From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id A51E8138973 for ; Sun, 10 Feb 2013 16:49:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id ACDB121C132; Sun, 10 Feb 2013 16:49:13 +0000 (UTC) Received: from mail-wg0-f42.google.com (mail-wg0-f42.google.com [74.125.82.42]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D03A921C016 for ; Sun, 10 Feb 2013 16:49:11 +0000 (UTC) Received: by mail-wg0-f42.google.com with SMTP id 12so1851138wgh.5 for ; Sun, 10 Feb 2013 08:49:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=ERnui3eG8OMNVdFzNTjVTR3h25YSaIY+WVfd0jLJfaY=; b=XDVEonVR+6AtF3V8v+JMKzXWwCn3J9C41hGShZbqOlMHfscv2hGJ5HpgRHg0MCiSWF 0x464RyMAnvRcE9sohmY5V8Qk1P0HdrDZpSHR78aA1vXi2GOiJsWW9H0CaP9rLJWKGVe 6PDQ5SLqV4p2PSVy7TAJLyQlPr7OUaspVoCEmpnfnRZooeA8vXaNoc/w1/NR3fGkdeR4 w+T0yRgXlb1frtl8hyCc+b5s29T/SShYOIFrug+y+JQKdpZ4JRdH8RdpTtWvHL7WtHl5 TFdRsq1mh07AH0V6Me/kfcKqXLR8Ea3OP81aUqtPuCjY/AClgOBGAgLrS2bQ+oLki9Q/ U/xA== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.194.58.175 with SMTP id s15mr19289224wjq.31.1360514950493; Sun, 10 Feb 2013 08:49:10 -0800 (PST) Received: by 10.194.242.103 with HTTP; Sun, 10 Feb 2013 08:49:10 -0800 (PST) In-Reply-To: <5117459C.60708@dmj.nu> References: <5117459C.60708@dmj.nu> Date: Sun, 10 Feb 2013 08:49:10 -0800 Message-ID: Subject: Re: [gentoo-user] Shorewall: iptables: No chain/target/match by that name. From: Grant To: Gentoo mailing list Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: 82a8a2ff-2e9e-4a69-9348-7a8bcadac20e X-Archives-Hash: be91de8bd7559543316eb65d33da4e95 >> I'm getting the following when restarting shorewall: >> >> # /etc/init.d/shorewall restart >> * Stopping firewall ... >> * Starting firewall ... >> iptables: No chain/target/match by that name. >> >> How can I find out which chain/target/match I need to compile into the >> kernel? shorewall-init.log does not indicate any problems and I have >> LOG_VERBOSITY=2 in shorewall.conf which is the maximum. > > I hade the same problem. Using "shorewall trace restart" I could figure > out which chain/target/match that was missing. Thanks, that got them. A couple oddities: 'shorewall trace restart' produced output the same as shorewall-init.log which contained no info useful for this purpose. However, 'shorewall trace restart > file.txt' sent completely different output to file.txt which did contain all of the needed info. How can that be? I got a lot of "No such file or directory" lines in file.txt for stuff like -j LOGMARK, -m condition, -m geoip, -m ipp2p, nfacct which I can't find in the kernel. Numerous other miscellaneous errors there too. Ignore them if they aren't outputted by the initscript? - Grant