On Saturday 03 September 2011 00:56:54 Tom Eastep wrote: > On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > > Tom > > > > In the attahced config. secmarks contains: > > > > RESTORE O:ER - eth0 udp 53 > > > > When the following commands are issued: > > > > shorewall start /etc/shorewallT6 > > shorewall safe-restart /etc/shorewallT6 > > > > then reply 'n' when prompted. > > > > The following iptables rule is generated in .safe-iptables: > > > > -A OUTPUT -o eth0 -p udp -m udp --dport 53 -m conntrack --ctstate > > RELATED,ESTABLISHED -j CONNSECMARK--restore > > > > which produces the following error message: > > > > iptables-restore v1.4.12.1: Couldn't load target > > `CONNSECMARK--restore':No such file or directory > > Steven, > > I suspect that is an iptables 1.4.12.x bug. Please start the configuration > and then do an 'iptables -S'; do you see the string "CONNSECMARK--restore" > in the output? > > -Tom >
Tom If I issue 'iptables -t mangle -S' then I see the above string. Steven ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
