dark_night@aol.es
2011-Aug-23 00:28 UTC
problems configuring shorewall in proxmox pve (debian5)
hello before asking my question I come My name is Santiago and I''m from Spain but I''m in Colombia I followed this guide: https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html but when I run shorewall check, this error occurs: Checking... Initializing... Determining Zones... IPv4 Zones: net loc Firewall Zone: fw Validating interfaces file... ERROR: Invalid zone (dmz) in record "dmz venet0 detect routeback" the guide does not talk about the / etc/shorewall / zzones, so it is by default file /etc/shorewall/zones: #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall net ipv4 loc ipv4 #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE best regards, Santiago. ------------------------------------------------------------------------------ Get a FREE DOWNLOAD! and learn more about uberSVN rich system, user administration capabilities and model configuration. Take the hassle out of deploying and managing Subversion and the tools developers use with it. http://p.sf.net/sfu/wandisco-d2d-2
On 23/08/2011 01:28, dark_night@aol.es wrote:> Validating interfaces file... > ERROR: Invalid zone (dmz) in record "dmz venet0 detect routeback"I think the problem is in your "interfaces" file? (From the error?) Perhaps check that? Ed W ------------------------------------------------------------------------------ Get a FREE DOWNLOAD! and learn more about uberSVN rich system, user administration capabilities and model configuration. Take the hassle out of deploying and managing Subversion and the tools developers use with it. http://p.sf.net/sfu/wandisco-d2d-2
Tom Eastep
2011-Aug-23 20:52 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
On Mon, 2011-08-22 at 20:28 -0400, dark_night@aol.es wrote:> hello > before asking my question I come > My name is Santiago and I''m from Spain but I''m in Colombia > I followed this guide: > https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html > > but when I run shorewall check, this error occurs: > Checking... > Initializing... > Determining Zones... > IPv4 Zones: net loc > Firewall Zone: fw > Validating interfaces file... > ERROR: Invalid zone (dmz) in record "dmz venet0 detect routeback" > the guide does not talk about the / etc/shorewall / zzones, so it is > by default > file /etc/shorewall/zones: > #ZONE TYPE OPTIONS IN OUT > # OPTIONS OPTIONS > fw firewall > net ipv4 > loc ipv4 > #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVEYou need to add the ''dmz'' zone to /etc/shorewall/zones. There is a good three-interface guide at http://www.shorewall.net/three-interface.htm -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient.
dark_night@aol.es
2011-Aug-23 22:06 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
hello Tom, thank you very much for this guide has served me well and my setup has been perfect I reiterate my thanks and a pleasure for me to be on this list best regards, Santiago. -----Original Message----- From: Tom Eastep <teastep@shorewall.net> To: Shorewall Users <shorewall-users@lists.sourceforge.net> Sent: Tue, Aug 23, 2011 3:55 pm Subject: Re: [Shorewall-users] problems configuring shorewall in proxmox pve (debian5) On Mon, 2011-08-22 at 20:28 -0400, dark_night@aol.es wrote:> hello > before asking my question I come > My name is Santiago and I''m from Spain but I''m in Colombia > I followed this guide: > https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html > > but when I run shorewall check, this error occurs: > Checking... > Initializing... > Determining Zones... > IPv4 Zones: net loc > Firewall Zone: fw > Validating interfaces file... > ERROR: Invalid zone (dmz) in record "dmz venet0 detect routeback" > the guide does not talk about the / etc/shorewall / zzones, so it is > by default > file /etc/shorewall/zones: > #ZONE TYPE OPTIONS IN OUT > # OPTIONSOPTIONS> fw firewall > net ipv4 > loc ipv4 > #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVEYou need to add the ''dmz'' zone to /etc/shorewall/zones. There is a good three-interface guide at http://www.shorewall.net/three-interface.htm -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------- ----- EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
Tom Eastep
2011-Aug-23 22:42 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
On Tue, 2011-08-23 at 18:06 -0400, dark_night@aol.es wrote:> hello Tom, > thank you very much for this guide > has served me well and my setup has been perfect > I reiterate my thanks and a pleasure for me to be on this list > best regards,Hello Santiago, Glad to hear that you got it working. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
dark_night@aol.es
2011-Aug-25 22:37 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
hello
unfortunately I have two other errors
when I try to add the SNAT rule for ssh in the ip 10.1.1.2 using te
example of the guide , when starting shorewall show me invalid action
on the rule
shorewall start when the configuration of the guide, I have this error:
Validating interfaces file...
