On 02/06/2018 11:38 AM, Nicola Ferrari (#554252) wrote: > On 06/02/2018 17:38, Nicola Ferrari (#554252) wrote: >> Hi list! >> > > > I'm sorry guys.. In the previous message I forgot to mention that > "shorewall show capabilities" gives me the following output: > > > Shorewall has detected the following iptables/netfilter capabilities: > ACCOUNT Target (ACCOUNT_TARGET): Available > Address Type Match (ADDRTYPE): Available > Amanda Helper: Available > Arptables JF: Not available > AUDIT Target (AUDIT_TARGET): Available > Basic Ematch (BASIC_EMATCH): Available > Basic Filter (BASIC_FILTER): Available > Capabilities Version (CAPVERSION): 40600 > Checksum Target: Available > CLASSIFY Target (CLASSIFY_TARGET): Available > Comments (COMMENTS): Available > Condition Match (CONDITION_MATCH): Available > Connection Tracking Match (CONNTRACK_MATCH): Available > Connlimit Match (CONNLIMIT_MATCH): Available > Connmark Match (CONNMARK_MATCH): Available > CONNMARK Target (CONNMARK): Available > CT Target (CT_TARGET): Available > DSCP Match (DSCP_MATCH): Available > DSCP Target (DSCP_TARGET): Available > Enhanced Multi-port Match (EMULIPORT): Available > Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH): > Available > Extended Connmark Match (XCONNMARK_MATCH): Available > Extended CONNMARK Target (XCONNMARK): Available > Extended MARK Target 2 (EXMARK): Available > Extended MARK Target (XMARK): Available > Extended Multi-port Match (XMULIPORT): Available > Extended REJECT (ENHANCED_REJECT): Available > FLOW Classifier (FLOW_FILTER): Available > FTP-0 Helper: Not available > FTP Helper: Available > fwmark route mask (FWMARK_RT_MASK): Available > Geo IP match: Not available > Goto Support (GOTO_TARGET): Available > H323 Helper: Available > Hashlimit Match (HASHLIMIT_MATCH): Available > Header Match (HEADER_MATCH): Not available > Helper Match (HELPER_MATCH): Available > IMQ Target (IMQ_TARGET): Not available > IPMARK Target (IPMARK_TARGET): Available > IPP2P Match (IPP2P_MATCH): Available > IP range Match(IPRANGE_MATCH): Available > ipset V5 (IPSET_V5): Available > iptables -S (IPTABLES_S): Available > IRC-0 Helper: Not available > IRC Helper: Available > Kernel Version (KERNELVERSION): 31600 > LOGMARK Target (LOGMARK_TARGET): Available > LOG Target (LOG_TARGET): Available > Mangle FORWARD Chain (MANGLE_FORWARD): Available > Mark in the filter table (MARK_ANYWHERE): Available > MARK Target (MARK): Available > MASQUERADE Target: Available > Multi-port Match (MULTIPORT): Available > NAT (NAT_ENABLED): Available > Netbios_ns Helper: Available > New tos Match: Available > NFAcct match: Not available > NFLOG Target (NFLOG_TARGET): Available > NFQUEUE Target (NFQUEUE_TARGET): Available > Owner Match (OWNER_MATCH): Available > Owner Name Match (OWNER_NAME_MATCH): Available > Packet length Match (LENGTH_MATCH): Available > Packet Mangling (MANGLE_ENABLED): Available > Packet Type Match (USEPKTTYPE): Available > Persistent SNAT (PERSISTENT_SNAT): Available > Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available > Physdev Match (PHYSDEV_MATCH): Available > Policy Match (POLICY_MATCH): Available > PPTP Helper: Available > Rawpost Table (RAWPOST_TABLE): Not available > Raw Table (RAW_TABLE): Available > Realm Match (REALM_MATCH): Available > Recent Match "--reap" option (REAP_OPTION): Available > Recent Match (RECENT_MATCH): Available > Repeat match (KLUDGEFREE): Available > RPFilter match: Available > SANE-0 Helper: Not available > SANE Helper: Available > SIP-0 Helper: Not available > SIP Helper: Available > SNMP Helper: Available > Statistic Match (STATISTIC_MATCH): Available > TCPMSS Match (TCPMSS_MATCH): Available > TFTP-0 Helper: Not available > TFTP Helper: Available > Time Match (TIME_MATCH): Available > TPROXY Target (TPROXY_TARGET): Available > UDPLITE Port Redirection: Not available > ULOG Target (ULOG_TARGET): Available >
Do you possibly have a stale /etc/shorewall/capabilities file? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users