Levente                               "Si vis pacem para bellum!"

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Shorewall users - May 2007 - shorewall-lite error (something happend in 3.4.3)

shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)

Re: shorewall-lite error (something happend in 3.4.3)