WARNING: Invalid option (bridge) in record "dmz vmbr0 detect
routeback,bridge"
thanks for the help and I apologize for asking so much
best regards,
Santiago.
-----Original Message-----
From: Tom Eastep <teastep@shorewall.net>
To: Shorewall Users <shorewall-users@lists.sourceforge.net>
Sent: Tue, Aug 23, 2011 5:48 pm
Subject: Re: [Shorewall-users] problems configuring shorewall in
proxmox pve (debian5)
On Tue, 2011-08-23 at 18:06 -0400, dark_night@aol.es
wrote:> hello Tom,
> thank you very much for this guide
> has served me well and my setup has been perfect
> I reiterate my thanks and a pleasure for me to be on this list
> best regards,
Hello Santiago,
Glad to hear that you got it working.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-------------------------------------------------------------------------
-----
EMC VNX: the world''s simplest storage, starting under $10K
The only unified storage solution that offers unified management
Up to 160% more powerful than alternatives and 25% more efficient.
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
EMC VNX: the world''s simplest storage, starting under $10K
The only unified storage solution that offers unified management
Up to 160% more powerful than alternatives and 25% more efficient.
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
Tom Eastep
2011-Aug-25 23:19 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
On Thu, 2011-08-25 at 18:37 -0400, dark_night@aol.es wrote:> hello > unfortunately I have two other errors > when I try to add the SNAT rule for ssh in the ip 10.1.1.2 using te > example of the guide , when starting shorewall show me invalid action > on the rule > shorewall start when the configuration of the guide, I have this error: > > Validating interfaces file... > WARNING: Invalid option (bridge) in record "dmz vmbr0 detect > routeback,bridge" > > thanks for the help and I apologize for asking so muchLooks like you have an old version of Shorewall. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
dark_night@aol.es
2011-Aug-25 23:51 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
hello tom, my shorewall version is: 4.0.15 ¿wath repo contain most updated version? best regards, Santiago. -----Original Message----- From: Tom Eastep <teastep@shorewall.net> To: Shorewall Users <shorewall-users@lists.sourceforge.net> Sent: Thu, Aug 25, 2011 6:26 pm Subject: Re: [Shorewall-users] problems configuring shorewall in proxmox pve (debian5) On Thu, 2011-08-25 at 18:37 -0400, dark_night@aol.es wrote:> hello > unfortunately I have two other errors > when I try to add the SNAT rule for ssh in the ip 10.1.1.2 using te > example of the guide , when starting shorewall show me invalidaction> on the rule > shorewall start when the configuration of the guide, I have thiserror:> > Validating interfaces file... > WARNING: Invalid option (bridge) in record "dmz vmbr0 detect > routeback,bridge" > > thanks for the help and I apologize for asking so muchLooks like you have an old version of Shorewall. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------- ----- EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
Fábio Rabelo
2011-Aug-26 00:17 UTC
Re: problems configuring shorewall in proxmox pve (debian5)
Follow this page : http://people.connexer.com/~roberto/debian/ Fábio Rabelo 2011/8/25 <dark_night@aol.es>> hello tom, > my shorewall version is: 4.0.15 > ¿wath repo contain most updated version? > best regards, > Santiago. > -----Original Message----- > From: Tom Eastep <teastep@shorewall.net> > To: Shorewall Users <shorewall-users@lists.sourceforge.net> > Sent: Thu, Aug 25, 2011 6:26 pm > Subject: Re: [Shorewall-users] problems configuring shorewall in > proxmox pve (debian5) > > On Thu, 2011-08-25 at 18:37 -0400, dark_night@aol.es wrote: > > hello > > unfortunately I have two other errors > > when I try to add the SNAT rule for ssh in the ip 10.1.1.2 using te > > example of the guide , when starting shorewall show me invalid > action > > on the rule > > shorewall start when the configuration of the guide, I have this > error: > > > > Validating interfaces file... > > WARNING: Invalid option (bridge) in record "dmz vmbr0 detect > > routeback,bridge" > > > > thanks for the help and I apologize for asking so much > > Looks like you have an old version of Shorewall. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------- > ----- > EMC VNX: the world''s simplest storage, starting under $10K > The only unified storage solution that offers unified management > Up to 160% more powerful than alternatives and 25% more efficient. > Guaranteed. > > http://p.sf.net/sfu/emc-vnx-dev2dev_______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > > > > ------------------------------------------------------------------------------ > EMC VNX: the world''s simplest storage, starting under $10K > The only unified storage solution that offers unified management > Up to 160% more powerful than alternatives and 25% more efficient. > Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------------ EMC VNX: the world''s simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev