Re: [Shorewall-users] Compilation error zone with &loc-fw make shell execution error

Wed, 01 Aug 2018 13:43:51 -0700 

On 08/01/2018 01:28 PM, Tom Eastep wrote:
> On 08/01/2018 12:53 PM, Flavien Fondanesche wrote:
>> Hello, I’m building a new Router/Firewall on Gentoo Linux,
>>
>> I never get any errors before throw Debian or Gentoo Distribution
>>
>> When i’m running : # shorewall debug start i have an issue and every is
>> stoping
>>
>>  
>>
>> « Running debug_restore_input...
>>
>> /var/lib/shorewall/.start: ligne 553: loc-fw : commande introuvable
>>
>>    ERROR: Command "/sbin/iptables --wait -t filter -A &loc-fw -m
>> addrtype --dst-type BROADCAST -j ACCEPT" Failed
>>
>> iptables v1.8.0 (legacy): option "-A" requires an argument
>>
>> Try `iptables -h' or 'iptables --help' for more information. »
>>
>> For my identification the chain start with ‘&’ make an error without, it
>> works.
>>
>>  
>>
>>  
>>
>> My Configuration is Shared configuration between IPv4 and IPv6, never
>> get any error before.
>> The new is to use SHELL cat …/rules.d/*.rules.
>>
>>
>> Shorewall Version : 5.2.0.4
>>
>> Iptables : iptables v1.8.0 (legacy)
>>
>> Kernel : Linux firewall 4.14.52-gentoo-j1900 (all netfilter are in
>> modules and loaded properly)
>>
>>  
>>
>> After building and recompiling, and Nothing change with different
>> version of iptables.
>>
>>  
>>
>> Any suggestion ?
>>
> 
> Please:
> 
> a) shorewall show -f capabilities > /etc/shorewall/capabilities
> b) tar -xcf shorewall.tgz /etc/shorewall
> c) Send me the shorewall.tgz file (privately). Include the Shorewall
> version that you are running.
> 

Before you do that, place apply the attached patch -- it should resolve
the problem.

    patch .../Shorewall/Chains.pm < UNTRACKED.patch

I don't know where Gentoo installs the Shorewall Perl modules -- PERLDIR
in /usr/share/shorewall/shorewallrc should give you a clue.

-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 0adcd8d3f..c5411b492 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -428,7 +428,7 @@ our $VERSION = 'MODULEVERSION';
 #      Established     - ^<z1-z2>
 #      Related         - +<z1-z2>
 #      Invalid         - _<z1-z2>
-#      Untracked       - &<z1-z2>
+#      Untracked       - =<z1-z2>
 #
 our %chain_table;
 our $raw_table;
@@ -2275,7 +2275,7 @@ sub invalid_chain($$) {
 # Name of the untracked chain between an ordered pair of zones
 #
 sub untracked_chain($$) {
-    '&' . &rules_chain(@_);
+    '=' . &rules_chain(@_);
 }
 
 #

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to