Hi Tom,
trying the port forwarding/NAT as discribed in
shorewall-4.4.11.2/html/FAQ.htm#DNS-DNAT
#shorewall version
4.4.11.2
#grep PPP /etc/shorewall/rules
DNAT loc loc:10.10.1.55 tcp www - $PPP0_IP
#grep PPP /etc/shorewall/init
PPP0_IP=`find_first_interface_address ppp0`
The method works fine when PPP0_IP is set from the params file, but fails on
''shorewall restart'' if tried from the init script
#shorewall trace restart
...snip...
GS-----> run_init_exit() {
GS----->
GS-----> progress_message2 Processing /etc/shorewall/init ...
GS----->
GS-----> #
GS-----> # Shorewall version 4 - Init File
GS-----> #
GS-----> # /etc/shorewall/init
GS-----> #
GS-----> # Add commands below that you want to be executed at the
beginning of
GS-----> # a "shorewall start" or "shorewall
restart" command.
GS-----> #
GS-----> # For additional information, see
GS-----> # http://shorewall.net/shorewall_extension_scripts.htm
GS-----> #
GS----->
###############################################################################
GS----->
GS-----> echo 1 > /proc/sys/net/ipv4/tcp_syncookies
GS----->
GS-----> PPP0_IP=`find_first_interface_address ppp0`
GS----->
GS----->
###############################################################################
GS-----> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
GS-----> }
...snip...
ERROR: Undefined shell variable ($PPP0_IP) : /etc/shorewall/rules (line 101)
at /usr/share/shorewall/Shorewall/Config.pm line 792
Shorewall::Config::fatal_error(''Undefined shell variable
($PPP0_IP)'')
called at /usr/share/shorewall/Shorewall/Config.pm line 1843
Shorewall::Config::read_a_line() called at
/usr/share/shorewall/Shorewall/Rules.pm line 1639
Shorewall::Rules::process_rules() called at
/usr/share/shorewall/Shorewall/Compiler.pm line 740
Shorewall::Compiler::compiler(''script'',
''/var/lib/shorewall/.restart'',
''directory'', '''',
''verbosity'', 1, ''timestamp'', 0,
''debug'', ...) called at
/usr/share/shorewall/compiler.pl line 111
need more info?
cheers,
Hellmut
------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can''t live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
On 8/13/10 9:49 PM, Hellmut Tümmler wrote:> Hi Tom, > > trying the port forwarding/NAT as discribed in > shorewall-4.4.11.2/html/FAQ.htm#DNS-DNAT > > #shorewall version > 4.4.11.2 > > #grep PPP /etc/shorewall/rules > DNAT loc loc:10.10.1.55 tcp www - $PPP0_IP > > #grep PPP /etc/shorewall/init > PPP0_IP=`find_first_interface_address ppp0` > > > The method works fine when PPP0_IP is set from the params file, but fails on > ''shorewall restart'' if tried from the init script > > > #shorewall trace restart > ...snip... > GS-----> run_init_exit() { > GS-----> > GS-----> progress_message2 Processing /etc/shorewall/init ... > GS-----> > GS-----> # > GS-----> # Shorewall version 4 - Init File > GS-----> # > GS-----> # /etc/shorewall/init > GS-----> # > GS-----> # Add commands below that you want to be executed at the > beginning of > GS-----> # a "shorewall start" or "shorewall restart" command. > GS-----> # > GS-----> # For additional information, see > GS-----> # http://shorewall.net/shorewall_extension_scripts.htm > GS-----> # > GS-----> > ############################################################################### > GS-----> > GS-----> echo 1 > /proc/sys/net/ipv4/tcp_syncookies > GS-----> > GS-----> PPP0_IP=`find_first_interface_address ppp0` > GS-----> > GS-----> > ############################################################################### > GS-----> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE > GS-----> } > > ...snip... > > ERROR: Undefined shell variable ($PPP0_IP) : /etc/shorewall/rules (line 101) > at /usr/share/shorewall/Shorewall/Config.pm line 792 > Shorewall::Config::fatal_error(''Undefined shell variable ($PPP0_IP)'') > called at /usr/share/shorewall/Shorewall/Config.pm line 1843 > Shorewall::Config::read_a_line() called at > /usr/share/shorewall/Shorewall/Rules.pm line 1639 > Shorewall::Rules::process_rules() called at > /usr/share/shorewall/Shorewall/Compiler.pm line 740 > Shorewall::Compiler::compiler(''script'', ''/var/lib/shorewall/.restart'', > ''directory'', '''', ''verbosity'', 1, ''timestamp'', 0, ''debug'', ...) called at > /usr/share/shorewall/compiler.pl line 111 > > > need more info?No - that section of the FAQ is in error. You should be using the technique described in http://www.shorewall.net/CompiledPrograms.html#Converting I''ll correct the FAQ. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On 8/14/10 6:58 AM, Tom Eastep wrote:> On 8/13/10 9:49 PM, Hellmut Tümmler wrote: >> Hi Tom, >> >> trying the port forwarding/NAT as discribed in >> shorewall-4.4.11.2/html/FAQ.htm#DNS-DNAT >> >> #shorewall version >> 4.4.11.2 >> >> #grep PPP /etc/shorewall/rules >> DNAT loc loc:10.10.1.55 tcp www - $PPP0_IP >> >> #grep PPP /etc/shorewall/init >> PPP0_IP=`find_first_interface_address ppp0` >> >> >> The method works fine when PPP0_IP is set from the params file, but fails on >> ''shorewall restart'' if tried from the init script >> >> >> #shorewall trace restart >> ...snip... >> GS-----> run_init_exit() { >> GS-----> >> GS-----> progress_message2 Processing /etc/shorewall/init ... >> GS-----> >> GS-----> # >> GS-----> # Shorewall version 4 - Init File >> GS-----> # >> GS-----> # /etc/shorewall/init >> GS-----> # >> GS-----> # Add commands below that you want to be executed at the >> beginning of >> GS-----> # a "shorewall start" or "shorewall restart" command. >> GS-----> # >> GS-----> # For additional information, see >> GS-----> # http://shorewall.net/shorewall_extension_scripts.htm >> GS-----> # >> GS-----> >> ############################################################################### >> GS-----> >> GS-----> echo 1 > /proc/sys/net/ipv4/tcp_syncookies >> GS-----> >> GS-----> PPP0_IP=`find_first_interface_address ppp0` >> GS-----> >> GS-----> >> ############################################################################### >> GS-----> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE >> GS-----> } >> >> ...snip... >> >> ERROR: Undefined shell variable ($PPP0_IP) : /etc/shorewall/rules (line 101) >> at /usr/share/shorewall/Shorewall/Config.pm line 792 >> Shorewall::Config::fatal_error(''Undefined shell variable ($PPP0_IP)'') >> called at /usr/share/shorewall/Shorewall/Config.pm line 1843 >> Shorewall::Config::read_a_line() called at >> /usr/share/shorewall/Shorewall/Rules.pm line 1639 >> Shorewall::Rules::process_rules() called at >> /usr/share/shorewall/Shorewall/Compiler.pm line 740 >> Shorewall::Compiler::compiler(''script'', ''/var/lib/shorewall/.restart'', >> ''directory'', '''', ''verbosity'', 1, ''timestamp'', 0, ''debug'', ...) called at >> /usr/share/shorewall/compiler.pl line 111 >> >> >> need more info? > > No - that section of the FAQ is in error. You should be using the > technique described in > http://www.shorewall.net/CompiledPrograms.html#ConvertingSorry -- I gave you an incorrect reference. Please read the Overview section at the top of that article. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev