On 8/8/2014 7:05 AM, Tom Eastep wrote: > On 8/7/2014 9:36 PM, PGNd wrote: > >> >> /providers >> prov1 1 1 main EXT_IF detect track,balance >> INTIF > ------ > > "EXT_IF" is specified here, but the interfaces file has 'EXTIF'. > >> /interfaces >> ?FORMAT 2 >> net EXTIF physical=eth0 > ----- >> - INTIF physical=eth1 >> prov2 tun0 optional >> >> Compile, install & function are all ok. >> >> If, instead >> >> /interfaces >> ?FORMAT 2 >> net EXTIF physical=eth0 >> - INTIF physical=eth1 >> - prov2 tun1 optional >> + prov2 VPNIF physical=tun1,optional >> >> Compile fails >> >> Compiling /opt/etc/shorewall/providers... >> Use of uninitialized value $physical in pattern match (m//) at >> /usr/lib/perl5/vendor_perl/5.18.1/Shorewall/Providers.pm line 463, >> <$currentfile> line 2. >> ERROR: A provider interface must have at least one associated zone >> /opt/etc/shorewall/providers (line 2) >> >> (1) Is the form >> >> prov2 VPNIF physical=tun1,optional >> >> in /interfaces permitted? >> >> (2) If "yes", is the ERROR a config problem on my end, or a bug? > > Your error -- see above. That having been said, I need to understand the > Perl diagnostic above.
I attempted to reproduce your problem, and with EXT_IF in the first provider line, compilation actually fails with 'Unknown interface' as would be expected. With the VPNIF interface defined as above, I got the same error as you did. Changing the definition of the second provider to the following allowed the compilation to continue successfully: prov2 2 2 main VPNIF 192.168.1.1 track,fallback INTIF With what you posted as your original config that worked (after the EXT_IF thingy was corrected), compilation actually fails as well because you specify tun0 in the interfaces file and tun1 in providers. I will create a fix for Perl diagnostic. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
