On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > Tom > > In the attahced config. secmarks contains: > > RESTORE O:ER - eth0 udp 53 > > When the following commands are issued: > > shorewall start /etc/shorewallT6 > shorewall safe-restart /etc/shorewallT6 > > then reply 'n' when prompted. > > The following iptables rule is generated in .safe-iptables: > > -A OUTPUT -o eth0 -p udp -m udp --dport 53 -m conntrack --ctstate > RELATED,ESTABLISHED -j CONNSECMARK--restore > > which produces the following error message: > > iptables-restore v1.4.12.1: Couldn't load target `CONNSECMARK--restore':No > such file or directory
Steven, I suspect that is an iptables 1.4.12.x bug. Please start the configuration and then do an 'iptables -S'; do you see the string "CONNSECMARK--restore" in the output? -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
