Tom, sorry for the confusion, the 5.2.6 version numbers in my post are for Bering-uClibc, not Shorewall. I was comparing Bering-uClibc 5.2.6rc1 (release candidate 1) with Bering-uClibc 5.2.6 release version. I believe that the Shorewall version is the same in both (4.6.13.4) so I think we can safely assume the problem I was experiencing was not due to a problem in Shorewall. You can see from the boot messages that in one case an ipv4 ip was available just before shorewall runs and in the other case the ip did not show in the boot messages. Looks like the different behavior between the two releases is in dhcpd.
Shorewall picks up the ip using ETH0_IP=`find_first_interface_address eth0` in the params file. Thanks, I am a happy shorewall user on Leaf for many years, and really appreciate your work. Tim. On Fri, Jun 3, 2016 at 10:03 PM, Tom Eastep <teas...@shorewall.net> wrote: > On 6/3/2016 4:58 PM, Timothy Wegner wrote: > > I have a LEAF router on a Soekris box. > > > > LEAF Bering-uClibc 5.2.6-rc1 works perfectly. But 5.2.6 does not. > Shorewall > > complains that it can't get an ip and won't start, and the boot messages > > just before shorewall runs indicate that an ipv6 ip was obtained but not > > ipv4. After boot, the ip addr show command shows that an ipv4 ip was in > > fact obtained (eventually). So strangely, if I just run webmin after boot > > (which shows shorewall not started) and start shorewall all is well and > > everything works. > > > > I would appreciate any suggestions of what might have changed between > 5.2.6 > > rc1 and the 5.2.6 versions that might have caused the behavior change. > The > > exact same configdb.lrp is used in both cases. I updated by hand by just > > copying everything except leaf.cfg, configdb.lrp, and ldlinux.sys. I used > > the Bering-uClibc_5.2.6_x86_64_syslinux_serial115200.tar.gz version. > > > > Thanks, > > > > Tim > > > > Below are two fragments of the boot messages, the first from rc1. As you > > can see, in 5.2.6 rc1 dhcpcd reports a few lines more than 5.2.6 (see > bold). > > > > 5.2.6 rc1: > > > > dhcpcd[11482]: eth0: adding address > 2001:558:6022:13:e927:a4e3:a97e:5064/128 > > dhcpcd[11482]: eth0: renew in 172800 seconds, rebind in 276480 seconds > > *dhcpcd[11482]: eth0: leased 98.201.221.124 for 299348 seconds* > > *dhcpcd[11482]: eth0: adding route to 98.201.220.0/23 > > <http://98.201.220.0/23>* > > *dhcpcd[11482]: eth0: adding default route via 98.201.220.1* > > dhcpcd[11482]: forked to background, child pid 11523 > > done. > > Starting software watchdog... done. > > Starting caching dns forwarder: dnsmasq. > > Starting ulogd: ulogd. > > Starting "Shorewall firewall": Compiling using Shorewall 4.6.13.4... > > Shorewall configuration compiled to /var/lib/.start > > Starting Shorewall.... > > done. > > > > > > 5.2.6: > > > > dhcpcd[11514]: eth0: adding address > 2001:558:6022:13:c102:74f4:65a9:de80/128 > > dhcpcd[11514]: eth0: renew in 172800 seconds, rebind in 276480 seconds > > dhcpcd[11514]: forked to background, child pid 11554 > > done. > > Starting software watchdog... done. > > Starting caching dns forwarder: dnsmasq. > > Starting ulogd: ulogd. > > Starting "Shorewall firewall": *ERROR: Can't determine the IP address > of > > eth0* > > Terminated > > Tim, > > I'm confused -- the latest released version of Shorewall is 5.0.8... > Where are you finding 5.2.6??? > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and > traffic > patterns at an interface-level. Reveals which users, apps, and protocols > are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity > planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
