Tom Eastep wrote: > Galia Lisovskaya wrote: > >> Running debug_restore_input... >> iptables v1.3.5: Unknown arg `--src-range' >> Try `iptables -h' or 'iptables --help' for more information. >> ERROR: Command "/sbin/iptables -A venet0_fwd --src-range >> 10.0.2.1-10.0.2.255 -j ven1_frwd" Failed >> IP Forwarding Enabled > > Hmmm -- I see from the dump you sent to [EMAIL PROTECTED] that > > Repeat match: Not available > > That is causing Shorewall to generate an invalid rule. > > Please do the following: > > shorewall show -f capabilities > /etc/shorewall/caps > tar -zcf shorewall.tgz /etc/shorewall > Send shorewall.tgz to [EMAIL PROTECTED] >
Attached is a patch to /usr/share/shorewall-perl/Shorewall/Rules.pm that should correct the problem. -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net \________________________________________________
Index: Shorewall/Rules.pm
===================================================================
--- Shorewall/Rules.pm (revision 8842)
+++ Shorewall/Rules.pm (working copy)
@@ -1688,6 +1688,8 @@
move_rules( $filter_table->{output_chain $interface} , $filter_table->{$nextchain} ) unless use_output_chain $interface;
}
+ clearrule;
+
next if $hostref->{options}{destonly};
my $source = match_source_net $net;
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
