Hi,>From what I read at Shorewall''s docs;http://www.shorewall.net/configuration_file_basics.htm It''s my understanding when you receive this warning when you start/restart Shorewall this is because you have more then one adapter listed in the interfaces and since it is not active then this is the normal response from Shorewall, is this correct? If this is correct I noticed using kernel version 2.6.36.4 it does not give me any such warnings, but with kernel 3.0 it does. I''m not sure why from one kernel version to another you get the message or you don''t, as I''m not aware of any kernel differences/options that should cause this behaviour. Why would this happen this way? THANKS ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don''t ask for help often. Plus, you''ll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey
Hi, Any thought on this from anyone as to why from one kernel version to another this behaviour changes? Thanks... On Sun, Jul 31, 2011 at 1:35 PM, Das <dasfox@gmail.com> wrote:> Hi, > > From what I read at Shorewall''s docs; > > http://www.shorewall.net/configuration_file_basics.htm > > It''s my understanding when you receive this warning when you > start/restart Shorewall this is because you have more then one adapter > listed in the interfaces and since it is not active then this is the > normal response from Shorewall, is this correct? > > If this is correct I noticed using kernel version 2.6.36.4 it does not > give me any such warnings, but with kernel 3.0 it does. > > I''m not sure why from one kernel version to another you get the > message or you don''t, as I''m not aware of any kernel > differences/options that should cause this behaviour. Why would this > happen this way? > > > > THANKS >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
On Aug 4, 2011, at 6:03 PM, Das wrote:> On Sun, Jul 31, 2011 at 1:35 PM, Das <dasfox@gmail.com> wrote: > Hi, > > >From what I read at Shorewall''s docs; > > http://www.shorewall.net/configuration_file_basics.htm > > It''s my understanding when you receive this warning when you > start/restart Shorewall this is because you have more then one adapter > listed in the interfaces and since it is not active then this is the > normal response from Shorewall, is this correct? > > If this is correct I noticed using kernel version 2.6.36.4 it does not > give me any such warnings, but with kernel 3.0 it does. > > I''m not sure why from one kernel version to another you get the > message or you don''t, as I''m not aware of any kernel > differences/options that should cause this behaviour. Why would this > happen this way? > > Any thought on this from anyone as to why from one kernel version to another this behaviour changes?This warning is issued when ''log_martians'' is specified on an interface but the pseudo file /proc/sys/net/ipv4/<interface>/log_martians does not exist when the firewall is started. That has nothing to do with kernel version but may be affected by when in the startup sequence Shorewall is started. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
Hi, I do not have /proc/sys/net/ipv4/<interface>/log_martians when running kernel, 2.6.36.4 or 3.0.0 and if I restart Shorewall from the cmd line in a terminal as; /etc/rc.d/rc.shorewall restart When running the 3.0.0 kernel, I see at the terminal it saying; Cannot set Martian logging on wlan0 But if I run the kernel 2.6.36.4 I do not get this message when restarting Shorewall in the terminal, so then how is that possible? Here''s the output when restarting running 2.6.36.4; http://pastebin.com/LmM5Br0u Here''s the output when restarting running 3.0.0; (Line 40) http://pastebin.com/jtZMStv8 Thanks.... On Thu, Aug 4, 2011 at 3:21 PM, Tom Eastep <teastep@shorewall.net> wrote:> > On Aug 4, 2011, at 6:03 PM, Das wrote: > > On Sun, Jul 31, 2011 at 1:35 PM, Das <dasfox@gmail.com> wrote: >> >> Hi, >> >> >From