[opensuse-security] Errors when starting the firewall.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is what I see: nimrodel:~ # SuSEfirewall2 SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ... SuSEfirewall2: Warning: no default firewall zone defined, assuming 'ext' SuSEfirewall2: batch committing... iptables-batch v1.3.8: host/network `##' not found Try `iptables-batch -h' or 'iptables-batch --help' for more information. SuSEfirewall2: Error: iptables-batch failed, re-running using iptables iptables v1.3.8: host/network `##' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `Type:' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `string' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `##' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `Default:' not found Try `iptables -h' or 'iptables --help' for more information. SuSEfirewall2: Firewall rules successfully set This system was upgraded from 10.2 to 10.3 recently, and the firewall rules are exactly the same I had in 10.2. It is complaining of "host/network `##' not found", but it doesn't say which file contains that. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHNjR0tTMYHG2NR9URAgtgAJ9ccUx4CDQBiTELlfWXBssXx4YYhACaArYR InnhjDBXXRGe0UUAT9cu17g= =tO9M -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
Am Samstag, 10. November 2007 schrieb Carlos E. R.:
This is what I see:
nimrodel:~ # SuSEfirewall2 SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ... SuSEfirewall2: Warning: no default firewall zone defined, assuming 'ext' SuSEfirewall2: batch committing... iptables-batch v1.3.8: host/network `##' not found Try `iptables-batch -h' or 'iptables-batch --help' for more information. SuSEfirewall2: Error: iptables-batch failed, re-running using iptables iptables v1.3.8: host/network `##' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `Type:' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `string' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `##' not found Try `iptables -h' or 'iptables --help' for more information. iptables v1.3.8: host/network `Default:' not found Try `iptables -h' or 'iptables --help' for more information. SuSEfirewall2: Firewall rules successfully set
This system was upgraded from 10.2 to 10.3 recently, and the firewall rules are exactly the same I had in 10.2.
It is complaining of "host/network `##' not found", but it doesn't say which file contains that.
Déjà vu? http://lists.opensuse.org/opensuse-security/2006-07/msg00095.html Jan -- If you resolve to give up smoking, drinking and loving, you don't actually live longer, it just seems that way. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2007-11-11 at 12:56 +0100, Jan Ritzerfeld wrote:
iptables v1.3.8: host/network `Default:' not found Try `iptables -h' or 'iptables --help' for more information. SuSEfirewall2: Firewall rules successfully set
This system was upgraded from 10.2 to 10.3 recently, and the firewall rules are exactly the same I had in 10.2.
It is complaining of "host/network `##' not found", but it doesn't say which file contains that.
Déjà vu? http://lists.opensuse.org/opensuse-security/2006-07/msg00095.html
You are absolutely right! FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \ ## Type: string ## Default: 192.168.1.11,tcp,ssh \ 192.168.1.1,udp,tftp \ 192.168.1.2,tcp,microsoft-ds 192.168.1.2,tcp,netbios-ssn \ 192.168.1.2,udp,netbios-dgm 192.168.1.2,udp,netbios-ns \ 192.168.1.33,tcp,http \ 192.168.1.33,tcp,ssh \ 192.168.1.33,tcp,ftp \ 192.168.1.33,tcp,ftp-data" And the comment inside has been added by YAST. I'm filling a bugzilla this time, I have the backup file to compare the original file and so I can prove the upgrade was the culprit: FW_TRUSTED_NETS="192.168.1.11,tcp,ftp 192.168.1.11,tcp,ftp-data \ 192.168.1.11,tcp,ssh \ 192.168.1.1,udp,tftp \ 192.168.1.2,tcp,microsoft-ds 192.168.1.2,tcp,netbios-ssn \ 192.168.1.2,udp,netbios-dgm 192.168.1.2,udp,netbios-ns \ 192.168.1.33,tcp,http \ 192.168.1.33,tcp,ssh \ 192.168.1.33,tcp,ftp \ 192.168.1.33,tcp,ftp-data" I removed those three offending lines and it works fine again. Thanks! - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHN1watTMYHG2NR9URAmobAJwP1i76PdwTnrL1yAeaeiYxbtsJjwCgjDUq Alph6M5fjLmG9GUpeyo5sq8= =akb1 -----END PGP SIGNATURE-----
participants (2)
-
Carlos E. R.
-
Jan Ritzerfeld