librano
May 17th, 2007, 04:23 AM
hello everybody!
I am facing some problems with Shorewall on Ubuntu Feisty server. Coming from Mandriva server, I have gotten used to shorewall as my firewall and would like to continue using it as I have all my necessary rules and config files. However, shorewall does not startup. here is my /var/log/shorewall-init.log file. Anysuggestions as to what I may be doing wrong?
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
Giving up on lock file /var/lock/shorewall
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
it doesnt find the /etc/ifw/start and stop files... do i have to install another package? i copied my old config files from Mandriva so all the rules and configs must be set. but the interfaces come up here with ip adresses 0.0.0.0... is that where the problem is?
thanks.
I am facing some problems with Shorewall on Ubuntu Feisty server. Coming from Mandriva server, I have gotten used to shorewall as my firewall and would like to continue using it as I have all my necessary rules and config files. However, shorewall does not startup. here is my /var/log/shorewall-init.log file. Anysuggestions as to what I may be doing wrong?
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
Giving up on lock file /var/lock/shorewall
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.start
Processing /etc/shorewall/params ...
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
Compiling...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
net Zone: eth0:0.0.0.0/0
loc Zone: sit0:0.0.0.0/0 eth1:0.0.0.0/0 vmnet8:0.0.0.0/0
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Pre-processing /usr/share/shorewall/action.Limit...
Deleting user chains...
Compiling /etc/shorewall/routestopped ...
Compiling Accounting...
Creating Interface Chains...
Compiling Proxy ARP
Compiling NAT...
Compiling NETMAP...
Compiling Common Rules
Compiling IP Forwarding...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/tunnels...
Compiling Actions...
Compiling /usr/share/shorewall/action.Drop for Chain Drop...
Compiling /usr/share/shorewall/action.Reject for Chain Reject...
Compiling /etc/shorewall/policy...
Compiling Masquerading/SNAT
Compiling /etc/shorewall/tos...
Compiling /etc/shorewall/ecn...
Compiling Traffic Control Rules...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Compiling Rule Activation...
Compiling Refresh of Black List...
Compiling Refresh of /etc/shorewall/ecn...
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Shorewall is not running
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Clearing Traffic Control/QOS
Deleting user chains...
Processing /etc/shorewall/continue ...
Enabling Loopback and DNS Lookups
Setting up Accounting...
Creating Interface Chains...
Setting up Proxy ARP...
Setting up one-to-one NAT...
Setting up SMURF control...
Processing /etc/shorewall/initdone ...
Setting up Black List...
Setting up ARP filtering...
Setting up Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Setting up TOS...
Rule "loc net tcp - 80 16" Added.
Rule "net loc tcp 80 80 16" Added.
Rule "loc net tcp - 80 8" Added.
Rule "net loc tcp 80 80 8" Added.
Setting up ECN...
Setting up TC Rules...
Activating Rules...
Processing /etc/shorewall/start ...
.: 123: Can't open /etc/ifw/start
Clearing Shorewall...
iptables v1.3.6: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
.: 10: Can't open /etc/ifw/stop
it doesnt find the /etc/ifw/start and stop files... do i have to install another package? i copied my old config files from Mandriva so all the rules and configs must be set. but the interfaces come up here with ip adresses 0.0.0.0... is that where the problem is?
thanks.