Hi,
usually my shorewall inst. uses compiler=perl.
While some tests I changed my config to compiler=shell, and in this case
I get an error like this:
--------------------------------------------------------
Setting up TCP Flags checking...
iptables v1.3.8: host/network `169.254.0.0/16!169.254.1.0' not found
Try `iptables -h' or 'iptables --help' for more information.
ERROR: Command "/usr/sbin/iptables -A eth2_fwd -p tcp -s
169.254.0.0/16!169.254.1.0/24 -j tcpflags" Failed
Processing /etc/shorewall/stop ...
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 742: 9333 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
--------------------------------------------------------
This is the corresponding entry in my hosts file:
INT eth2:1.1.1.100/32 routeback,blacklist,tcpflags
INT eth2:169.254.0.0/16!169.254.1.0/24 routeback,blacklist,tcpflags
INT eth2:192.168.101.0/24 routeback,blacklist,tcpflags
Using compiler=perl with exactly the same config runs fine.
Greets
Guenter
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