what I read at Shorewall''s docs; >> >> http://www.shorewall.net/configuration_file_basics.htm >> >> It''s my understanding when you receive this warning when you >> start/restart Shorewall this is because you have more then one adapter >> listed in the interfaces and since it is not active then this is the >> normal response from Shorewall, is this correct? >> >> If this is correct I noticed using kernel version 2.6.36.4 it does not >> give me any such warnings, but with kernel 3.0 it does. >> >> I''m not sure why from one kernel version to another you get the >> message or you don''t, as I''m not aware of any kernel >> differences/options that should cause this behaviour. Why would this >> happen this way? > > Any thought on this from anyone as to why from one kernel version to another this behaviour changes? > > This warning is issued when ''log_martians'' is specified on an interface but the pseudo file /proc/sys/net/ipv4/<interface>/log_martians does not exist when the firewall is started. That has nothing to do with kernel version but may be affected by when in the startup sequence Shorewall is started. > -Tom > > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
On Thu, 2011-08-04 at 17:57 -1000, Das wrote:> Hi, > > I do not have /proc/sys/net/ipv4/<interface>/log_martians when running > kernel, 2.6.36.4 or 3.0.0 and if I restart Shorewall from the cmd line > in a terminal as; > > /etc/rc.d/rc.shorewall restart > > When running the 3.0.0 kernel, I see at the terminal it saying; > > Cannot set Martian logging on wlan0 > > But if I run the kernel 2.6.36.4 I do not get this message when > restarting Shorewall in the terminal, so then how is that possible? > > Here''s the output when restarting running 2.6.36.4; > http://pastebin.com/LmM5Br0u > > > Here''s the output when restarting running 3.0.0; (Line 40) > http://pastebin.com/jtZMStv8Is /proc mounted? Are there any entries in /proc/sys/net/? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
On Fri, 2011-08-05 at 06:03 -0700, Tom Eastep wrote:> On Thu, 2011-08-04 at 17:57 -1000, Das wrote: > > > Hi, > > > > I do not have /proc/sys/net/ipv4/<interface>/log_martians when running > > kernel, 2.6.36.4 or 3.0.0 and if I restart Shorewall from the cmd line > > in a terminal as; > > > > /etc/rc.d/rc.shorewall restart > > > > When running the 3.0.0 kernel, I see at the terminal it saying; > > > > Cannot set Martian logging on wlan0That means that /proc/sys/net/ipv4/wlan0/log_martians does not exist. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
Hi, Yes /proc/sys is mounted when running both kernels... Here''s the entries on both kernels; biz@slackware:/proc/sys/net$ ls core/ ipv4/ ipv6/ netfilter/ nf_conntrack_max unix/ Yes I understand that /proc/sys/net/ipv4/wlan0/log_martians does not exist and it does not exist for both kernels, so to me, I''m assuming that means for both kernels when I restart shorewall from the terminal, then both kernels should be saying; WARNING: Cannot set Martian logging on wlan0, but they don''t only 3.0.0 does. Seems odd that if the /proc/sys/net/ipv4/wlan0/log_martians does not exist for the 2.6.36.4 kernel, then why wouldn''t it also give me the warning message? THANKS On Fri, Aug 5, 2011 at 3:13 AM, Tom Eastep <teastep@shorewall.net> wrote:> ** > On Fri, 2011-08-05 at 06:03 -0700, Tom Eastep wrote: > > On Thu, 2011-08-04 at 17:57 -1000, Das wrote: > > Hi, > > I do not have /proc/sys/net/ipv4/<interface>/log_martians when running > kernel, 2.6.36.4 or 3.0.0 and if I restart Shorewall from the cmd line > in a terminal as; > > /etc/rc.d/rc.shorewall restart > > When running the 3.0.0 kernel, I see at the terminal it saying; > > Cannot set Martian logging on wlan0 > > That means that /proc/sys/net/ipv4/wlan0/log_martians does not exist. > > > -Tom > > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his carhttp://shorewall.net \________________________________________________ > > > > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
