| 1 |
Hi, |
| 2 |
|
| 3 |
I'm trying to configure snat with shorewall. I read all manual on the official |
| 4 |
site + some Gentoo Wiki topics. I made test configuration, but shorewall |
| 5 |
start didn't start and I can't understand where is the problem. |
| 6 |
|
| 7 |
Thank you for any suggestion |
| 8 |
|
| 9 |
#shorewall show capatibilities: |
| 10 |
Shorewall-3.2.9 Chains capatibilities at enigma - Tue Jul 24 16:12:35 EEST |
| 11 |
2007 |
| 12 |
iptables: No chain/target/match by that name |
| 13 |
|
| 14 |
#shorewall start log: |
| 15 |
|
| 16 |
Compiling... |
| 17 |
Determining Zones... |
| 18 |
IPv4 Zones: net loc |
| 19 |
Firewall Zone: fw |
| 20 |
Validating interfaces file... |
| 21 |
Validating hosts file... |
| 22 |
Validating Policy file... |
| 23 |
Determining Hosts in Zones... |
| 24 |
net Zone: ppp0:0.0.0.0/0 |
| 25 |
loc Zone: eth1:192.168.3.0/24 |
| 26 |
Pre-processing Actions... |
| 27 |
Pre-processing /usr/share/shorewall/action.Drop... |
| 28 |
Pre-processing /usr/share/shorewall/action.Reject... |
| 29 |
Pre-processing /usr/share/shorewall/action.Limit... |
| 30 |
Deleting user chains... |
| 31 |
Compiling /etc/shorewall/routestopped ... |
| 32 |
Compiling Accounting... |
| 33 |
Creating Interface Chains... |
| 34 |
Compiling Proxy ARP |
| 35 |
Compiling NAT... |
| 36 |
Compiling NETMAP... |
| 37 |
Compiling Common Rules |
| 38 |
Adding Anti-smurf Rules |
| 39 |
Adding rules for DHCP |
| 40 |
Enabling RFC1918 Filtering |
| 41 |
Compiling TCP Flags checking... |
| 42 |
Compiling Kernel Route Filtering... |
| 43 |
Compiling Martian Logging... |
| 44 |
Compiling IP Forwarding... |
| 45 |
Compiling /etc/shorewall/rules... |
| 46 |
Compiling /etc/shorewall/tunnels... |
| 47 |
Compiling Actions... |
| 48 |
Compiling /usr/share/shorewall/action.Drop for Chain Drop... |
| 49 |
Compiling /usr/share/shorewall/action.Reject for Chain Reject... |
| 50 |
Compiling /etc/shorewall/policy... |
| 51 |
WARNING: NAT disabled; masq rule ignored |
| 52 |
Compiling /etc/shorewall/tos... |
| 53 |
Compiling /etc/shorewall/ecn... |
| 54 |
Compiling Traffic Control Rules... |
| 55 |
Validating /etc/shorewall/tcdevices... |
| 56 |
Validating /etc/shorewall/tcclasses... |
| 57 |
Compiling Rule Activation... |
| 58 |
Compiling Refresh of Black List... |
| 59 |
Compiling Refresh of /etc/shorewall/ecn... |
| 60 |
Validating /etc/shorewall/tcdevices... |
| 61 |
Validating /etc/shorewall/tcclasses... |
| 62 |
Shorewall configuration compiled to /var/lib/shorewall/.start |
| 63 |
Processing /etc/shorewall/params ... |
| 64 |
Starting Shorewall.... |
| 65 |
Initializing... |
| 66 |
Processing /etc/shorewall/init ... |
| 67 |
Clearing Traffic Control/QOS |
| 68 |
Deleting user chains... |
| 69 |
iptables: No chain/target/match by that name |
| 70 |
ERROR: Command "/sbin/iptables -A FORWARD -m state --state |
| 71 |
ESTABLISHED,RELATED -j ACCEPT" Failed |
| 72 |
Processing /etc/shorewall/stop ... |
| 73 |
iptables: No chain/target/match by that name |
| 74 |
iptables: No chain/target/match by that name |
| 75 |
IP Forwarding Enabled |
| 76 |
Processing /etc/shorewall/stopped ... |
| 77 |
/sbin/shorewall: line 529: 9682 Terminated ${VARDIR}/.start |
| 78 |
$debugging start |
| 79 |
|
| 80 |
|
| 81 |
-- |
| 82 |
best regards, |
| 83 |
Aleksey V. Kunitskiy |
| 84 |
my public GPG/PGP key: http://www.alexey-kv.org.ua/pubkey.asc |
Archives