On 5/6/2018 3:37 PM, Bern D wrote: > Hi, > I have upgraded Ubuntu Server to newest 18.4 version and I have issues > with Shorewall (5.1.12.2) starting during the system boot. > I use lan and wifi network interface (wlp4s0) and > isc-dhcp-server+hostapd in the 'loc' zone. Wifi card is configured as > Access Point. > After upgrade shorewall service didn’t start. > I suspect that currently (after upgrade) shorewall starts too early (eg. > before other needed network services eg isc-dhcp-server, hostapd). > > ela@akacja:~$ sudo systemctl status shorewall > â shorewall.service - Shorewall IPv4 firewall > Loaded: loaded (/lib/systemd/system/shorewall.service; enabled; > vendor preset: enabled) > Active: failed (Result: exit-code) since Sun 2018-05-06 10:00:21 > CEST; 50s ago > Process: 2180 ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS > (code=exited, status=143) > Main PID: 2180 (code=exited, status=143) > > May 06 10:00:21 akacja systemd[1]: Starting Shorewall IPv4 firewall... > May 06 10:00:21 akacja shorewall[2180]: Starting Shorewall.... > May 06 10:00:21 akacja shorewall[2180]: ERROR: Unable to determine > the IP address(es) of wlp4s0: Firewall state not changed > May 06 10:00:21 akacja root[2247]: ERROR:Shorewall start failed:Firewall > state not changed > May 06 10:00:21 akacja shorewall[2180]: Terminated > May 06 10:00:21 akacja systemd[1]: shorewall.service: Main process > exited, code=exited, status=143/n/a > May 06 10:00:21 akacja systemd[1]: shorewall.service: Failed with result > 'exit-code'. > May 06 10:00:21 akacja systemd[1]: Failed to start Shorewall IPv4 firewall. > > Shorewall starts only when I manually enter: > sudo systemctl restart shorewall > > my ‘/lib/systemd/system/shorewall.service’ systemd unit file is as fallows: > > > # > # The Shoreline Firewall (Shorewall) Packet Filtering Firewall > # > # Copyright 2011 Jonathan Underwood <jonathan.underw...@gmail.com> > # Copyright 2015 Tom Eastep <teas...@shorewall.net> > # > [Unit] > Description=Shorewall IPv4 firewall > Wants=network-online.target > After=network-online.target > Conflicts=iptables.service firewalld.service > > [Service] > Type=oneshot > RemainAfterExit=yes > EnvironmentFile=-/etc/default/shorewall > StandardOutput=syslog > ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS > ExecStop=/sbin/shorewall $OPTIONS clear > ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS > > [Install] > WantedBy=basic.target > > > I tried to add ' hostapd.service isc-dhcp-server.service' to the line > After=network-online.target > but with no effect... > Please advice me how to modify ‘/lib/systemd/system/shorewall.service’ > to enable start shorewall at system boot. > TIA, >
You could try the following: $ systemctl enable systemd-networkd-wait-online or for NetworkManager: $ systemctl enable NetworkManager-wait-online.service https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ Alternatively the 'wait' and 'optional' options in /etc/shorewall/interfaces could be of interest to you. http://shorewall.org/manpages/shorewall-interfaces.html -Matt -- Matt Darfeuille ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