On Fri, 2011-08-05 at 17:43 -1000, Das wrote:> Yes /proc/sys is mounted when running both kernels... > > Here''s the entries on both kernels; > > biz@slackware:/proc/sys/net$ ls > core/ ipv4/ ipv6/ netfilter/ nf_conntrack_max unix/ > > Yes I understand that /proc/sys/net/ipv4/wlan0/log_martians does not > exist and it does not exist for both kernels, so to me, I''m assuming > that means for both kernels when I restart shorewall from the > terminal, then both kernels should be saying; WARNING: Cannot set > Martian logging on wlan0, but they don''t only 3.0.0 does. > > Seems odd that if the /proc/sys/net/ipv4/wlan0/log_martians does not > exist for the 2.6.36.4 kernel, then why wouldn''t it also give me the > warning message?wlan0 is ''optional'' in the 4.6.36.4 /etc/shorewall/interfaces? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
Hi, Sorry not sure what you mean by ''optional''? This is my interfaces; (everything is the same for both kernels, I have two kernels I can boot on Slack) #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect dhcp,tcpflags,logmartians,nosmurfs net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs # OpenVPN Interface vpn tun0 detect vpn tap0 detect #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect dhcp,tcpflags,logmartians,nosmurfs net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs # OpenVPN Interface vpn tun0 detect vpn tap0 detect Thanks tha On Sat, Aug 6, 2011 at 3:26 AM, Tom Eastep <teastep@shorewall.net> wrote:> On Fri, 2011-08-05 at 17:43 -1000, Das wrote: > >> Yes /proc/sys is mounted when running both kernels... >> >> Here''s the entries on both kernels; >> >> biz@slackware:/proc/sys/net$ ls >> core/ ipv4/ ipv6/ netfilter/ nf_conntrack_max unix/ >> >> Yes I understand that /proc/sys/net/ipv4/wlan0/log_martians does not >> exist and it does not exist for both kernels, so to me, I''m assuming >> that means for both kernels when I restart shorewall from the >> terminal, then both kernels should be saying; WARNING: Cannot set >> Martian logging on wlan0, but they don''t only 3.0.0 does. >> >> Seems odd that if the /proc/sys/net/ipv4/wlan0/log_martians does not >> exist for the 2.6.36.4 kernel, then why wouldn''t it also give me the >> warning message? > > wlan0 is ''optional'' in the 4.6.36.4 /etc/shorewall/interfaces? > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
Sorry my keyboard is acting up and I didn''t realize it made it copies... :( THANKS On Sat, Aug 6, 2011 at 2:51 PM, Das <dasfox@gmail.com> wrote:> Hi, > > Sorry not sure what you mean by ''optional''? > > This is my interfaces; (everything is the same for both kernels, I > have two kernels I can boot on Slack) > > > #ZONE INTERFACE BROADCAST OPTIONS > > net eth0 detect dhcp,tcpflags,logmartians,nosmurfs > net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs > > # OpenVPN Interface > vpn tun0 detect > vpn tap0 detect > > #ZONE INTERFACE BROADCAST OPTIONS > > net eth0 detect dhcp,tcpflags,logmartians,nosmurfs > net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs > > # OpenVPN Interface > vpn tun0 detect > vpn tap0 detect > > > Thanks > > > tha > > > On Sat, Aug 6, 2011 at 3:26 AM, Tom Eastep <teastep@shorewall.net> wrote: >> On Fri, 2011-08-05 at 17:43 -1000, Das wrote: >> >>> Yes /proc/sys is mounted when running both kernels... >>> >>> Here''s the entries on both kernels; >>> >>> biz@slackware:/proc/sys/net$ ls >>> core/ ipv4/ ipv6/ netfilter/ nf_conntrack_max unix/ >>> >>> Yes I understand that /proc/sys/net/ipv4/wlan0/log_martians does not >>> exist and it does not exist for both kernels, so to me, I''m assuming >>> that means for both kernels when I restart shorewall from the >>> terminal, then both kernels should be saying; WARNING: Cannot set >>> Martian logging on