Shorewall blocks Internet on boot-up
I'm running a Jessie/ Sid mixture and after a recent dist-upgrade Shorewall blocks
all Internet access unless it is 'stopped' and restarted:
root@mundo:/home/charles# shorewall stop
Stopping Shorewall....
Processing /etc/shorewall/stop ...
Processing /etc/shorewall/tcclear ...
Running /sbin/iptables-restore...
Processing /etc/shorewall/stopped ...
done.
root@mundo:/home/charles# shorewall start
Compiling...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Compiling /etc/shorewall/zones...
Compiling /etc/shorewall/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Compiling /etc/shorewall/policy...
Running /etc/shorewall/initdone...
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling MAC Filtration -- Phase 1...
Compiling /etc/shorewall/rules...
Compiling /etc/shorewall/conntrack...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Compiling /usr/share/shorewall/action.Drop for chain Drop...
Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast...
Generating Rule Matrix...
Compiling /usr/share/shorewall/action.Reject for chain Reject...
Creating iptables-restore input...
Shorewall configuration compiled to /var/lib/shorewall/.start
Starting Shorewall....
Initializing...
Processing /etc/shorewall/init ...
Processing /etc/shorewall/tcclear ...
Setting up Route Filtering...
Setting up Martian Logging...
Setting up Proxy ARP...
Preparing iptables-restore input...
Running /sbin/iptables-restore...
Processing /etc/shorewall/start ...
Processing /etc/shorewall/started ...
done.
Now I also removed network-manager before the dist-upgrade with a --purge removal.
(N-M has not been activated in /etc/NetworManager/NetworkManager.conf for a long)
time)
Could it be network-manager's removal created some parting sabotage on being
purged? I can't find anything wrong with Shorewall.
suggestions
--
Ck
Reply to: