A tcclasses entry with mark=0 causes shorewall 5.0.4 restart to terminate abruptly, breaking connections. This is with iproute2-3.12.0-2 on an ubuntu system. I propose that the compiler should reject this entry with a clean error message.
[...] Setting up Proxy ARP... Adding Providers... Setting up Traffic Control... RTNETLINK answers: Invalid argument We have an error talking to the kernel ERROR: Command "tc filter add dev eth0 protocol all parent 1:0 prio 276 handle 0 fw classid 1:10" Failed Running /sbin/iptables-restore... IPv4 Forwarding Enabled Terminated Note, I first mailed about this some 4 years ago, but it seems it didn't make it to the list (see below). On Thu, Oct 18, 2012 at 05:28:43PM -0700, Justin T Pryzby wrote: > tcclasses "MARK" value of zero causes shorewall to break like this: > > Setting up Traffic Control... > RTNETLINK answers: Invalid argument > We have an error talking to the kernel > ERROR: Command "tc filter add dev tun1 protocol all parent 3:0 prio 276 > handle 0 fw classid 3:10" Failed > > This is a "mixed" ubuntu system with packages from 8.04 (l) and 10.04 > (h). shorewall is 4.4.11.6-3~bpo50+1 from http://people.connexer.com, > with iproute 20091226-1. > > Is it possible to add a "compile time" check for that with a more > obvious warning? > > Justin ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
