On Saturday 03 September 2011 01:10:35 Tom Eastep wrote: > On Sep 2, 2011, at 4:56 PM, Tom Eastep wrote: > > On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > >> In the attahced config. secmarks contains: > >> > >> RESTORE O:ER - eth0 udp 53 > >> > >> When the following commands are issued: > >> > >> shorewall start /etc/shorewallT6 > >> shorewall safe-restart /etc/shorewallT6 > >> > >> then reply 'n' when prompted. > >> > >> The following iptables rule is generated in .safe-iptables: > >> > >> -A OUTPUT -o eth0 -p udp -m udp --dport 53 -m conntrack --ctstate > >> RELATED,ESTABLISHED -j CONNSECMARK--restore > >> > >> which produces the following error message: > >> > >> iptables-restore v1.4.12.1: Couldn't load target > >> `CONNSECMARK--restore':No such file or directory > > > > Steven, > > > > I suspect that is an iptables 1.4.12.x bug. Please start the > > configuration and then do an 'iptables -S'; do you see the string > > "CONNSECMARK--restore" in the output? > > Please try this iptables patch. > > Thanks, > -Tom
Tom That's fixed the issue. Thanks. Steven. ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