wlan0, but they don''t only 3.0.0 does. >>> >>> Seems odd that if the /proc/sys/net/ipv4/wlan0/log_martians does not >>> exist for the 2.6.36.4 kernel, then why wouldn''t it also give me the >>> warning message? >> >> wlan0 is ''optional'' in the 4.6.36.4 /etc/shorewall/interfaces? >> >> -Tom >> -- >> Tom Eastep \ When I die, I want to go like my Grandfather who >> Shoreline, \ died peacefully in his sleep. Not screaming like >> Washington, USA \ all of the passengers in his car >> http://shorewall.net \________________________________________________ >> >> >> ------------------------------------------------------------------------------ >> BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA >> The must-attend event for mobile developers. Connect with experts. >> Get tools for creating Super Apps. See the latest technologies. >> Sessions, hands-on labs, demos & much more. Register early & save! >> http://p.sf.net/sfu/rim-blackberry-1 >> _______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >> >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
Hi, My bad, missed a kernel option in 3.0x all is good now... THANKS On Sat, Aug 6, 2011 at 2:52 PM, Das <dasfox@gmail.com> wrote:> Sorry my keyboard is acting up and I didn''t realize it made it copies... :( > > > THANKS > > > > On Sat, Aug 6, 2011 at 2:51 PM, Das <dasfox@gmail.com> wrote: >> Hi, >> >> Sorry not sure what you mean by ''optional''? >> >> This is my interfaces; (everything is the same for both kernels, I >> have two kernels I can boot on Slack) >> >> >> #ZONE INTERFACE BROADCAST OPTIONS >> >> net eth0 detect dhcp,tcpflags,logmartians,nosmurfs >> net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs >> >> # OpenVPN Interface >> vpn tun0 detect >> vpn tap0 detect >> >> #ZONE INTERFACE BROADCAST OPTIONS >> >> net eth0 detect dhcp,tcpflags,logmartians,nosmurfs >> net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs >> >> # OpenVPN Interface >> vpn tun0 detect >> vpn tap0 detect >> >> >> Thanks >> >> >> tha >> >> >> On Sat, Aug 6, 2011 at 3:26 AM, Tom Eastep <teastep@shorewall.net> wrote: >>> On Fri, 2011-08-05 at 17:43 -1000, Das wrote: >>> >>>> Yes /proc/sys is mounted when running both kernels... >>>> >>>> Here''s the entries on both kernels; >>>> >>>> biz@slackware:/proc/sys/net$ ls >>>> core/ ipv4/ ipv6/ netfilter/ nf_conntrack_max unix/ >>>> >>>> Yes I understand that /proc/sys/net/ipv4/wlan0/log_martians does not >>>> exist and it does not exist for both kernels, so to me, I''m assuming >>>> that means for both kernels when I restart shorewall from the >>>> terminal, then both kernels should be saying; WARNING: Cannot set >>>> Martian logging on wlan0, but they don''t only 3.0.0 does. >>>> >>>> Seems odd that if the /proc/sys/net/ipv4/wlan0/log_martians does not >>>> exist for the 2.6.36.4 kernel, then why wouldn''t it also give me the >>>> warning message? >>> >>> wlan0 is ''optional'' in the 4.6.36.4 /etc/shorewall/interfaces? >>> >>> -Tom >>> -- >>> Tom Eastep \ When I die, I want to go like my Grandfather who >>> Shoreline, \ died peacefully in his sleep. Not screaming like >>> Washington, USA \ all of the passengers in his car >>> http://shorewall.net \________________________________________________ >>> >>> >>> ------------------------------------------------------------------------------ >>> BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA >>> The must-attend event for mobile developers. Connect with experts. >>> Get tools for creating Super Apps. See the latest technologies. >>> Sessions, hands-on labs, demos & much more. Register early & save! >>> http://p.sf.net/sfu/rim-blackberry-1 >>> _______________________________________________ >>> Shorewall-users mailing list >>> Shorewall-users@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/shorewall-users >>> >>> >> >------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1