Shorewall Geek wrote: > Theo van Werkhoven wrote: > >> Shorewall Geek wrote: >> >>> RC3 is now available for testing: >>> >> $sudo /sbin/shorewall6 version >> 4.2.4-RC3 >> >> [..] >> Shorewall configuration compiled to /var/lib/shorewall6/.start >> Processing /etc/shorewall6/params ... >> ERROR: Shorewall6 requires Linux kernel 2.6.25 or later >>
OH, NO!!! I was just getting ready to bite the bullet and start testing in production, as production is broken anyway, and I am running Centos 5.2: 2.6.18! >> openSUSE 10.3 >> $uname -r >> 2.6.22.19-0.1-default >> >> The kernel is up-to-date, only the patches have been compiled in an old >> version by SUSE. >> Is there another way the kernel capabilities can be determined so that the >> script doesn't fail? >> > > Shorewall6 was developed and tested using kernel 2.6.25 (and later) and > iptables 1.4.1.1. To date, it has had no testing done on earlier > kernels. We know that kernels up to approximately 2.6.23 would accept > commands but then silently do the wrong thing (or do nothing). So we > have chosen to make 2.6.25 the minimum kernel version. > > So you have three choices: > > a) Don't use Shorewall6. > Seems like the what I will have to do. > b) Upgrade your kernel (OpenSuSE 10.3 is quite old and has *horrible* > package/update management). > Can't really do this with Centos. We are on 2.6.18 until Centos 6, next year hopefully. > c) Hack out the kernel version test (it is at > /usr/share/shorewall-perl/prog.footer6, line 67) and proceed at your own > risk. > From what you said, this could be a bad move at this time. ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
