Known errors

Shorewall doesn't start automatic after reboot

systemctl enable shorewall.service

STARTUP_ENABLED=Yes in shorewall.conf

startup=1 in /etc/default/shorewall 

======================================

shorewall6 check

Checking...
   WARNING: Unknown configuration option (DisableIPv6) ignored : /etc/shorewall6/shorewall6.conf (line 14)
   WARNING: Unknown configuration option (LOGLIMIT) ignored : /etc/shorewall6/shorewall6.conf (line 35)
Unquoted string "bin" may clash with future reserved word at /etc/shorewall6/shorewall6.conf line 57, 
<$currentfile> line 57.
Unquoted string "perl" may clash with future reserved word at /etc/shorewall6/shorewall6.conf line 58, 
<$currentfile> line 57.
   ERROR: syntax error at /etc/shorewall6/shorewall6.conf line 57, near ";
# line 57 "/etc/shorewall6/shorewall6.conf"
="

Solution

First install 4.4.2 and then upgrade to 4.4.17

cd /home/beheer/software
wget http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.17/shorewall6-4...
tar -xjvf shorewall6-4.4.17.tar.bz2
cd shorewall6-4.4.17
./install.sh
shorewall6 restart



Locales error

server:/home/shorewall-4.4.4.2# shorewall check 
Checking...
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LANG = "nl_NL.utf8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
oChecking /etc/shorewall/zones...
   ERROR: No IP zones defined
vps50081:/home/shorewall-4.4.4.2# locale -a
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_COLLATE to default locale: No such file or directory
C
POSIX
en_GB
en_GB.iso88591
en_GB.iso885915
en_GB.utf8
nl_NL.iso885915@euro
nl_NL@euro

Solution

export LC_ALL="en_GB.utf8"


Make sure you run the appropiate kernel:

root@wiki-engineering:/etc/init.d# shorewall6 start
Compiling...
Compiling /etc/shorewall6/zones...
Compiling /etc/shorewall6/interfaces...
Determining Hosts in Zones...
Preprocessing Action Files...
   Pre-processing /usr/share/shorewall6/action.AllowICMPs...
   Pre-processing /usr/share/shorewall6/action.Drop...
   Pre-processing /usr/share/shorewall6/action.Reject...
Compiling /etc/shorewall6/policy...
Compiling TCP Flags filtering...
Compiling MAC Filtration -- Phase 1...
Compiling /etc/shorewall6/rules...
Generating Transitive Closure of Used-action List...
Processing /usr/share/shorewall6/action.AllowICMPs for chain AllowICMPs...
Processing /usr/share/shorewall6/action.Reject for chain Reject...
Processing /usr/share/shorewall6/action.Drop for chain Drop...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Generating Rule Matrix...
Creating ip6tables-restore input...
Compiling iptables-restore input for chains blacklst mangle:...
Shorewall configuration compiled to /var/lib/shorewall6/.start
Processing /etc/shorewall6/params ...
/var/lib/shorewall6/.start: line 2020: printf: xs5: invalid number
   ERROR: Shorewall6 requires Linux kernel 2.6.24 or later

 






 

Powered by