Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Ryan Tandy <tarpman@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Looking for help with Shorewall
Date: Fri, 19 May 2006 05:12:50
Message-Id: 446D5142.8090509@gmail.com
In Reply to: [gentoo-user] Looking for help with Shorewall by Jerry
1 Jerry wrote:
2
3 > root@backup:/etc/shorewall # shorewall start
4 Any particular reason why you're running that instead of
5 /etc/init.d/shorewall start?
6
7 > Shorewall has detected the following iptables/netfilter capabilities:
8 > NAT: Not available
9 > Packet Mangling: Available
10 > Multi-port Match: Not available
11 > Connection Tracking Match: Not available
12 > Packet Type Match: Not available
13 > Policy Match: Not available
14 > Physdev Match: Not available
15 > IP range Match: Not available
16 > Recent Match: Not available
17 > Owner Match: Not available
18 > Ipset Match: Not available
19 > CONNMARK Target: Not available
20 > Connmark Match: Not available
21 > Raw Table: Available
22 > CLASSIFY Target: Not available
23 Hmmm... looks like you're missing a few fairly necessary components.
24 Might want to add a bit more to your iptables configuration in your
25 kernel config, or have some fun with modprobe.
26
27 > iptables: No chain/target/match by that name
28 > ERROR: Command "/sbin/iptables -A FORWARD -m state --state
29 > ESTABLISHED,RELATED -j ACCEPT" Failed
30 This is caused by the line "Connection Tracking Match: Not available" -
31 you need to build in to your kernel or modprobe the conntrack module.
32
33 > Now I cannot connect to the internet through the modem nor ssh to the
34 > other computer. I was able to do both before running shorewall start.
35 shorewall clear or /etc/init.d/shorewall clear
36
37 >
38 > root@backup:/etc/shorewall # /etc/init.d/iptables stop
39 > * Saving iptables state
40 > ... [ ok ]
41 > * Stopping firewall
42 > ... [ ok ]
43 You don't need to have iptables running for shorewall to work (I know I
44 don't).
45
46 delta ~ # /etc/init.d/shorewall status
47 * status: started
48 delta ~ # /etc/init.d/iptables status
49 * status: stopped
50
51 HTH.
52
53 Ryan
54 --
55 gentoo-user@g.o mailing list

Replies

Subject Author
Re: [gentoo-user] Looking for help with Shorewall Jerry Turba <jturba@×××××××.com>
Report Message
Find on MARC Find on Google Groups