Hi Boris Am 12.05.2020 um 19:09 schrieb Boris: > Am 12.05.20 um 19:06 schrieb Boris: ...
>> > > agate# shorewall check > Checking using Shorewall 5.2.3.4... > Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... > ERROR: CLAMPMSS=Yes requires TCPMSS Target in your kernel and > iptables /etc/shorewall/shorewall.conf (EOF) > What is your current release on that box? I was preetty sure TCPMSS was selected, but it might be a module. On 6.2.4, which I am running on my peripheral box, SALT# lsmod | grep xt_TCPMSS xt_TCPMSS 16384 1 - Live 0xc0b69000 x_tables 20480 18 ipt_MASQUERADE,xt_recent,xt_comment,ipt_REJECT,xt_addrtype,xt_physdev,xt_mark,iptable_mangle,xt_TCPMSS,xt_tcpudp,xt_CT,iptable_raw,xt_multiport,xt_conntrack,xt_NFLOG,xt_LOG,iptable_filter,ip_tables, Live 0xc08f9000 It looks like xt_TCPMSS is a module and was not loaded at shorewall start. Try mount_modules shorewall check umount_modules Else you will have to restart shorewall or just temporarily load the module. mount_modules modprobe xt_TCPMSS umount_modules cheers ET
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users