Bug#468148: marked as done (arno-iptables-firewall: "Errors starting on Sparc build")

Debian Bug Tracking System Wed, 13 May 2009 23:59:22 -0700

Your message dated Thu, 14 May 2009 08:54:07 +0200
with message-id <20090514065407.gb3...@localhost>
and subject line Re: arno-iptables-firewall: "Errors starting on Sparc build"
has caused the Debian Bug report #468148,
regarding arno-iptables-firewall: "Errors starting on Sparc build"
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
468148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=468148
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: arno-iptables-firewall
Version: 1.8.8.i-2
Severity: important



-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: sparc (sparc64)

Kernel: Linux 2.6.18-3-sparc64-smp (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages arno-iptables-firewall depends on:
ii  debconf [debconf-2.0]   1.5.19           Debian configuration management sy
ii  gawk                    1:3.1.5.dfsg-4   GNU awk, a pattern scanning and pr
ii  iptables                1.3.8.0debian1-1 administration tools for packet fi
ii  lynx                    2.8.6-2          Text-mode WWW Browser

Versions of packages arno-iptables-firewall recommends:
ii  iproute                       20080108-1 Professional tools to control the 

-- debconf information:
* arno-iptables-firewall/config-int-nat-net: 172.16.2.0
* arno-iptables-firewall/dynamic-ip: false
* arno-iptables-firewall/config-int-net: 255.255.255.0
* arno-iptables-firewall/icmp-echo: true
* arno-iptables-firewall/services-udp: 53
  arno-iptables-firewall/title:
* arno-iptables-firewall/config-ext-if: eth0
* arno-iptables-firewall/services-tcp: 25 53 110 143 443 10000
* arno-iptables-firewall/restart: true
* arno-iptables-firewall/config-int-if: eth1
* arno-iptables-firewall/nat: true
* arno-iptables-firewall/debconf-wanted: true

# ./arno-iptables-firewall start
Arno's Iptables Firewall Script 1.8.8.i-2
-------------------------------------------------------------------------------
Sanity checks passed...OK
Detected IPTABLES module... Loading additional IPTABLES modules:
All IPTABLES modules loaded!
Setting the kernel ring buffer to only log panic messages to the console
Configuring /proc/.... settings:
 Enabling anti-spoof with rp_filter
 Enabling SYN-flood protection via SYN-cookies
 Disabling the logging of martians
 Disabling the acception of ICMP-redirect messages
 Setting the max. amount of simultaneous connections to 16384
 Enabling protection against source routed packets
 Setting default conntrack timeouts
 Enabling reduction of the DoS'ing ability
 Setting Default TTL=64
 Disabling ECN (Explicit Congestion Notification)
 Enabling support for dynamic IP's
 Flushing route table
/proc/ setup done...
Flushing rules in the filter table
Setting default (secure) policies
Using loglevel "info" for syslogd

Setting up firewall rules:
-------------------------------------------------------------------------------
Accepting packets from the local loopback device
Enabling setting the maximum packet size via MSS
Enabling mangling TOS
Logging of stealth scans (nmap probes etc.) enabled
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Logging of packets with bad TCP-flags enabled
iptables: Invalid argument
iptables: Invalid argument
Logging of INVALID packets disabled
Logging of fragmented packets enabled
iptables: Invalid argument
Logging of access from reserved addresses enabled
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Setting up anti-spoof rules
Reading custom IPTABLES rules from /etc/arno-iptables-firewall/custom-rules
Loading (user) plugins
iptables: Invalid argument
Setting up INPUT policy for the external net (INET):
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Enabling support for a DHCP assigned IP on external interface(s): eth0
Logging of explicitly blocked hosts enabled
Logging of denied local output connections enabled
Packets will NOT be checked for private source addresses
Allowing the whole world to connect to TCP port(s): 22
Allowing the whole world to send ICMP-requests(ping)
iptables: Invalid argument
Logging of dropped ICMP-request(ping) packets enabled
iptables: Invalid argument
Logging of dropped other ICMP packets enabled
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Logging of possible stealth scans enabled
iptables: Invalid argument
iptables: Invalid argument
Logging of (other) connection attempts to PRIVILEGED TCP ports enabled
iptables: Invalid argument
Logging of (other) connection attempts to PRIVILEGED UDP ports enabled
iptables: Invalid argument
Logging of (other) connection attempts to UNPRIVILEGED TCP ports enabled
iptables: Invalid argument
Logging of (other) connection attempts to UNPRIVILEGED UDP ports enabled
iptables: Invalid argument
Logging of other IP protocols (non TCP/UDP/ICMP) connection attempts enabled
iptables: Invalid argument
Logging of ICMP flooding enabled
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Applying INET policy to external (INET) interface: eth0 (without an external
su)
iptables: Invalid argument
Setting up INPUT policy for internal (LAN) interface(s): eth1 eth2
 Allowing ICMP-requests(ping)
iptables: Invalid argument
iptables: Invalid argument
 Allowing all (other) protocols
iptables: Invalid argument
Setting up FORWARD policy for internal (LAN) interface(s): eth1 eth2
 Logging of denied LAN->INET FORWARD connections enabled
 Setting up LAN->INET policy:
  Allowing ICMP-requests(ping)
iptables: Invalid argument
iptables: Invalid argument
  Allowing all (other) protocols
Security is ENFORCED for external interface(s) in the FORWARD chain
iptables: Invalid argument

Feb 27 11:55:28 All firewall rules applied.

--- End Message ---

--- Begin Message ---

Hi,

this bug

  http://bugs.debian.org/468148

has been open for more than a year. I think we all agree that it wasn't
caused by arno-iptables-firewall, but was an iptables issue. Moreover,
it was limited to systems running etch (actually pre-etchnhalf) kernels.

Therefore I am closing this bug now -- If I am missing some point, feel
free to re-open with a pointer to what still has to be fixed.


Thanks,

Michael


-- 
GPG key:  1024D/3144BE0F Michael Hanke
http://apsy.gse.uni-magdeburg.de/hanke
ICQ: 48230050

--- End Message ---

Bug#468148: marked as done (arno-iptables-firewall: "Errors starting on Sparc build")

Reply via email to