Re: [Shorewall-users] after upgrade of distro-shorewall 4.6.2.4-144.1 -> 4.6.2.4-146.1, compile "ERROR: Invalid/Unknown leaf-1 port/service (tcp) "

Wed, 13 Aug 2014 14:55:10 -0700 

On 8/13/2014 2:26 PM, PGNd wrote:
> After an upgrade from Opensuse_13.1-packaged shorewall 4.6.2.4-144.1 -> 
> 4.6.2.4-146.1
> 
>       grep "shorewall|" * | tail -n 2
>               2014-08-08 
> 07:30:05|install|shorewall|4.6.2.4-144.1|noarch||Netfilter|8a7f834d22683013aba57ba4548d97fc53eb64e0b562cbdf65e716544aba45ba|
>               2014-08-12 
> 11:09:47|install|shorewall|4.6.2.4-146.1|noarch||Netfilter|d7401c67c1d548fdcacde9ab9b3de94a7d87ed45e248aeef49a02e6b40da7193|
> 
> When I simply recompile my previously working rulesets etc, I now get an error
> 
>    ERROR: Invalid/Unknown leaf-1 port/service (tcp) 
> /usr/local/etc/shorewall/IPv4/masq (line 20)
> 
> where
> 
>       cat /masq
>               ...
> 20                    EXTIF  $MX_INT  $MX_EXT  tcp  25,587
>               ...
> 
> This works prior to the upgrade.
> 
> The recent local changelog includes,
> 
>       rpm -q --changelog shorewall
>               * Mon Aug 11 2014 tog...@opensuse.org
>               - Backported PHYSICALNAME.patch
>               

PHYSICALNAME.patch fixed the specific problem one user was having but
broke other working configurations. That having been said, it generated
errors in the providers file, not in the masq file. A follow-on patch
was committed to the 4.6.2 branch to correct the initial patch.

> I've not see this error before, and haven't yet found it online.
> 
> How/what can I troubleshoot to determine/identify the specific
> source of the problem -- shorewall or packaging?

Try 'shorewall trace check -t' and see what that line of text is
expanding to. The compiler is parsing 'leaf-1' as the protocol and 'tcp'
as the port/service.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to