Tom Eastep <teastep <at> shorewall.net> writes: > > Johannes Graumann wrote: > > Hello, > > > > I upgraded my debian testing shorewall installation from 4.4.5-1 to > > 4.4.6-1 from the repositories tonight. The upgrade involved a restart > > - which failed and keeps failing. I attach the trace as requested on > > shorewall.net and the iptables-restore-input involved in the failure > > message. Any insight into what might be going wrong? > > > > Thanks for any hints, > > What happens when you 'shorewall debug start' ? > > -Tom
The errow below shows up. Joh # shorewall debug start Compiling... Opening /proc/modules: No such file or directory Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... Determining Hosts in Zones... Preprocessing Action Files... Compiling ... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Compiling /etc/shorewall/policy... Adding Anti-smurf Rules Compiling TCP Flags filtering... Compiling Kernel Route Filtering... Compiling Martian Logging... Compiling MAC Filtration -- Phase 1... Compiling /etc/shorewall/rules... Generating Transitive Closure of Used-action List... Processing /usr/share/shorewall/action.Reject for chain Reject... Compiling ... Processing /usr/share/shorewall/action.Drop for chain Drop... Compiling MAC Filtration -- Phase 2... Applying Policies... Generating Rule Matrix... Creating iptables-restore input... Compiling iptables-restore input for chain mangle:... Shorewall configuration compiled to /var/lib/shorewall/.start Starting Shorewall.... Initializing... Setting up Route Filtering... /var/lib/shorewall/.start: 2199: cannot create /proc/sys/net/ipv4/conf/all/rp_filter: Directory nonexistent /var/lib/shorewall/.start: 2199: cannot create /proc/sys/net/ipv4/conf/default/rp_filter: Directory nonexistent Cannot open "/proc/sys/net/ipv4/route/flush" Setting up Martian Logging... /var/lib/shorewall/.start: 2199: cannot create /proc/sys/net/ipv4/conf/all/log_martians: Directory nonexistent WARNING: Cannot set Martian logging on venet0 Setting up Traffic Control... Preparing iptables-restore input... Running debug_restore_input... iptables: No chain/target/match by that name. ERROR: Command "/sbin/iptables -A FORWARD -j MARK --set-mark 0" Failed Running debug_restore_input... Terminated ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
