You are not logged in.
Hello to all,
I have a Shorewall Machine installed with 2 nics...
But i cant use REDIRECT on /etc/shorewall/rules nor i can use mac address ( ex. loc:~00-A0-C9-15-39-78 ) .. it gaves me an error .....
$uname -a
Linux Pride 3.2.8-1-ARCH #1 SMP PREEMPT Mon Feb 27 22:13:59 UTC 2012 i686 Intel(R) Celeron(R) CPU 2.66GHz GenuineIntel GNU/Linux
$shorewall version -a
shorewall-core: 4.5.1.1
shorewall: 4.5.1.1
$Shorewall debug restart
....
....
....
....
Processing /etc/shorewall/init ...
Processing /etc/shorewall/tcclear ...
Setting up Route Filtering...
Setting up Martian Logging...
Setting up Proxy ARP...
Setting up Traffic Control...
Preparing iptables-restore input...
Running debug_restore_input...
iptables: No chain/target/match by that name.
ERROR: Command "/usr/sbin/iptables -A loc_dnat -p 6 --dport 80 -j REDIRECT --to-port 3128" Failed
Processing /etc/shorewall/stop ...
Processing /etc/shorewall/tcclear ...
Running /usr/sbin/iptables-restore...
IPv4 Forwarding Enabled
Processing /etc/shorewall/stopped ...
/usr/share/shorewall/lib.common: line 112: 11336 Terminated $SHOREWALL_SHELL $script $options $@
$shorewall show capabilities
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Available
Extended Connection Tracking Match Support: Available
Packet Type Match: Not available
Policy Match: Not available
Physdev Match: Not available
Physdev-is-bridged Support: Not available
Packet length Match: Available
IP range Match: Not available
Recent Match: Not available
Owner Match: Not available
CONNMARK Target: Not available
Connmark Match: Not available
Raw Table: Available
Rawpost Table: Not available
IPP2P Match: Not available
CLASSIFY Target: Not available
Extended REJECT: Available
Repeat match: Not available
MARK Target: Available
Extended MARK Target: Available
Extended MARK Target 2: Available
Mangle FORWARD Chain: Available
Comments: Available
Address Type Match: Available
TCPMSS Match: Not available
Hashlimit Match: Not available
NFQUEUE Target: Not available
Realm Match: Not available
Helper Match: Not available
Connlimit Match: Not available
Time Match: Not available
Goto Support: Available
LOGMARK Target: Not available
IPMARK Target: Not available
LOG Target: Available
ULOG Target: Available
NFLOG Target: Not available
Persistent SNAT: Available
TPROXY Target: Not available
FLOW Classifier: Available
fwmark route mask: Available
Mark in any table: Available
Header Match: Not available
ACCOUNT Target: Not available
AUDIT Target: Not available
ipset V5: Not available
Condition Match: Not available
Statistic Match: Not available
IMQ Target: Not available
DSCP Match: Not available
DSCP Target: Not available
iptables -S: Available
Basic Filter: Available
CT Target: Not available
Ty for ur time even readin this, waitin for ur help I m sure i mmissing smth on kernel...
John
Last edited by CoMfUcIoS (2012-03-28 14:58:41)
Offline