On 3/17/2020 11:24 PM, Andrey Andreev wrote: __ > > Here is the output, no IPs in it to hide: > > [root@server ~]# shorewall check -T > Checking using Shorewall 5.2.2... > Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... > Loading Modules... > Checking /etc/shorewall/zones... > Checking /etc/shorewall/interfaces... > Determining Hosts in Zones... > Locating Action Files... > Checking /etc/shorewall/policy... > Running /etc/shorewall/initdone... > Adding rules for DHCP > Checking TCP Flags filtering... > Checking Kernel Route Filtering... > Checking Martian Logging... > Checking /etc/shorewall/snat... > Checking MAC Filtration -- Phase 1... > Checking /etc/shorewall/rules... > Checking /etc/shorewall/conntrack... > Checking /etc/shorewall/tunnels... > Checking MAC Filtration -- Phase 2... > Applying Policies... > Shorewall configuration verified
Was that output obtained with the failing SNAT line in the snat file? > > [root@server ~]# shorewall version > 5.2.2 > > In /etc/shorewall/snat line#2: > > SNAT(!9.9.9.9) 12.12.12.12/29 enp2s0 > > is hashed, shorewall does not start with it. > I feel I miss something. The documentation deals with old versions of > linux kernel while Fedora is updating very often. > I will provide any other info which might be needed. > Thanks for Your response. I need to see the actual error message that you are getting (in context). -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
