I’ve been using Shorewall under Debian for quite a while without to much
trouble.
I assume that you have seen the Debian packaging rationale for Shorewall in the
docs directory, together with the example files for several configurations.
From memory, these are in /usr/share/docs/shorewall
And
From: Justin Pryzby
Date: Sun, 29 Nov 2020 22:15:51 -0600
> What do you mean "the installed snat file" ?
When shorewall is installed in Debian 10, files
/etc/shorewall/interfaces, /etc/shorewall/snat and others are
installed. They are skeletal and need adaptation.
> Was it installed in
On 11/30/2020 5:15 AM, Justin Pryzby wrote:
> On Sun, Nov 29, 2020 at 07:41:57PM -0800, pe...@easthope.ca wrote:
>> From:Justin Pryzby
>> Date:Sun, 29 Nov 2020 19:20:04 -0600
>>> ... variable called NET_IF but then referred to it without a dollar sign,
>>> ...
>>
>> NET_IF
On Sun, Nov 29, 2020 at 07:41:57PM -0800, pe...@easthope.ca wrote:
> From: Justin Pryzby
> Date: Sun, 29 Nov 2020 19:20:04 -0600
> > ... variable called NET_IF but then referred to it without a dollar sign,
> > ...
>
> NET_IF appears in the 2nd column of the installed interfaces file and
> in
From: Justin Pryzby
Date: Sun, 29 Nov 2020 19:20:04 -0600
> ... variable called NET_IF but then referred to it without a dollar sign, ...
NET_IF appears in the 2nd column of the installed interfaces file and
in the 3rd column of the installed snat file. These came from the
Debian package
On Sun, Nov 29, 2020 at 03:55:55PM -0800, pe...@easthope.ca wrote:
> From: Justin Pryzby
> > I guess it should be while shorewall is running.
>
> Sorry. Try now.
> http://easthope.ca/shorewall.dump.txt
I'm not in the habit of reading shorewall dumps, but it seems like you used a
variable
From: Justin Pryzby
> I guess it should be while shorewall is running.
Sorry. Try now.
http://easthope.ca/shorewall.dump.txt
... P.
--
Tel: +1 604 670 0140Bcc: peter at easthope. ca
___
Shorewall-users
One additional detail.
These two lines are included in the report when the WiFi connection is
opened.
send_packet: No buffer space available
dhclient.c:2445: Failed to send 300 byte long packet over wlxa0f3c10a28f7
interface.
Aside from the problem with shorewall, WiFi works.
Thanks,
On Sun, Nov 29, 2020 at 03:29:21PM -0800, pe...@easthope.ca wrote:
> > Would you send your entire config or preferably a shorweall dump ?
>
> Click here .
> http://easthope.ca/shorewall.dump.txt
I guess it should be while shorewall is running.
--
Justin
From: Justin Pryzby
Date: Sun, 29 Nov 2020 13:42:31 -0600
> How did you run echo $FW ?
Before running shorewall, open a terminal.
Type
echo $FW
Type
shorewall start
...report from shorewall ...
Type
echo $FW
That's all. FW is empty or undefined.
> Would you send your entire config or
On Sun, Nov 29, 2020 at 11:13:58AM -0800, pe...@easthope.ca wrote:
> Those status reports are semantically inconsistent with "not a
> daemon". Status reports such as "Shorewll has configured Netfilter"
> and "Shorewall has cleared its configuration of Netfilter" would be
> better.
>
> (2) The
(1) https://shorewall.org/Introduction.html has the sentence
"Shorewall is not a daemon."
"shorewall status" reports "Shorewall is running" or "Shorewall is
stopped".
Those status reports are semantically inconsistent with "not a
daemon". Status reports such as "Shorewll has configured
12 matches
Mail list logo
