Tom In the attached config. the following stoppedrules entry:
NOTRACK fw:1.1.1.1 - icmp
generates the following iptables rule:
-A OUTPUT -p 1 -s 1.1.1.1 -j CT --notrack
When command "shorewall stop" is issued the following error message is
produced:
iptables-restore: line 31 failed
In /var/log/syslog the following message appears:
Nov 23 15:23:24 l4 kernel: [ 3496.562820] x_tables: ip_tables: CT target: only
valid in raw table, not filter
While investigating the above error, I noticed that when the following
commands are issued:
shorewall debug stop
shorewall debug try /etc/shorewall2A4
shorewall debug clear
The debug option is ignored and iptables-restore is used. Is this expected?
Steven
shorewall2A4.tar.gz
Description: application/compressed-tar
------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
