Your message dated Sun, 21 Oct 2007 12:46:14 -0400
with message-id <[EMAIL PROTECTED]>
and subject line there is almost no way this could still be vvalid
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: shorewall
Version: 2.2.3-2
http://packages.debian.org/stable/net/shorewall
The security upgrade of shorewall has broken my install, it now
complains:
Adding Common Rules
iptables: No chain/target/match by that name
ERROR: Command "/sbin/iptables -A reject -p tcp -j REJECT --
reject-with tcp-reset" Failed
IP Forwarding Disabled!
Where before it was perfectly functional.
Anyone know of this problem, and more importantly, how I can solve it?
My existing configuration is known to work on a large set of machines
- are below:
thanks,
_alex
/etc/shorewall/rules
########################################################################
############################
#ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE USER/
# PORT PORT(S)
DEST LIMIT GROUP
# note that I have not chosen to rate limit sshd, instead I just
explicitly allow
# certain ip ranges for people I trust - http://www.fduran.com/
wordpress/?p=21
# makes a good point stating that if you rely on rate limiting alone,
you can
# lock youreself out of a system _during_ an attack, which is not
useful.
ACCEPT net fw tcp 22
ACCEPT net fw tcp 80
ACCEPT net fw tcp 443
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
/etc/shorewall/interfaces
########################################################################
######
#ZONE INTERFACE BROADCAST OPTIONS
net venet0 detect nosmurfs
#
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
/etc/shorewall/policy
########################################################################
#######
#SOURCE DEST POLICY LOG
LIMIT:BURST
# LEVEL
fw net ACCEPT
net fw REJECT
#LAST LINE -- DO NOT REMOVE
shorewall.conf is, I believe, the default.
as you can see my install is _REALLY_ complex :P
:)
_a
--
alex black, founder
the turing studio, inc.
510.666.0074
[EMAIL PROTECTED]
http://www.turingstudio.com
2600 10th street, suite 635
berkeley, ca 94710
--- End Message ---
--- Begin Message ---
Given that we will have shorewall 4.0.5 packages within the next few
days, it is close to impossible that this bug still exists, or that it
can even be reproduced. Thus, I am closing it.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--- End Message ---
