hola Felipe, no creo que tom hable español ya que es de Estados unidos pero según veo somos algunos los que hablamos español, ya que estamos podríamos hacer shorewall hispano jaja un saludo y espero que se arregle tu problema
-----Original Message----- From: Felipe Rueda <fel.r...@gmail.com> To: Shorewall Users <shorewall-users@lists.sourceforge.net> Sent: Fri, Aug 26, 2011 4:00 pm Subject: Re: [Shorewall-users] Question About Shorewall Functions Hi Tom, Yess my Question was confused so i checked that warnings and i get confused with the files resolv.conf & nsswitch.conf how can i know if that are correct. i verify the next warnings If your Name Server(s) is(are) down then your firewall won't start. If your startup scripts try to start your firewall before starting your DNS server then your firewall won't start. Factors totally outside your control (your ISP's router is down for example), can prevent your firewall from starting. You must bring up your network interfaces prior to starting your firewall. and that are correct but i cant start shorewall because of that: aporta@proxy:~$ sudo shorewall check Checking... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Checking /etc/shorewall/zones... Checking /etc/shorewall/interfaces... Determining Hosts in Zones... Locating Action Files... Checking /usr/share/shorewall/action.Drop for chain Drop... Checking /usr/share/shorewall/action.Reject for chain Reject... Checking /etc/shorewall/policy... Adding rules for DHCP Checking Kernel Route Filtering... Checking Martian Logging... Checking /etc/shorewall/masq... Checking MAC Filtration -- Phase 1... Checking /etc/shorewall/rules... ERROR: Unknown Host (mail.shorewall.net) : /etc/shorewall/rules (line 33) I checked in the /etc/shorewall/rules and i veryfy that i can use only local host and the FW take it (ACCEPT:$LOG loc:FELIPE-MSI.local. net tcp 3200 # SAP) but if i search for WAN host it didnt take (REJECT:$LOG loc net:mail.shorewall.net tcp 80), my rules is in the adjunt file.!!!!! Do you speak spanish??? regards, felipe 2011/8/26 Tom Eastep <teas...@shorewall.net> Do you know how to set up DNS name configuration in the next files: /etc/resolv.conf is wrong then your firewall won't start. If your /etc/nsswitch.conf is wrong then your firewall won't start. If your Name Server(s) is(are) down then your firewall won't start. If your startup scripts try to start your firewall before starting your DNS server then your firewall won't start. Factors totally outside your control (your ISP's router is down for example), can prevent your firewall from starting. You must bring up your network interfaces prior to starting your firewall. Each DNS name must be fully qualified and include a minimum of two periods (although one may be trailing). This restriction is imposed by Shorewall to insure backward compatibility with existing configuration files. Those are just warnings about what may go wrong when you use DNS names. -Tom ------------------------------------------------------------------------- ----- EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
