I have three production Shorewall installs, two of which are on 9.2. If it was broken, I wouldn't have been online for the last month :-) I'll buy that Webmin's configuration of Shorewall is broken, or that drakfw's configuration is broken, but 9.2's Shorewall is just fine.
On Fri, 2003-11-14 at 13:45, Lawson, Jim wrote: > Thomas I will Monday. I installed iptables and it works. 9.2 shore wall is > broken. I did the same think I did at home for 9.0 in control center and it > works. Just on 9.2 it's broken. > > -----Original Message----- > From: Thomas Backlund [mailto:[EMAIL PROTECTED] > Sent: Friday, November 14, 2003 4:27 PM > To: [EMAIL PROTECTED] > Subject: Re: [expert] shorewall > > > From: "Lawson, Jim" <[EMAIL PROTECTED]> > > > > Did this below still nothing everything stops... Can you help more Please. > > > > the three last lines of /etc/shorewall/routestopped should be: > --- cut --- > #INTERFACE HOST(S) > eth0 > #LAST LINE... > --- cut --- > > > [EMAIL PROTECTED] shorewall]# service shorewall check > > Loading /usr/share/shorewall/functions... > > Processing /etc/shorewall/params ... > > Processing /etc/shorewall/shorewall.conf... > > > > Notice: The 'check' command is unsupported and problem > > reports complaining about errors that it didn't catch > > will not be accepted > > > > Shorewall has detected the following iptables/netfilter capabilities: > > NAT: Available > > Packet Mangling: Available > > Multi-port Match: Available > > Connection Tracking Match: Available > > Verifying Configuration... > > Loading Modules... > > Determining Zones... > > Zones: net loc > > Validating interfaces file... > > Warning: Invalid option (routestopped) in record "net eth0 detect > > routestopped" > > remove the 'routestopped' from /etc/shorewall/interfaces > > so the four last lines in that file should be: > --- cut --- > #ZONE INTERFACE BROADCAST OPTIONS > loc eth0 detect > net eth1 detect > #LAST LINE ... > --- cut --- > > > btw, as I forgot to ask before, what internet connection do you have? > is it a dsl? and does it get it's ip through dhcp or is it static? > > if you have dsl that uses PPPoE or PPPoA, > you need to change /etc/shorewall/interfaces to: > --- cut --- > #ZONE INTERFACE BROADCAST OPTIONS > loc eth0 detect > net ppp0 detect > #LAST LINE ... > --- cut --- > > and if it's also using dhcp, you need it like this: > --- cut --- > #ZONE INTERFACE BROADCAST OPTIONS > loc eth0 detect > net ppp0 detect dhcp > #LAST LINE ... > --- cut --- > > > and of course restart shorewall after you have made the changes > -- > Regards > > Thomas > > PS. > sorry for the delays in answering, I had to leave my computer for a while... > > > > > > ______________________________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack at Monkeynoodle Dot Org: It's A Scientific Venture... "There was a shopping mall, now it's all covered with flowers, if this is Paradise I wish I had a lawnmower." -- (Nothing But) Flowers from Sand in The Vaseline by The Talking Heads
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com