Hi, I made a very simple bash script which loads the iptables configuration from /etc/firewall.conf and /etc/firewall6.conf files:
# cat /etc/init.d/firewall #!/bin/bash iptables-restore < /etc/firewall.conf ip6tables-restore < /etc/firewall6.conf # Script is stored in /etc/init.d/ directory, but I haven't configured init to load this script directly. I use the pre-up option in /etc/network/interfaces instead: # grep pre-up /etc/network/interfaces pre-up /etc/init.d/firewall # /etc/firewall.conf and /etc/firewall6.conf contain few simple allow-rules to input chain and set default policies for chains in input table to drop. Now if I reload the machine, the bootup takes more than 6 minutes. Bootlog can be seen below: Mon Aug 4 15:43:37 2014: Setting preliminary keymap...done. Mon Aug 4 15:43:37 2014: Activating swap...done. Mon Aug 4 15:43:37 2014: Checking root file system...fsck from util-linux-ng 2.17.2 Mon Aug 4 15:43:37 2014: /dev/sda1: clean, 28387/3057824 files, 396742/12231168 blocks Mon Aug 4 15:43:37 2014: done. Mon Aug 4 15:43:37 2014: Cleaning up ifupdown.... Mon Aug 4 15:43:37 2014: Loading kernel modules...done. Mon Aug 4 15:43:37 2014: Activating lvm and md swap...done. Mon Aug 4 15:43:37 2014: Checking file systems...fsck from util-linux-ng 2.17.2 Mon Aug 4 15:43:38 2014: /dev/sda2: clean, 11/11968512 files, 799103/47851520 blocks Mon Aug 4 15:43:38 2014: done. Mon Aug 4 15:43:38 2014: Setting up networking.... Mon Aug 4 15:43:38 2014: Mounting local filesystems...done. Mon Aug 4 15:43:38 2014: Activating swapfile swap...done. Mon Aug 4 15:43:38 2014: Cleaning up temporary files.... Mon Aug 4 15:43:38 2014: Configuring network interfaces...done. Mon Aug 4 15:43:39 2014: Starting portmap daemon.... Mon Aug 4 15:43:39 2014: Starting NFS common utilities: statdSetting kernel variables ...done. Mon Aug 4 15:46:39 2014: ^[[31mfailed!^[[39;49m Mon Aug 4 15:46:39 2014: Cleaning up temporary files.... Mon Aug 4 15:46:40 2014: Setting console screen modes. Mon Aug 4 15:46:40 2014: ^[]R^[[9;30]^[[14;30]Skipping font and keymap setup (handled by console-setup). Mon Aug 4 15:46:40 2014: Setting up console font and keymap...done. Mon Aug 4 15:46:40 2014: Setting sensors limits. Mon Aug 4 15:46:40 2014: startpar: service(s) returned failure: nfs-common ... ^[[31mfailed!^[[39;49m Mon Aug 4 15:46:40 2014: INIT: Entering runlevel: 2 Mon Aug 4 15:46:40 2014: Using makefile-style concurrent boot in runlevel 2. Mon Aug 4 15:46:40 2014: Starting portmap daemon...Already running.. Mon Aug 4 15:46:40 2014: Starting enhanced syslogd: rsyslogd. Mon Aug 4 15:46:40 2014: Starting ACPI services.... Mon Aug 4 15:46:40 2014: Starting NFS common utilities: statd ^[[31mfailed!^[[39;49m Mon Aug 4 15:49:41 2014: Starting web server: apache2apache2: apr_sockaddr_info_get() failed for R61e Mon Aug 4 15:49:41 2014: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName Mon Aug 4 15:49:41 2014: . Mon Aug 4 15:49:41 2014: Starting deferred execution scheduler: atd. Mon Aug 4 15:49:41 2014: Starting periodic command scheduler: cron. Mon Aug 4 15:49:41 2014: Starting MTA:Starting internet superserver: inetd. Mon Aug 4 15:49:42 2014: exim4. Mon Aug 4 15:49:42 2014: Starting OpenBSD Secure Shell server: sshd. Once the system is started, the iptables and ip6tables rules are properly installed. According to log messages seen above, the problem seems to be with NFS. Has anyone seen something like this before? regards, Martin -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/cajx5yvgktc0ez_xhxagrtqb5pvy09bx12ut65ko5kdeaupp...@mail.gmail.com
