Ulrik Haugen wrote:
> When I boot my machine something like the following is printed:
I don't know. But there haven't been any other responses for several
days. So I will make a comment.
> [ 50.220571] xt_addrtype: ipv6 does not support BROADCAST matching
> Starting "Shorewall firewall": not done.
> Starting "Shorewall6 firewall": not done.
> [FAIL] startpar: service(s) returned failure: shorewall shorewall6 ... failed!
Are your devices in /etc/network/interfaces (other than the "lo"
device) marked as "auto" or "allow-hotplug". If "auto" then try
"allow-hotplug".
> After boot my ip{,6}tables look like this:
>
> % sudo iptables -L -n -v
> ...various iptables rules dumped...
Odd that any rules were loaded at all since shorewall reported that it
failed. Therefore that is a clue. Could you have two different
packages or processes loading iptables rules? Could they be
conflicting? If you disable shorewall (startup=0 in
/etc/default/shorewall) then reboot do you still have iptables rules
loaded? If so then something else is doing it.
> At this point starting shorewall-init, shorewall and shorewall6 produces
> no errors:
I am not using shorewall-init and am not having any of your listed
problems. You might try purging it from your system to try to
simplify the problem and isolate where the problem exists. Since you
are having an initialization problem I think simplifying the
initialization is a good thing.
If all else fails then I would make a local backup copy of
/etc/shorewall and associate files that you have created. Then I
would purge all of the shorewall packages. Verify that all of the
/etc configuration has been cleaned out. Then do a clean installation
of shorewall again. Enable it (start=1) with the minimum
configuration. Does that work? If so then add one thing at a time to
the configuration until it breaks so that you will know where the
problem exists.
Good luck!
Bob
Attachment:
signature.asc
Description: Digital signature