Shorewall Support

I don't look at problems sent to me directly but I try to spend some amount of time each day responding to problems posted on the Shorewall mailing list.

-Tom

Before Reporting a Problem

There are a number of sources for problem solution information. Please try these before you post.

The FAQ has solutions to more than 20 common problems.

The Troubleshooting Information contains a number of tips to help you solve common problems.

The Errata has links to download updated components.

The Mailing List Archives search facility can locate posts about similar problems:

Mailing List Archive Search

Problem Reporting Guidelines

"Let me see if I can translate your message into a real-world example. It would be like saying that you have three rooms at home, and when you walk into one of the rooms, you detect this strange smell. Can anyone tell you what that strange smell is?

Now, all of us could do some wonderful guessing as to the smell and even what's causing it. You would be absolutely amazed at the range and variety of smells we could come up with. Even more amazing is that all of the explanations for the smells would be completely plausible."

- Russell Mosemann

When reporting a problem, give as much information as you can. Reports that say "I tried XYZ and it didn't work" are not at all helpful.

Please don't describe your environment and then ask us to send you custom configuration files. We're here to answer your questions but we can't do your job for you.

Do you see any "Shorewall" messages in /var/log/messages when you exercise the function that is giving you problems?

Have you looked at the packet flow with a tool like tcpdump to try to understand what is going on?

Have you tried using the diagnostic capabilities of the application that isn't working? For example, if "ssh" isn't able to connect, using the "-v" option gives you a lot of valuable diagnostic information.

Please include any of the Shorewall configuration files (especially the /etc/shorewall/hosts file if you have modified that file) that you think are relevant.
If an error occurs when you try to "shorewall start", include a trace (See the Troubleshooting section for instructions).

The list server limits posts to 120kb so don't post GIFs of your network layout, etc to the Mailing List -- your post will be rejected.

Please post in plain text

While the list server here at shorewall.net accepts and distributes HTML posts, a growing number of MTAs serving list subscribers are rejecting this HTML list traffic. At least one MTA has gone so far as to blacklist shorewall.net "for continuous abuse"!!

I think that blocking all HTML is a rather draconian way to control spam and that the unltimate loser here is not the spammers but the list subscribers whose MTAs are bouncing all shorewall.net mail. Nevertheless, all of you can help by restricting your list posts to plain text.

And as a bonus, subscribers who use email clients like pine and mutt will be able to read your plain text posts whereas they are most likely simply ignoring your HTML posts.

A final bonus for the use of HTML is that it cuts down the size of messages by a large percentage -- that is important when the same message must be sent 500 times over the slow DSL line connecting the list server to the internet.

Where to Send your Problem Report or to Ask for Help

If you run Shorewall under Bering -- please post your question or problem to the LEAF Users mailing list.

Otherwise, please post your question or problem to the Shorewall users mailing list.

To Subscribe to the mailing list go to http://www.shorewall.net/mailman/listinfo/shorewall-users .

Last Updated 12/27/2002 - Tom Eastep

Shorewall Support

I don't look at problems sent to me directly but I try to spend some amount of time each day responding to problems posted on the Shorewall mailing list.

-Tom

Before Reporting a Problem

There are a number of sources for problem solution information. Please try these before you post.

The FAQ has solutions to more than 20 common problems.

The Troubleshooting Information contains a number of tips to help you solve common problems.

The Errata has links to download updated components.

The Mailing List Archives search facility can locate posts about similar problems:

Mailing List Archive Search

Problem Reporting Guidelines

When reporting a problem, give as much information as you can. Reports that say "I tried XYZ and it didn't work" are not at all helpful.

Please don't describe your environment and then ask us to send you custom configuration files. We're here to answer your questions but we can't do your job for you.

Do you see any "Shorewall" messages in /var/log/messages when you exercise the function that is giving you problems?

Have you looked at the packet flow with a tool like tcpdump to try to understand what is going on?

Have you tried using the diagnostic capabilities of the application that isn't working? For example, if "ssh" isn't able to connect, using the "-v" option gives you a lot of valuable diagnostic information.

Please include any of the Shorewall configuration files (especially the /etc/shorewall/hosts file if you have modified that file) that you think are relevant.

If an error occurs when you try to "shorewall start", include a trace (See the Troubleshooting section for instructions).

The list server limits posts to 120kb so don't post GIFs of your network layout, etc to the Mailing List -- your post will be rejected.

Please post in plain text

While the list server here at shorewall.net accepts and distributes HTML posts, a growing number of MTAs serving list subscribers are rejecting this HTML list traffic. At least one MTA has gone so far as to blacklist shorewall.net "for continuous abuse"!!

I think that blocking all HTML is a rather draconian way to control spam and that the unltimate loser here is not the spammers but the list subscribers whose MTAs are bouncing all shorewall.net mail. Nevertheless, all of you can help by restricting your list posts to plain text.

And as a bonus, subscribers who use email clients like pine and mutt will be able to read your plain text posts whereas they are most likely simply ignoring your HTML posts.

A final bonus for the use of HTML is that it cuts down the size of messages by a large percentage -- that is important when the same message must be sent 500 times over the slow DSL line connecting the list server to the internet.

Where to Send your Problem Report or to Ask for Help

If you run Shorewall under Bering -- please post your question or problem to the LEAF Users mailing list.