From: Tom E. <te...@sh...> - 2005-12-30 15:18:46
|
On Friday 30 December 2005 06:54, kenn wrote: > Tom Eastep wrote: > >On Thursday 29 December 2005 13:27, kenn wrote: > >>Greetings. > >> > >>In summary, I installed shorewall 2.2.3 on Debian Sarge, and got error > >>messages when trying to start it. Seeing that that version is no longer > >>supported, I installed 3.0.3 and once again tried to start shorewall. > >>It failed, saying that there was an error in my zones file. I've > >>attached the trace ... Also attached is the result of "shorewall show" > >>.... > >> > >> > >>Any and all help appreciated. > > > >Debian users seem to be having a hard time with this. I suggest that you > >carefully read the release notes linked from the top of the Shorewall ho= me > >page. There you will learn that you must have IPSECFILE=3Dipsec > >in /etc/shorewall/shorewall.conf if you want to use your > >old /etc/shorewall/zones file. > > > >-Tom > > Okay, I did that, but when I run shorewall check, I still get the > following: -------------- > > Loading /usr/share/shorewall/functions... > Processing /etc/shorewall/shorewall.conf... > Loading Modules... > Shorewall has detected the following iptables/netfilter capabilities: > NAT: Available > Packet Mangling: Available > Multi-port Match: Available > Extended Multi-port Match: Not available > Connection Tracking Match: Available > Packet Type Match: Available > Policy Match: Not available > Physdev Match: Available > IP range Match: Available > Recent Match: Available > Owner Match: Available > Ipset Match: Not available > CONNMARK Target: Not available > Connmark Match: Not available > Raw Table: Available > CLASSIFY Target: Available > Verifying Configuration... > Determining Zones... > ERROR: Illegal zone name "1" in zones file > > ----------------- > > /etc/shorewall/zones looks like this: > > 1 Red Red > Err -- zone short names must start with a letter. "1" is not a valid zone=20 name. You look like you are flailing around in the dark. I suggest that you go to=20 http://www.shorewall.net/shorewall_quickstart_guide.htm and learn how =20 quickly and easily set up Shorewall. =2DTom =2D-=20 Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |