Hi, I stumbled upon a problem with that manifests itself starting from
Shorewall version 4.4.23 and higher (tried already 4.4.23.1 and 4.4.23.2).
If I set "TC_Enabled=Shared" in Shorewall6's shorewall.conf, it fails to
start with the following output:
----------------------------------------------------------------------
# shorewall6 start
Compiling...
Processing /etc/shorewall6/params ...
Processing /etc/shorewall6/shorewall6.conf...
Loading Modules...
Compiling /etc/shorewall6/zones...
Compiling /etc/shorewall6/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Compiling /usr/share/shorewall6/action.Drop for chain Drop...
Compiling /usr/share/shorewall6/action.AllowICMPs for chain AllowICMPs...
Compiling /usr/share/shorewall6/action.Broadcast for chain Broadcast...
Compiling /usr/share/shorewall/action.Invalid for chain Invalid...
Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...
Compiling /usr/share/shorewall6/action.Reject for chain Reject...
Compiling /etc/shorewall6/policy...
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling TCP Flags filtering...
Compiling /etc/shorewall6/tcdevices...
Compiling /etc/shorewall6/tcclasses...
Compiling /etc/shorewall6/tcrules...
Compiling MAC Filtration -- Phase 1...
Compiling /etc/shorewall6/rules...
Compiling /usr/share/shorewall6/action.AllowICMPs for chain %AllowICMPs...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Generating Rule Matrix...
Optimizing Ruleset...
Creating ip6tables-restore input...
Compiling Interface forwarding...
Shorewall configuration compiled to /var/lib/shorewall6/.start
/var/lib/shorewall6/.start: line 1592: syntax error near unexpected
token `else'
/var/lib/shorewall6/.start: line 1592: `else'
/var/lib/shorewall6/.start: line 1592: syntax error near unexpected
token `else'
/var/lib/shorewall6/.start: line 1592: `else'
-------------------------------------------------------------------
At line 1592 of the .start file I see these:
--------------------------------------------------------------------
progress_message2 Setting up Proxy NDP...
return 0
}
#
# Configure Traffic Shaping for ppp0
#
setup_ppp0_tc() {
progress_message " TC Device ppp0 defined."
else
error_message "WARNING: Device ppp0 is not in the UP state --
traffic-shaping configuration ski$
ppp0_exists=
fi
}
#
# Enable an optional provider
#
enable_provider() {
g_interface=$1;
---------------------------------------------------------------------
For some reason it fails on that "else" statement.
Anyone have a clue? Not that it does not fail if I set
"TC_Enabled=internal", but the machine runs both shorewall and
shorewall6, a shared configuration is needed.
--
Kostas Kavourakis <[email protected]>
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
http://p.sf.net/sfu/rim-devcon-copy2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
