Hi all, when my old ne2000 on the ipfwadm-configured gateway (5.3)packed in, i thought it was a good time to upgrade to 6.1 and better hardware. however 'ipfwadm' refused to work with 6.1 telling me 'service not available' and the 'file not found', even though ipfwadm had been installed by default. i doctored around the kernel a bit , but no change. anybody encountered that problem ? best dan
* Dan
'ipfwadm' refused to work with 6.1 telling me 'service not available' and the 'file not found',
First thing after updating the kernel is to read "/usr/src/linux/Documentation/Changes". There it says: | As of 2.1.102, the IP firewalling code has been replaced; ipfwadm | will no longer work. You need to obtain "ipchains," available from | http://www.rustcorp.com/linux/ipchains/ , and use that instead of | ipfwadm. You'll find "ipchains" in series "n". After you have installed it, you should read "/usr/doc/packages/ipchains/HOWTO.txt". You might be able to use "/sbin/ipfwadm-wrapper" and keep your "old" scripts. But I am sure SuSE offers ipchains scripts. So mabye you can just rename "/sbin/init.d/firewall" and "/sbin/init.d/masquerade" and reinstall the firewall and ipchains packages. Do you use firewalling at all? If it's just masquerading you are concered with add/change these lines in "/sbin/init.d/masquerade" # the "old" lines are commented out, i.e., "#" # IPFWADM="/sbin/ipfwadm" IPFWADM="/sbin/ipchains" # START # the next line is new and you don't want to miss it! echo 1 > /proc/sys/net/ipv4/ip_forward # ${IPFWADM} -F -a accept -P all -S $i -D 0/0 -m -W ${MSQ_DEV} ${IPFWADM} -A forward -j MASQ -p all -s $i -d 0/0 -i ${MSQ_DEV} # STOP # ${IPFWADM} -F -d accept -P all -S $i -D 0/0 -m -W ${MSQ_DEV} ${IPFWADM} -D forward -j MASQ -p all -s $i -d 0/0 -i ${MSQ_DEV} # LIST # ${IPFWADM} -lFnex ${IPFWADM} -L forward -n -v -x #${IPFWADM} -lMnex ${IPFWADM} -L -M -n -v -x As you can see, I simply translated the old ipfwadm rules to ipchains rules. Hope I didn't make any mistake. Hope that helps -- Mark Lutz Accept German and English
participants (2)
-
Dan
-
Mark Lutz