mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-27 01:53:27 +01:00
Documentation updates for error messages
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1988 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
3ebaa3daa5
commit
2727c97ca5
@ -511,7 +511,48 @@
|
|||||||
defined in <filename>/etc/shorewall/zones</filename> but has no
|
defined in <filename>/etc/shorewall/zones</filename> but has no
|
||||||
corresponding entries in
|
corresponding entries in
|
||||||
<filename>/etc/shorewall/interfaces</filename> or in
|
<filename>/etc/shorewall/interfaces</filename> or in
|
||||||
<filename>/etc/shorewall/hosts</filename>. </para>
|
<filename>/etc/shorewall/hosts</filename>.</para>
|
||||||
|
</glossdef>
|
||||||
|
</glossentry>
|
||||||
|
</glosslist>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<title>Iptables Error Messages</title>
|
||||||
|
|
||||||
|
<para>By far the most asked about iptables error message is:</para>
|
||||||
|
|
||||||
|
<glosslist>
|
||||||
|
<glossentry>
|
||||||
|
<glossterm>iptables: No chain/target/match by that name</glossterm>
|
||||||
|
|
||||||
|
<glossdef>
|
||||||
|
<para>This almost always means that you are trying to use a
|
||||||
|
Shorewall feature that your iptables and/or kernel do not support.
|
||||||
|
Beginning with version 2.2.0, Shorewall follows this message with a
|
||||||
|
copy of the rule that is failing. Most commonly, the problem is that
|
||||||
|
one of the match types (keyword following "-m" in the command) isn't
|
||||||
|
supported by your iptables/kernel. The output of "shorewall check"
|
||||||
|
shows you what your iptables/kernel support:</para>
|
||||||
|
|
||||||
|
<programlisting>gateway:~# shorewall check
|
||||||
|
Loading /usr/share/shorewall/functions...
|
||||||
|
Processing /etc/shorewall/params ...
|
||||||
|
Processing /etc/shorewall/shorewall.conf...
|
||||||
|
Loading Modules...
|
||||||
|
<emphasis role="bold">Shorewall has detected the following iptables/netfilter capabilities:
|
||||||
|
NAT: Available
|
||||||
|
Packet Mangling: Available
|
||||||
|
Multi-port Match: Available
|
||||||
|
Extended Multi-port Match: Available
|
||||||
|
Connection Tracking Match: Available
|
||||||
|
Packet Type Match: Not available
|
||||||
|
Policy Match: Available
|
||||||
|
Physdev Match: Available
|
||||||
|
IP range Match: Available</emphasis>
|
||||||
|
Verifying Configuration...
|
||||||
|
|
||||||
|
...</programlisting>
|
||||||
</glossdef>
|
</glossdef>
|
||||||
</glossentry>
|
</glossentry>
|
||||||
</glosslist>
|
</glosslist>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user