Skip to content

shorewall on vagrant fails

after deploy from latest bitmask/platform:

root@vpn1:/etc/shorewall/puppet# shorewall safe-restart
Compiling...
Processing /etc/shorewall/puppet/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Compiling /etc/shorewall/puppet/zones...
Compiling /etc/shorewall/puppet/interfaces...
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 11)
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 12)
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 13)
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 14)
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 15)
   WARNING: Support for the norfc1918 interface option has been removed from Shorewall /etc/shorewall/puppet/interfaces (line 16)
Determining Hosts in Zones...
Locating Action Files...
Compiling /usr/share/shorewall/action.Drop for chain Drop...
Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast...
Compiling /usr/share/shorewall/action.Invalid for chain Invalid...
Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...
Compiling /usr/share/shorewall/action.Reject for chain Reject...
Compiling /etc/shorewall/puppet/policy...
   WARNING: There are interfaces or zones with the 'blacklist' option but the 'blacklist' file is empty
Adding Anti-smurf Rules
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling /etc/shorewall/puppet/masq...
   ERROR: Unknown interface (eth0eth1) /etc/shorewall/puppet/masq (line 11)


root@vpn1:/etc/shorewall/puppet# cat masq      
#
# Shorewall version 3.4 - Masq file
#
# For information about entries in this file, type "man shorewall-masq"
#
# For additional information, see http://shorewall.net/Documentation.htm#Masq
#
###############################################################################
#INTERFACE              SOURCE          ADDRESS         PROTO   PORT(S) IPSEC   MARK
# eth0eth1_limited_tcp
eth0eth1 10.43.0.0/21 - - - - 
# eth0eth1_limited_udp
eth0eth1 10.44.0.0/21 - - - - 
# eth0eth1_unlimited_tcp
eth0eth1 10.41.0.0/21 - - - - 
# eth0eth1_unlimited_udp
eth0eth1 10.42.0.0/21 - - - - 
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE

(from redmine: created on 2013-05-05, closed on 2013-09-17, relates #3339 (closed), relates #2213 (closed), blocks #2401 (closed))