1 |
>>> # /etc/init.d/shorewall restart |
2 |
>>> * Stopping firewall ... |
3 |
>>> * Starting firewall ... |
4 |
>>> iptables: No chain/target/match by that name. |
5 |
>>> |
6 |
>>> How can I find out which chain/target/match I need to compile into the |
7 |
>>> kernel? shorewall-init.log does not indicate any problems and I have |
8 |
>>> LOG_VERBOSITY=2 in shorewall.conf which is the maximum. |
9 |
>> |
10 |
>> I hade the same problem. Using "shorewall trace restart" I could figure |
11 |
>> out which chain/target/match that was missing. |
12 |
> |
13 |
> Thanks, that got them. A couple oddities: |
14 |
> |
15 |
> 'shorewall trace restart' produced output the same as |
16 |
> shorewall-init.log which contained no info useful for this purpose. |
17 |
> However, 'shorewall trace restart > file.txt' sent completely |
18 |
> different output to file.txt which did contain all of the needed info. |
19 |
> How can that be? |
20 |
|
21 |
I didn't actually make the comparison between 'shorewall trace |
22 |
restart' and 'shorewall trace restart > file.txt'. I only compared |
23 |
the console output to the contents of file.txt after running the |
24 |
single command 'shorewall trace restart > file.txt'. Considering |
25 |
this, I think the above makes sense because it would have redirected |
26 |
certain output to the file and only the remaining output would have |
27 |
appeared on the console. |
28 |
|
29 |
- Grant |
30 |
|
31 |
|
32 |
> I got a lot of "No such file or directory" lines in file.txt for stuff |
33 |
> like -j LOGMARK, -m condition, -m geoip, -m ipp2p, nfacct which I |
34 |
> can't find in the kernel. Numerous other miscellaneous errors there |
35 |
> too. Ignore them if they aren't outputted by the initscript? |
36 |
> |
37 |
> - Grant |