From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1H7gZP-0004Ji-Li for garchives@archives.gentoo.org; Thu, 18 Jan 2007 23:21:24 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0INK8Yh022415; Thu, 18 Jan 2007 23:20:08 GMT Received: from mail.netspace.net.au (mail-out5.netspace.net.au [203.10.110.92]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0INELSo018077 for ; Thu, 18 Jan 2007 23:14:23 GMT Received: from [172.16.0.52] (ppp246-231.static.internode.on.net [203.122.246.231]) by mail.netspace.net.au (Postfix) with ESMTP id 7D5401700BC for ; Fri, 19 Jan 2007 10:14:18 +1100 (EST) Subject: Re: [gentoo-user] Setting up a home router From: Iain Buchanan To: gentoo-user@lists.gentoo.org In-Reply-To: <6142e6140701180311i7cfaf576q7e97b28b399e85eb@mail.gmail.com> References: <6142e6140701141127ke803445jb5d9a89f8fa523a@mail.gmail.com> <20070116014049.031f8e0f.hilse@web.de> <6142e6140701160003r1fcf996mf199bef9aa85ebdf@mail.gmail.com> <20070116121751.ba627364.hilse@web.de> <6142e6140701160410p1c91aa81i89455fcf46175b9f@mail.gmail.com> <20070116152154.ceb108c4.hilse@web.de> <6142e6140701171102k39c734d6gec6a11ebc29abcbd@mail.gmail.com> <20070117143520.72c831b4@pascal.spore.ath.cx> <6142e6140701180125n7dd94b94rfcf271e489874679@mail.gmail.com> <45AF4F68.8050009@exceedtech.net> <6142e6140701180311i7cfaf576q7e97b28b399e85eb@mail.gmail.com> Content-Type: text/plain Date: Fri, 19 Jan 2007 08:43:49 +0930 Message-Id: <1169162029.874.36.camel@orpheus> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.8.2.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 42227225-7e30-4c69-9994-bc7ac4d6344a X-Archives-Hash: 68ea044b9d15faf22785a0036c9caabb On Thu, 2007-01-18 at 12:11 +0100, Daniel Pielmeier wrote: > the way i have applied my rules is as follows > > first i load them with my generated script > then i invoke /etc/init.d/iptables save > and to be sure i do an /etc/init.d/iptables restart > iptables -L, iptables -L -t nat, iptables -L -t mangle show me my new rules > when i look in /var/lib/iptables/rules-save i also see my new rules > when i issue /etc/init.d/net.eth1 restart iptables -L, iptables -L -t > nat, iptables -L -t mangle show me the old rules from shorewall hmm, shorewall must have done something that's more persistent. Have a look at /etc/runlevels, and make sure there is no shorewall stuff left in there. Also look in /etc/conf.d/net* and make sure there is no postup functions lying around. And make sure /etc/init.d/net.eth1 is a symlink to /etc/init.d/net.lo, and then make sure net.lo hasn't been "modified" by shorewall. you could do a `emerge --noconfmem baselayout` to make extra sure. **Read the man page first. Is there a /etc/shorewall directory? Perhaps someone who has it installed could do `equery files shorewall` so you could check that it really is deleted. Well, these idea's are really stabbing in the dark, but you gotta start somewhere! HTH, -- Iain Buchanan Workers of the world, arise! You have nothing to lose but your chairs. -- gentoo-user@gentoo.org mailing list