From: Ljubomir L. <of...@pl...> - 2009-04-20 12:53:33
|
I sent an mail with non compressed attachments but it got held up so I canceled it so I repeating the mail: Tom Eastep wrote: > You failed to mention which version of Shorewall you are running; the > banner from the output of 'shorewall status' quoted in your post allows > us to know that it is 4.2.7. The fact that 'iptables-restore' is failing > allows us to deduce that you are running Shorewall-perl. > Yes, I see I forgot that peace of information. Yes, version is 4.2.7(-3) and I use perl variant. I rebuilded rpm from Fedora source repository. Patches in spec file show following patches applied: Patch301: ftp://ftp.shorewall.net/pub/shorewall/4.2/shorewall-4.2.7/patch-perl-4.2.7.1 Patch302: ftp://ftp.shorewall.net/pub/shorewall/4.2/shorewall-4.2.7/patch-perl-4.2.7.2 > This next bit is significant: > > Restarting shorewall: iptables-restore v1.3.5: Bad mac address `-j' > Error occurred at line: 32 > Try `iptables-restore -h' or 'iptables-restore --help' for more > information. > ERROR: iptables-restore Failed. Input is in > /var/lib/shorewall/.iptables-restore-input > /sbin/shorewall: line 756: 12573 Terminated > $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart > > If we had the file /var/lib/shorewall/.iptables-restore-input, then we > could see what command is failing. From that, we might guess why an > invalid command was being generated. That file accompanied by the output > of "shorewall dump" captured when the firewall is finally up and running > would give us a good chance of solving the problem. > > -Tom > I do not know the internals of shorewall, and this is my first (possible) bug report so I relied on the fact you will ask for relevant information. I added both requests as file attachments. Ljubomir |