David Mathog wrote:
Here are all the CONFIG_IP_NF_* entries:CONFIG_IP_NF_CONNTRACK=m CONFIG_IP_NF_CT_ACCT=y CONFIG_IP_NF_CONNTRACK_MARK=y CONFIG_IP_NF_CT_PROTO_SCTP=m CONFIG_IP_NF_FTP=m CONFIG_IP_NF_IRC=m CONFIG_IP_NF_TFTP=m CONFIG_IP_NF_AMANDA=m CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_LOG=m and all of the CONFIG_NETFILTER* CONFIG_NETFILTER=y CONFIG_NETFILTER_NETLINK=m CONFIG_NETFILTER_NETLINK_QUEUE=m CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NETFILTER_XTABLES=m CONFIG_NETFILTER_XT_MATCH_MAC=m CONFIG_NETFILTER_XT_MATCH_MARK=m CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m CONFIG_NETFILTER_XT_MATCH_STATE=m Here are all the modules in: /lib/modules/2.6.16.60-c1/kernel/net/ipv4/netfilter ip_conntrack.ko ip_conntrack_amanda.ko ip_conntrack_ftp.ko ip_conntrack_irc.ko ip_conntrack_proto_sctp.ko ip_conntrack_tftp.ko ip_queue.ko ip_tables.ko ipt_LOG.ko ipt_REJECT.ko iptable_filter.ko Is something obvious (to you, clearly it isn't to me) missing which in turn is effectively disabling CONFIG_IP_NF_TARGET_LOG?
This isn't brain surgery: At a high level, the failing rule parses to: -A logdrop --match limit --limit 5/minute --limit-burst 3 <=================== -j LOG --log-level info --log-prefix Shorewall:logdrop:DROP: Shorewall creates 'logdrop' so we can assume it is there. You have verified that the LOG target is supported.That leaves the match marked with <====== which requires limit match. See http://www.shorewall.net/kernel.htm to figure out which config option that is and on which kernels.
You can eliminate the need for that match in your log rules by resetting LOGRATE and LOGBURST in shorewall.conf.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
