[Shorewall-newbies] Can't start shorewall
hedgie at hedgie.com
Sun Feb 8 09:51:45 PST 2004
[Not subscribed to list, but reading from shorewall.net]
I've been running shorewall for quite some time, but since I got it
running once then left it alone, I'm going to consider myself a
My setup: Mandrake 9.2 on a desktop, eth0 connects via a cable modem
to the Internet. eth1 connects via crossover cable to a laptop that's
(sometimes) present on an internal 192.168.0.x network. I've not
messed with Mandrake's built-in connection-sharing tool.
About two weeks ago, shorewall ceased loading. I mucked about with
the config files and logs, but couldn't see any reason why it wouldn't
work. I figured, what the heck, I needed to upgrade to 1.4.10 anyway,
so I removed my 1.4.08 install and all the config files, and installed
the latest version. I installed the two-interfaces example, and I
still can't get shorewall to start. /tmp/trace is mostly benign (I'll
post the whole thing if requested) but it ends thusly:
++ get_routed_subnets eth1
++ local address
++ local rest
++ ip route show dev eth1
++ read address rest
+ '[' -z '' ']'
+ fatal_error 'Unable to determine the routes through interface eth1'
+ echo ' Error: Unable to determine the routes through interface eth1'
Error: Unable to determine the routes through interface eth1
+ '[' start = check ']'
+ set +x
IP addr show implies to me the problem is with eth1, not shorewall,
although I'm mystified how to solve it:
[root at md-wmnsmd-cuda2-c7b-63 shorewall]# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:03:47:dc:30:c4 brd ff:ff:ff:ff:ff:ff
inet 220.127.116.11/24 brd 18.104.22.168 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:a0:cc:3a:e2:0e brd ff:ff:ff:ff:ff:ff
[root at md-wmnsmd-cuda2-c7b-63 shorewall]# ip route show
22.214.171.124/24 dev eth0 proto kernel scope link src 126.96.36.199
127.0.0.0/8 dev lo scope link
default via 188.8.131.52 dev eth0
Any and all help appreciated!
\\\\\ ----> hedgie at hedgie.com <----
\\\\\\\__o Bringing hedgehogs to the common folk since 1994.
Visit http://www.hedgie.com for information on my latest book,
"Waiting for War," published by Aventine Press!
More information about the Shorewall-newbies