On Mon, 17 Dec 2012, Amos Jeffries wrote:
> Package: ferm
> Version: 2.1-4
> Severity: important
>
>
> Upgrade to 2.1-4 dies with an error about stopping ferm. The
> firewall is left running, but the ferm scripts are already in place
> and future manual or automatic operations fail with the message
> "Died at /usr/sbin/ferm line 1719".
>
> By commenting out that line in /usr/sbin/ferm I can get a slightly
> more useful, but still incorrect error message about mis-matched
> "}". The actual problem turned out to be the config block was
> starting with "domain (ip ip6) table filter {...}" to specify rules
> shared by both IPv4 and IPv6 firewalls.
>
> This "domain (ip ip6)" syntax appears not to be a problem when used
> in the main ferm.conf file, and is valid. But the new version errors
> out with the above problems when it is used in a sub-include file.
>
> Workaround was to cut-n-paste a blocks of config file into "domain
> ip ..." and "domain ip6 ..." blocks. Or to move the domain stanza
> outside the include file. Both of which can be problematic when the
> config files are under different administrative jurisdictions or
> automatically generated.
This is funny. -3 had this problem and -4 was expected to fix this. Do you
have your configuration file for me?
Alex
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
