Hi, I had installed new kernel 2.6.16.5 on Debian knoppix 3.4 with all IP Tables kernel options enabled. The setup is one interface: one PC with one external ethernet modem. I use: Shorewall 3.0.6, IPTables: 1.3.5 Everything is ok, except TCPFlags option at /etc/shorewall/interfaces: #ZONE INTERFACE BROADCAST OPTIONS #net eth0 detect norfc1918,routefilter,dhcp,blacklist net eth0 detect norfc1918,routefilter,dhcp,blacklist,tcpflags If I delete tcpflags, the shorewall started succesfully. If I use tcpflags options: (from trace / debug output): + run_iptables -A logflags -j REJECT --reject-with tcp-reset + '[' -n '' ']' + '[' -n Yes ']' + '[' -f /tmp/shorewall.SaCWSI/iprange ']' + /sbin/iptables -A logflags -j REJECT --reject-with tcp-reset iptables: Unknown error 4294967295 + '[' -z '' ']' + error_message 'ERROR: Command "/sbin/iptables -A' logflags -j REJECT --reject-with 'tcp-reset" Failed' + echo ' ERROR: Command "/sbin/iptables -A' logflags -j REJECT --reject-with 'tcp-reset" Failed' ERROR: Command "/sbin/iptables -A logflags -j REJECT --reject-with tcp-reset" Failed + stop_firewall + '[' -n /var/lib/shorewall/shorewall.JIpwiX ']' + rm -f /var/lib/shorewall/shorewall.JIpwiX + set +x How to solve this problem? Thank you _____________________________________________________________ = You want FREE web-based email ? = You want your own @qon.lao.net address?? = Then you want LaoNet's WebMail ! = Get it at http://webmail.lao.net !!
