On 7/28/2020 8:28 AM, Bruce Bannerman wrote: > Hi Walter, > > when I upgraded to Debian 10, I found that I needed to run the following > command to update my Shorewall config files: > > shorewall update > > The man page gives an explaination of what the command does. >
In addition to the above: Try to see if switching from the nft back end to ip[6]tables helps $ update-alternatives --config iptables There are 2 choices for the alternative iptables (providing /usr/sbin/iptables). Selection Path Priority Status ------------------------------------------------------------ * 0 /usr/sbin/iptables-nft 20 auto mode 1 /usr/sbin/iptables-legacy 10 manual mode 2 /usr/sbin/iptables-nft 20 manual mode Press <enter> to keep the current choice[*], or type selection number: 1 update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in manual mode $ update-alternatives --config ip6tables There are 2 choices for the alternative ip6tables (providing /usr/sbin/ip6tables). Selection Path Priority Status ------------------------------------------------------------ * 0 /usr/sbin/ip6tables-nft 20 auto mode 1 /usr/sbin/ip6tables-legacy 10 manual mode 2 /usr/sbin/ip6tables-nft 20 manual mode Press <enter> to keep the current choice[*], or type selection number: 1 update-alternatives: using /usr/sbin/ip6tables-legacy to provide /usr/sbin/ip6tables (ip6tables) in manual mode -- Matt Darfeuille <m...@shorewall.org> Shorewall Project Committee, one of four core members https://sourceforge.net/p/shorewall/mailman/message/36596609/ https://shorewall.org _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
