Hi I have the same problem on Fedora 29 server and on Centos 7.6 server. And it won't start at boot and even if I do systemctl start shorewall. I need to go into webmin and start it there. I have no errors in log. If anyone find solution please let me know.
-----Original Message----- From: Mahashakti89 [mailto:mahashakt...@orange.fr] Sent: Monday, July 29, 2019 1:12 PM To: shorewall-users@lists.sourceforge.net Subject: [Shorewall-users] Problem starting shorewall on Debian Sid -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, Shorewall won't start .... I am running Debian Sid. Could need some help. I used the documentation > examples > two-interfaces to set up the firewall. 1.On start I get following error message : Starting Shorewall.... Initializing... Setting up Route Filtering... Setting up Martian Logging... Setting up Accept Source Routing... Preparing iptables-restore input... Running /sbin/iptables-restore --wait 60... iptables-restore v1.8.3 (nf_tables): line 5: CHAIN_UPDATE failed (Operation not supported): chain PREROUTING line 6: CHAIN_UPDATE failed (Operation not supported): chain OUTPUT ERROR: iptables-restore Failed. Input is in /var/lib/shorewall/.iptables-restore-input Preparing iptables-restore input... Running /sbin/iptables-restore --wait 60... iptables-restore v1.8.3 (nf_tables): line 5: CHAIN_UPDATE failed (Operation not supported): chain PREROUTING line 6: CHAIN_UPDATE failed (Operation not supported): chain OUTPUT ERROR: /sbin/iptables-restore --wait 60 Failed. IPv4 Forwarding Enabled Terminated zsh: exit 143 sudo shorewall start 2.So I used : iptables-legacy -t nat -v -L -n --line-number Chain PREROUTING (policy ACCEPT 152 packets, 8722 bytes) num pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 2507 packets, 153K bytes) num pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 2507 packets, 153K bytes) num pkts bytes target prot opt in out source destination 3.I wanted to delete PREROUTING and OUTPUT rules using : iptables-legacy -t nat -D POSTROUTING {number-here} but it won't work I have no rule number to use Hope you understand my english. Could need some help mahashakti89 -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEqwnUSptd4nUozSorgCLNhIOctIAFAl0+1HEACgkQgCLNhIOc tIDzOwf5AYGD44MHCsiTY+TKX5W00ceUzLmNoBKBxXeSW9NZJKDIN+AqVRHXo5lB 3a6gyoWaHoJwNPP/1ZcH8tkkyEA3hAiqAodziNhpttdSGbgFrC0THAxs5BzmaSCg dd81i63fFb+bBQeVeelQ0YEvad7qqwXSRh7cMvZ19LKiiUaFo81PU5G3jZN4DbBL 6mZjB3Q0+AnA7sWHH5qIC2hLslW7o3PfNI+gdAJAoPNQMBnV7IEbJJA04OuAPJwp RYzV2U459rWhBF8+1I1doLQj96zLAzeCAfSriPicfniC6HIKoG1kvVkZtj3hN7MC X/yzeCwLsaYGnL1zXaJzqooFhuv7UQ== =juJc -----END PGP SIGNATURE----- _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
