Hi list!
I am configuring Shorewall on a Xen domU virtual machine.
I configured only the zones, interfaces, rules, policy and shorewall.conf files.
When I run "shorewall check" there aren''t no problems, but
when I try
to start shorewall I get this error a lot of time:
iptables: Invalid argument
ip6tables v1.3.6: can''t initialize ip6tables table `filter'':
Bad file descriptor
and the Shorewall starting process ends with
/sbin/shorewall: line 656: 25228 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
What''s the problem?
I googled for this problem and it seems to be a kernel bug, but I am
in a domU...
Thank you very much!
Bye.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
shacky wrote:> Hi list! > > I am configuring Shorewall on a Xen domU virtual machine. > I configured only the zones, interfaces, rules, policy and shorewall.conf files. > When I run "shorewall check" there aren''t no problems, but when I try > to start shorewall I get this error a lot of time: > > iptables: Invalid argument > ip6tables v1.3.6: can''t initialize ip6tables table `filter'': Bad file descriptor > > and the Shorewall starting process ends with > > /sbin/shorewall: line 656: 25228 Terminated > $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart > > What''s the problem? > I googled for this problem and it seems to be a kernel bug, but I am > in a domU...Running in a domU does not preclude kernel bugs. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Tom Eastep wrote:> shacky wrote: >> Hi list! >> >> I am configuring Shorewall on a Xen domU virtual machine. >> I configured only the zones, interfaces, rules, policy and shorewall.conf files. >> When I run "shorewall check" there aren''t no problems, but when I try >> to start shorewall I get this error a lot of time: >> >> iptables: Invalid argument >> ip6tables v1.3.6: can''t initialize ip6tables table `filter'': Bad file descriptor >> >> and the Shorewall starting process ends with >> >> /sbin/shorewall: line 656: 25228 Terminated >> $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart >> >> What''s the problem? >> I googled for this problem and it seems to be a kernel bug, but I am >> in a domU... > > Running in a domU does not preclude kernel bugs.Also, ''Invalid argument'' iptables errors often indicate that your iptables is incompatible with your kernel. Did you build the iptables in the domU against the domU kernel source tree? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> Also, ''Invalid argument'' iptables errors often indicate that your iptables > is incompatible with your kernel. Did you build the iptables in the domU > against the domU kernel source tree?I don''t know, as I am not the administrator of the dom0 and I have not compiled the domU kernel... ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/