# cat interfaces
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
world br0 detect bridge
net br0:eth0
loc br0:eth1
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# cat zones
###############################################################################
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
world ipv4
net:world bport
loc:world bport
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
error trace:
+ ''['' 2 -gt 1 '']''
+ shift
+ ''['' xworld = xworld '']''
+ return 0
+ ''['' 3 -gt 5 '']''
+ case "$zone" in
+ ''['' -n Yes '']''
+ case ${type:=ipv4} in
+ ''['' compiler = compiler '']''
+ startup_error ''Invalid Zone Type: bport''
+ echo '' ERROR: Invalid Zone Type: bport''
ERROR: Invalid Zone Type: bport
+ ''['' -n /tmp/shorewall.G11503 '']''
+ rm -rf /tmp/shorewall.G11503
+ ''['' -n /tmp/shorewall.G11503/compiler_state/shorewall.H12059
'']''
+ rm -f /tmp/shorewall.G11503/compiler_state/shorewall.H12059
+ kill 11492
/sbin/shorewall: line 384: 11492 Terminated $command
$SHOREWALL_SHELL $sc $@
[root@localhost shorewall]# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0
0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 br0
Thanks for any help.
why? its all ok but not work.
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
Joel Cappellesso wrote:> # cat zones > ############################################################################### > #ZONE TYPE OPTIONS IN OUT > # OPTIONS OPTIONS > fw firewall > world ipv4 > net:world bport > loc:world bport > #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE > + echo '' ERROR: Invalid Zone Type: bport'' > ERROR: Invalid Zone Type: bport > > > why? its all ok but not work.Because bport zones are only supported by Shorewall-perl and you are using Shorewall-shell. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Thanks, [root@localhost shorewall]# rpm -qa |grep shorewall shorewall-4.2.5-1 shorewall-perl-4.2.5-1 shorewall-shell-4.2.5-1 [root@localhost shorewall]# rpm -e shorewall-shell and shorewall check its ok now. 2009/1/29, Shorewall Guy <shorewalljunky@comcast.net>:> Joel Cappellesso wrote: > >> # cat zones >> ############################################################################### >> #ZONE TYPE OPTIONS IN OUT >> # OPTIONS OPTIONS >> fw firewall >> world ipv4 >> net:world bport >> loc:world bport >> #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE >> + echo '' ERROR: Invalid Zone Type: bport'' >> ERROR: Invalid Zone Type: bport >> >> >> why? its all ok but not work. > > Because bport zones are only supported by Shorewall-perl and you are > using Shorewall-shell. > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Joel Cappellesso wrote:> Thanks, > > [root@localhost shorewall]# rpm -qa |grep shorewall > shorewall-4.2.5-1 > shorewall-perl-4.2.5-1 > shorewall-shell-4.2.5-1 > [root@localhost shorewall]# rpm -e shorewall-shell > and > shorewall check its ok now.Note that there is no reason to remove shorewall-shell if you want the default compiler to be Shorewall-perl. Simply set SHOREWALL_COMPILER=perl in shorewall.conf. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword