From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1Dz0Z4-00001y-ST for garchives@archives.gentoo.org; Sat, 30 Jul 2005 23:16:23 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j6UNENKD022247; Sat, 30 Jul 2005 23:14:23 GMT Received: from pop-borzoi.atl.sa.earthlink.net (pop-borzoi.atl.sa.earthlink.net [207.69.195.70]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j6UNAmvk009109 for ; Sat, 30 Jul 2005 23:10:48 GMT Received: from nc-67-76-103-185.dyn.sprint-hsd.net ([67.76.103.185]) by pop-borzoi.atl.sa.earthlink.net with esmtp (Exim 3.36 #10) id 1Dz0UX-0006Eb-00 for gentoo-user@lists.gentoo.org; Sat, 30 Jul 2005 19:11:41 -0400 Subject: Re: [gentoo-user] Shorewall failure following upgrade From: Jeff Cranmer To: gentoo-user@lists.gentoo.org In-Reply-To: <42EB7DF5.30000@dir.bg> References: <1116165126.23106.16.camel@tux> <1122727431.3645.1.camel@localhost> <42EB7DF5.30000@dir.bg> Content-Type: text/plain Date: Sat, 30 Jul 2005 23:09:42 +0000 Message-Id: <1122764982.11836.7.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.1.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: a1b93899-cdd5-45e4-a58f-4c1e351d68b6 X-Archives-Hash: 58635661eaf96d9a297ff56ff951df9a On Sat, 2005-07-30 at 16:17 +0300, Rumen Yotov wrote: > Hi, > Works OK on a 2.6 system, too. It depends only on: iptables, iproute2 > and virtual/libc (glibc). > Some suggestions: > 1.try "revdep-rebuild -pv" later w/o "p" to check if something needs to > be rebuild (suspect 'iptables' here); > 2.Check for "required options" (see shorewall docs) in the kernel config > (maybe something was changed); > 3.Check the five 'basic' ;) config files: > /etc/shorewall/shorewall.conf&policy&interfaces&zones&rules. > HTH. Rumen It seems there was something wrong with the revised configuration files. revdep-rebuild didn't come up with anything related to the packages you identified, so I cheated and copied over the entire /etc/shorewall directory from my 2.6 system to the 2.4 partition (renaming the original directory to a dummy name first, just in case the result was bad). I was then able to successfully restart shorewall and pass a stealth test on www.grc.com (shields-up). Thanks :-) Jeff -- gentoo-user@gentoo.org mailing list