| 1 |
>>> # /etc/init.d/shorewall restart |
| 2 |
>>> * Stopping firewall ... |
| 3 |
>>> * Starting firewall ... |
| 4 |
>>> iptables: No chain/target/match by that name. |
| 5 |
>>> |
| 6 |
>>> How can I find out which chain/target/match I need to compile into the |
| 7 |
>>> kernel? shorewall-init.log does not indicate any problems and I have |
| 8 |
>>> LOG_VERBOSITY=2 in shorewall.conf which is the maximum. |
| 9 |
>> |
| 10 |
>> I hade the same problem. Using "shorewall trace restart" I could figure |
| 11 |
>> out which chain/target/match that was missing. |
| 12 |
> |
| 13 |
> Thanks, that got them. A couple oddities: |
| 14 |
> |
| 15 |
> 'shorewall trace restart' produced output the same as |
| 16 |
> shorewall-init.log which contained no info useful for this purpose. |
| 17 |
> However, 'shorewall trace restart > file.txt' sent completely |
| 18 |
> different output to file.txt which did contain all of the needed info. |
| 19 |
> How can that be? |
| 20 |
|
| 21 |
I didn't actually make the comparison between 'shorewall trace |
| 22 |
restart' and 'shorewall trace restart > file.txt'. I only compared |
| 23 |
the console output to the contents of file.txt after running the |
| 24 |
single command 'shorewall trace restart > file.txt'. Considering |
| 25 |
this, I think the above makes sense because it would have redirected |
| 26 |
certain output to the file and only the remaining output would have |
| 27 |
appeared on the console. |
| 28 |
|
| 29 |
- Grant |
| 30 |
|
| 31 |
|
| 32 |
> I got a lot of "No such file or directory" lines in file.txt for stuff |
| 33 |
> like -j LOGMARK, -m condition, -m geoip, -m ipp2p, nfacct which I |
| 34 |
> can't find in the kernel. Numerous other miscellaneous errors there |
| 35 |
> too. Ignore them if they aren't outputted by the initscript? |
| 36 |
> |
| 37 |
> - Grant |
Archives