-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 04/10/2017 08:37 AM, Charles Kroeger wrote: > root@mundo:/home/charles# ip addr show 1: lo: > <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group > default qlen 1 link/loopback 00:00:00:00:00:00 brd > 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever > preferred_lft forever inet6 ::1/128 scope host valid_lft forever > preferred_lft forever 2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc > noop state DOWN group default qlen 1000 link/ether > 00:1b:21:4f:60:49 brd ff:ff:ff:ff:ff:ff 3: wlp2s0: > <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group > default qlen 1000 link/ether 80:19:34:78:00:fa brd > ff:ff:ff:ff:ff:ff inet 192.168.0.150/24 brd 192.168.0.255 scope > global wlp2s0 valid_lft forever preferred_lft forever inet6 > fe80::8219:34ff:fe78:fa/64 scope link valid_lft forever > preferred_lft forever > > > root@mundo:/home/charles# ip route show default via 192.168.0.1 dev > wlp2s0 169.254.0.0/16 dev wlp2s0 scope link metric 1000 > 192.168.0.0/24 dev wlp2s0 proto kernel scope link src > 192.168.0.150 > > root@mundo:/home/charles# shorewall debug restart Compiling using > Shorewall 5.0.15.6... Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... Loading Modules... > Compiling /etc/shorewall/zones... Compiling > /etc/shorewall/interfaces... Determining Hosts in Zones... Locating > Action Files... Compiling /etc/shorewall/policy... Running > /etc/shorewall/initdone... Adding rules for DHCP Compiling TCP > Flags filtering... Compiling Kernel Route Filtering... Compiling > Martian Logging... Compiling MAC Filtration -- Phase 1... Compiling > /etc/shorewall/rules... Compiling /etc/shorewall/conntrack... > Compiling MAC Filtration -- Phase 2... Applying Policies... > Compiling /usr/share/shorewall/action.Drop for chain Drop... > Compiling /usr/share/shorewall/action.Broadcast for chain > Broadcast... Generating Rule Matrix... Compiling > /usr/share/shorewall/action.Reject for chain Reject... Creating > iptables-restore input... Shorewall configuration compiled to > /var/lib/shorewall/.restart /var/lib/shorewall/.restart: 2894: > /var/lib/shorewall/.restart: Syntax error: newline unexpected > (expecting ")") > > root@mundo:/home/charles# /sbin/shorewall status Shorewall-5.0.15.6 > Status at mundo - Mon Apr 10 09:50:41 CDT 2017 > > Shorewall is stopped State:Cleared Mon Apr 10 09:29:12 CDT 2017 > (/var/lib/shorewall/firewall compiled Wed Jan 18 18:31:09 CST 2017 > by Shorewall version 5.0.15.2) > > I have looked into the file /var/lib/shorewall/.restart: 2894: > /var/lib/shorewall/.restart: Syntax error: newline unexpected > (expecting ")") > > but cannot see a Syntax problem > > Debian 4.9.18-1 (2017-03-30) x86_64 GNU/Linux > > Debian GNU/Linux 9.0 (stretch)Release: >
This issue is caused by the empty 'physical' specification in /etc/shorewall/interfaces. Remove 'physical=,' from the entry for your 'net' interface, and the syntax error is eliminated. - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJY73/QAAoJEJbms/JCOk0QD0UP/jwhnI7fi69SPtivB3ODK4QL ZDNBNfhk/acMU3zrDGe5aO84mAG7w0WghoegVDnjwWDaAsiXuLBQZ0WLBtvilpIN zC8k1QL/N3JhkrdzS1fLwebXJ5utyg6DPnHNhOA9IvDSuxBOGgKO9aW8xwr1ErGc jo/Z98rJeeoFCNZvwpaOsLRQPpOuzcF7vc7IrHfC/pTgwK8cjxkUUpfdCKlHllLW 0ZFx98gMop3LgtwKwZ7wwbRoZJyAew7g1nOWOaF4E00k18BXWXLFqTRr3I/XXnBi 2vps0e4yvySJ+Ijnft9EdFqn5p5o+ZmXT6xJbcZaMqsXAp3yGwjJuz12ERFBFmY0 ot9EhdjZoklXvKySuIk3QWHONusLOiUaQmeXkDjZEKsJEaB5eSjZ4W+PAOT4O+hu i0yHiHTMBl4RCbpkyZN2oFoUNUlDWYwl6lSeDTvBvFnm4qQDVp7xrksr9GU91BBA U6jkI6BkNiT54KMuwIEoaxamUcJC9fybB94z7/v9r3uGdowRX5rpdcV3z+wyzXtO jswq0IDG/7R9CLYCe8CSVTFEhkp5fmn6Dw69FlR6lsOzUkUyR1otGy4EY/poxdKp 8vd9GOkEuNtNvRs7kfYDcROc1VE9Xde0Vrf2ij97yWClMaPPFLlJ779No2cXkLbP WL8Qp7baQN0mDcZbb5Gk =6xjX -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
