Hi Dale, On Sat, 2009-12-05 at 11:33 -0800, Dale Bewley wrote: > [r...@localhost ~]# NETCF_DEBUG=1 ncftool > warning: augeas initialization had errors > please file a bug with the following lines in the bug report: > /augeas/files/etc/sysconfig/iptables/error = "parse_failed" > /augeas/files/etc/sysconfig/iptables/error/pos = "0" > /augeas/files/etc/sysconfig/iptables/error/line = "1" > /augeas/files/etc/sysconfig/iptables/error/char = "0" > /augeas/files/etc/sysconfig/iptables/error/lens = > "/usr/share/augeas/lenses/dist/iptables.aug:59.10-.32" > /augeas/files/etc/sysconfig/iptables/error/message = "Iterated lens matched > less than it should" > Failed to initialize netcf > error: unspecified error > error: errors in loading some config files
The mystery to me is why netcf even looks at your iptables config - since you have the bridge module loaded, the file /proc/sys/net/bridge/bridge-nf-call-iptables should exist, and per the F12 defaults, should have a 0 in it. That tells netcf not to bother with iptables. > I also discovered that after no changes to any configurations, > a restart of the network makes ncftool/augeas happy. That could either be something changing bridge-nf-call-iptables or something fiddling with iptables config. > I found that if I remove '-m comment --comment "Forwarding for VM > bridges"' then ncftool is happy, even after a fresh reboot. So, > perhaps it's an augeas bug with the comment module in iptables? That's part of it - the lens is just good enough for the common directives that system-config-firewall and its ilk use. I'll try and add some smarts about the comment module. David _______________________________________________ netcf-devel mailing list netcf-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/netcf-devel
