public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
@ 2013-02-10  5:19 Grant
  2013-02-10  7:00 ` Dan Johansson
  0 siblings, 1 reply; 6+ messages in thread
From: Grant @ 2013-02-10  5:19 UTC (permalink / raw
  To: Gentoo mailing list

I'm getting the following when restarting shorewall:

# /etc/init.d/shorewall restart
 * Stopping firewall ...
 * Starting firewall ...
iptables: No chain/target/match by that name.

How can I find out which chain/target/match I need to compile into the
kernel?  shorewall-init.log does not indicate any problems and I have
LOG_VERBOSITY=2 in shorewall.conf which is the maximum.

- Grant


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
  2013-02-10  5:19 [gentoo-user] Shorewall: iptables: No chain/target/match by that name Grant
@ 2013-02-10  7:00 ` Dan Johansson
  2013-02-10 12:07   ` covici
  2013-02-10 16:49   ` Grant
  0 siblings, 2 replies; 6+ messages in thread
From: Dan Johansson @ 2013-02-10  7:00 UTC (permalink / raw
  To: gentoo-user


[-- Attachment #1.1: Type: text/plain, Size: 778 bytes --]

On 02/10/13 06:19, Grant wrote:
> I'm getting the following when restarting shorewall:
> 
> # /etc/init.d/shorewall restart
>  * Stopping firewall ...
>  * Starting firewall ...
> iptables: No chain/target/match by that name.
> 
> How can I find out which chain/target/match I need to compile into the
> kernel?  shorewall-init.log does not indicate any problems and I have
> LOG_VERBOSITY=2 in shorewall.conf which is the maximum.

I hade the same problem. Using "shorewall trace restart" I could figure
out which chain/target/match that was missing.

Regards.
-- 
Dan Johansson, <http://www.dmj.nu>
***************************************************
This message is printed on 100% recycled electrons!
***************************************************

[-- Attachment #1.2: 0x2FB894AD.asc --]
[-- Type: application/pgp-keys, Size: 3325 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 255 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
  2013-02-10  7:00 ` Dan Johansson
@ 2013-02-10 12:07   ` covici
  2013-02-10 16:49   ` Grant
  1 sibling, 0 replies; 6+ messages in thread
From: covici @ 2013-02-10 12:07 UTC (permalink / raw
  To: gentoo-user


Dan Johansson <Dan.Johansson@dmj.nu> wrote:

> On 02/10/13 06:19, Grant wrote:
> > I'm getting the following when restarting shorewall:
> > 
> > # /etc/init.d/shorewall restart
> >  * Stopping firewall ...
> >  * Starting firewall ...
> > iptables: No chain/target/match by that name.
> > 
> > How can I find out which chain/target/match I need to compile into the
> > kernel?  shorewall-init.log does not indicate any problems and I have
> > LOG_VERBOSITY=2 in shorewall.conf which is the maximum.
> 
> I hade the same problem. Using "shorewall trace restart" I could figure
> out which chain/target/match that was missing.
> 

I just do shorewall stop followed by shorewall start and get lots of
output and never get that message.  They tell you if I remember
correctly this is the way to restart shorewall, not using an init
script.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici@ccs.covici.com


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
  2013-02-10  7:00 ` Dan Johansson
  2013-02-10 12:07   ` covici
@ 2013-02-10 16:49   ` Grant
  2013-02-10 17:07     ` Grant
  1 sibling, 1 reply; 6+ messages in thread
From: Grant @ 2013-02-10 16:49 UTC (permalink / raw
  To: Gentoo mailing list

>> I'm getting the following when restarting shorewall:
>>
>> # /etc/init.d/shorewall restart
>>  * Stopping firewall ...
>>  * Starting firewall ...
>> iptables: No chain/target/match by that name.
>>
>> How can I find out which chain/target/match I need to compile into the
>> kernel?  shorewall-init.log does not indicate any problems and I have
>> LOG_VERBOSITY=2 in shorewall.conf which is the maximum.
>
> I hade the same problem. Using "shorewall trace restart" I could figure
> out which chain/target/match that was missing.

Thanks, that got them.  A couple oddities:

'shorewall trace restart' produced output the same as
shorewall-init.log which contained no info useful for this purpose.
However, 'shorewall trace restart > file.txt' sent completely
different output to file.txt which did contain all of the needed info.
 How can that be?

I got a lot of "No such file or directory" lines in file.txt for stuff
like -j LOGMARK, -m condition, -m geoip, -m ipp2p, nfacct which I
can't find in the kernel.  Numerous other miscellaneous errors there
too.  Ignore them if they aren't outputted by the initscript?

- Grant


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
  2013-02-10 16:49   ` Grant
@ 2013-02-10 17:07     ` Grant
  2013-02-11  3:56       ` Adam Carter
  0 siblings, 1 reply; 6+ messages in thread
From: Grant @ 2013-02-10 17:07 UTC (permalink / raw
  To: Gentoo mailing list

>>> # /etc/init.d/shorewall restart
>>>  * Stopping firewall ...
>>>  * Starting firewall ...
>>> iptables: No chain/target/match by that name.
>>>
>>> How can I find out which chain/target/match I need to compile into the
>>> kernel?  shorewall-init.log does not indicate any problems and I have
>>> LOG_VERBOSITY=2 in shorewall.conf which is the maximum.
>>
>> I hade the same problem. Using "shorewall trace restart" I could figure
>> out which chain/target/match that was missing.
>
> Thanks, that got them.  A couple oddities:
>
> 'shorewall trace restart' produced output the same as
> shorewall-init.log which contained no info useful for this purpose.
> However, 'shorewall trace restart > file.txt' sent completely
> different output to file.txt which did contain all of the needed info.
>  How can that be?

I didn't actually make the comparison between 'shorewall trace
restart' and 'shorewall trace restart > file.txt'.  I only compared
the console output to the contents of file.txt after running the
single command 'shorewall trace restart > file.txt'.  Considering
this, I think the above makes sense because it would have redirected
certain output to the file and only the remaining output would have
appeared on the console.

- Grant


> I got a lot of "No such file or directory" lines in file.txt for stuff
> like -j LOGMARK, -m condition, -m geoip, -m ipp2p, nfacct which I
> can't find in the kernel.  Numerous other miscellaneous errors there
> too.  Ignore them if they aren't outputted by the initscript?
>
> - Grant


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name.
  2013-02-10 17:07     ` Grant
@ 2013-02-11  3:56       ` Adam Carter
  0 siblings, 0 replies; 6+ messages in thread
From: Adam Carter @ 2013-02-11  3:56 UTC (permalink / raw
  To: gentoo-user@lists.gentoo.org

[-- Attachment #1: Type: text/plain, Size: 133 bytes --]

> >  How can that be
>

">" only captures STDOUT, not STDERR. So the file.txt should be a subset of
what's displayed on the console.

[-- Attachment #2: Type: text/html, Size: 409 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2013-02-11  3:56 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-02-10  5:19 [gentoo-user] Shorewall: iptables: No chain/target/match by that name Grant
2013-02-10  7:00 ` Dan Johansson
2013-02-10 12:07   ` covici
2013-02-10 16:49   ` Grant
2013-02-10 17:07     ` Grant
2013-02-11  3:56       ` Adam Carter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox