On Mon, 2010-02-01 at 22:54 +0000, Johannes Graumann wrote: > Tom Eastep <teastep <at> shorewall.net> writes: > > What happens when you 'shorewall debug start' ? > > > > -Tom > > The errow below shows up. > ... > Running debug_restore_input... > iptables: No chain/target/match by that name. > ERROR: Command "/sbin/iptables -A FORWARD -j MARK --set-mark 0" Failed > Running debug_restore_input... > Terminated
Looks like your kernel doesn't have MARK support. Please try the attached patch: patch /usr/share/shorewall/Shorewall/tc.pm < MARK.diff -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
--- Shorewall/Tc.pm.orig 2010-02-01 15:50:59.000000000 -0800
+++ Shorewall/Tc.pm 2010-02-01 15:51:42.000000000 -0800
@@ -1373,7 +1373,7 @@
add_jump $mangle_table->{OUTPUT} , 'tcout', 0, $mark_part;
if ( $capabilities{MANGLE_FORWARD} ) {
- add_rule( $mangle_table->{FORWARD}, '-j MARK --set-mark 0' );
+ add_rule( $mangle_table->{FORWARD}, '-j MARK --set-mark 0' ) if $capabilities{MARK};
add_jump $mangle_table->{FORWARD} , 'tcfor', 0;
add_jump $mangle_table->{POSTROUTING} , 'tcpost', 0;
}
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
