Re: ipchains: cannot open file `/proc/net/ip_fwnames' (was: Re: "No such file or directory" - huh?!)
On Sun, Jul 22, 2001 at 05:15:11PM +0200, Joost Kooij wrote:
> On Sun, Jul 22, 2001 at 10:59:15AM +0200, Gary Jones wrote:
> > Joost Kooij wrote:
> >
> > > On Sat, Jul 21, 2001 at 08:34:48PM +0200, Gary Jones wrote:
> > > > ash-ock:/etc/init.d# ./firewall
> > > > bash: ./firewall: No such file or directory
> > [snip]
> > > > What's going on? The script file is definitely there
> >
> > > In the script, you are using a command with a tpyo in it or that is
> > > located in a place not in your current $PATH.
> >
> > Nope. See later for how I know why not...
> >
> > > Perhaps the command is "ipchains" (/sbin/ipchains) and you are used
> > > to doing "su" to become root? In that case, next time do "su -", so
> > > you get a propor root login, with all the sbins in $PATH.
> >
> > No, I ran that scripting session as root so that I wouldn't get anything silly
> > like ownership issues.
> >
> > and Tim Moss wrote:
> >
> > > The "No such file" could be referring to the shebang line. Does /bin/sh
> > > exist?
> >
> > Yes.
>
> If it wouldn't, all sorts of other things would also break, pretty
> violently.
>
> > I still don't know what caused the problem. What I ended up doing was something
> > like:
> > cp ../init.d/firewall ../init.d/firewall.old
> > cp ../init.d/network ../init.d/firewall
> > jed ../init.d/firewall ../init.d/firewall.old
> > and then copying the contents of 'firewall.old' into 'firewall'. After that I
> > didn't get "No such file or directory" any more, though the original reason is
> > still a mystery to me. Thanks for your help, though.
>
> Too bad that you do not have both files anymore, or you would have been
> able to at least make a "diff" of the working and the non-working version.
>
> > Now I get:
> > ash-ock:~# ipchains -F
> > ipchains: cannot open file `/proc/net/ip_fwnames'
> > [which is not surprising, since...]
> > ash-ock:~# ls -la /proc/net/ip*
> > -rw-r--r-- 1 root root 0 Jul 22 10:29 /proc/net/ip_forward
> > -rw-r--r-- 1 root root 0 Jul 22 10:29 /proc/net/ip_input
> > -rw-r--r-- 1 root root 0 Jul 22 10:29 /proc/net/ip_output
> >
> > *sigh*
> >
> > I thought creating all the stuff required was the job of the install routine?
>
> Are you sure that you enabled firewalling support in your kernel
> configuration?
>
> > I also get "setsockopt : protocol not available" when trying to set the policy.
> > FWIW this is ipchains --version 1.3.4 (as per standard 'slink' distro, I believe)
> >
> > --
> > Gary
> > Debian 2.1r4 (kernel v2.0.39); XFree86 3.3.6
> ^^^^^^^^^^^^^^
> That may also explain these other problems. Consider upgrading
> the machine to a newer debian release and a newer linux kernel.
> The facilities you are trying to use may not be supported very well or
> at all in the kernel and tools that you are using. Also, older debian
> releases do not get any official security updates. You need to run the
> "stable" release for those.
>
2.0.x kernels do not use ipchains, but use ipfwadm instead. Upgrading
is definitely in order, however.
Bob
Reply to: