File: known_problems.txt

package info (click to toggle)
shorewall-core 4.6.4.3-2
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 372 kB
  • ctags: 22
  • sloc: sh: 607; perl: 126; makefile: 15
file content (74 lines) | stat: -rw-r--r-- 2,382 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
1)  On systems running Upstart, shorewall-init cannot reliably secure
    the firewall before interfaces are brought up.

2)  If you install 4.6.4 and then use the 'safe-restart' command to
    restart your firewall, confusing output is produced:

      # shorewall safe-restart
      Compiling...
      Processing /etc/shorewall/params ...
      Processing /etc/shorewall/shorewall.conf...
      ...
      Optimizing Ruleset...
      Creating iptables-restore input...
      Shorewall configuration compiled to /var/lib/shorewall/.restart
         Currently-running Configuration Saved to /var/lib/shorewall/.safe
      Usage: /var/lib/shorewall/firewall [ options ] <command>

      <command> is one of:
        start
      	stop
      	clear
      	disable <interface>
      	down <interface>
      	enable <interface>
      	reset
      	refresh
      	restart
      	run <command> [ <parameter> ... ]
      	status
      	up <interface>
      	version

      Options are:

         -v and -q        Standard Shorewall verbosity controls
         -n               Don't update routing configuration
         -p               Purge Conntrack Table
         -t               Timestamp progress Messages
         -V <verbosity>   Set verbosity explicitly
         -R <file>        Override RESTOREFILE setting
      Restarting...
      Restarting Shorewall....
      Initializing...
      Processing /etc/shorewall/init ...
      ...
      Processing /etc/shorewall/start ...
      Processing /etc/shorewall/started ...
      done.
      Do you want to accept the new firewall configuration? [y/n]

    The above 'usage' information, while confusing, does not represent a
    problem and it is safe to answer 'y'.


    Corrected in Shorewall 4.6.4.1.

3)  The 'Universal' sample configuration fails to start. 

    Workaround: Remove the 'optional' option from the interfaces file
    entry.

    Corrected in Shorewall 4.6.4.1.

4)  Setting LOGBACKEND=ipt_LOG may result in the following startup
    failure at boot:

       Starting shorewall ...
       /var/lib/shorewall/firewall: line 2080: echo: write error: No such file or directory
          WARNING: Unable to set log backend to ipt_LOG

    Partially corrected in Shorewall 4.6.4.2. Fixed on Squeeze and
    RHEL6 (and derivatives). Not fixed on Fedora, Ubuntu and OpenSuSE.

    Corrected on other distros in 4.6.4.3.