1. Forum
  2. Usenet
  3. LINUX.DEBIAN.USER

  • Shorewall.

    From [email protected]@21:1/5 to All on Thu Feb 13 17:10:01 2025
    Hi,

    # cat /etc/deb*n
    12.9

    # dpkg -l | grep shorewall
    ii shorewall 5.2.8-2
    all Shoreline Firewall, netfilter configurator
    ii shorewall-core 5.2.8-2
    all Shorewall core components
    ii shorewall-init 5.2.8-2
    all Shorewall initialization

    # grep STARTUP /etc/shorewall/shorewall.conf
    STARTUP_ENABLED=Yes
    STARTUP_LOG=/var/log/shorewall-init.log

    Nothing interesting in the logs.

    Shorewall doesn't start at system boot and no problem starting
    interactively.

    Ideas?

    Thanks, ... P.

    --
    VoIP: +1 604 670 0140
    work: https://en.wikibooks.org/wiki/User:PeterEasthope

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nate Bargmann@21:1/5 to [email protected] on Thu Feb 13 17:30:01 2025
    * On 2025 13 Feb 10:10 -0600, [email protected] wrote:
    Hi,

    # cat /etc/deb*n
    12.9

    # dpkg -l | grep shorewall
    ii shorewall 5.2.8-2
    all Shoreline Firewall, netfilter configurator
    ii shorewall-core 5.2.8-2
    all Shorewall core components
    ii shorewall-init 5.2.8-2
    all Shorewall initialization

    # grep STARTUP /etc/shorewall/shorewall.conf
    STARTUP_ENABLED=Yes
    STARTUP_LOG=/var/log/shorewall-init.log

    Nothing interesting in the logs.

    Shorewall doesn't start at system boot and no problem starting interactively.

    Ideas?

    What does /etc/default/shorewall show? There is a variable at the top
    of that file that needs to be set to '1':

    startup=1

    - Nate

    --
    "The optimist proclaims that we live in the best of all
    possible worlds. The pessimist fears this is true."
    Web: https://www.n0nb.us
    Projects: https://github.com/N0NB
    GPG fingerprint: 82D6 4F6B 0E67 CD41 F689 BBA6 FB2C 5130 D55A 8819


    -----BEGIN PGP SIGNATURE-----

    iF0EABECAB0WIQSC1k9rDmfNQfaJu6b7LFEw1VqIGQUCZ64ceQAKCRD7LFEw1VqI GZB1AJ0SlIGpS40BGW4DiW7461Qg/2V2GgCdGBxsf//9xcu8wfskbPRjUBy+KiE=
    =jDYq
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Dan Ritter@21:1/5 to [email protected] on Thu Feb 13 17:30:02 2025
    [email protected] wrote:
    Hi,

    # cat /etc/deb*n
    12.9

    # dpkg -l | grep shorewall
    ii shorewall 5.2.8-2
    all Shoreline Firewall, netfilter configurator
    ii shorewall-core 5.2.8-2
    all Shorewall core components
    ii shorewall-init 5.2.8-2
    all Shorewall initialization

    # grep STARTUP /etc/shorewall/shorewall.conf
    STARTUP_ENABLED=Yes
    STARTUP_LOG=/var/log/shorewall-init.log

    Nothing interesting in the logs.

    Shorewall doesn't start at system boot and no problem starting
    interactively.

    Ideas?

    What's the value of startup in /etc/default/shorewall ?

    This question prompted by https://wiki.debian.org/HowTo/shorewall

    -dsr-

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Roberto =?iso-8859-1?Q?C=2E_S=E1nch@21:1/5 to [email protected] on Thu Feb 13 17:30:02 2025
    On Thu, Feb 13, 2025 at 07:51:37AM -0700, [email protected] wrote:
    Hi,

    # cat /etc/deb*n
    12.9

    # dpkg -l | grep shorewall
    ii shorewall 5.2.8-2
    all Shoreline Firewall, netfilter configurator
    ii shorewall-core 5.2.8-2
    all Shorewall core components
    ii shorewall-init 5.2.8-2
    all Shorewall initialization

    # grep STARTUP /etc/shorewall/shorewall.conf
    STARTUP_ENABLED=Yes
    STARTUP_LOG=/var/log/shorewall-init.log

    Nothing interesting in the logs.

    Shorewall doesn't start at system boot and no problem starting
    interactively.

    What about /etc/default/shorewall? And does 'systemctl status shorewall'
    show that it is enabled?

    Regards,

    -Roberto

    --
    Roberto C. S�nchez

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From [email protected]@21:1/5 to All on Thu Feb 13 19:00:01 2025
    Roberto & all,

    From: Roberto C. Sánchez <[email protected]>
    Date: Thu, 13 Feb 2025 11:20:44 -0500
    What about /etc/default/shorewall?

    # grep startup /etc/default/shorewall
    # prevent startup with default configuration [Badly stated comment.]
    startup=1

    And does 'systemctl status shorewall' show that it is enabled?

    # systemctl status shorewall
    ○ shorewall.service - Shorewall IPv4 firewall
    Loaded: loaded (/lib/systemd/system/shorewall.service; disabled; preset: e>
    Active: inactive (dead)
    Docs: man:shorewall(8)

    Yep, "inactive (dead)" doesn't seem right.

    Shorewall started when Debian 11 booted but I don't recognize how the configuration changed or should have changed to Debian 12.

    Thanks! ... P.




    --
    VoIP: +1 604 670 0140
    work: https://en.wikibooks.org/wiki/User:PeterEasthope

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Greg Wooledge@21:1/5 to [email protected] on Thu Feb 13 19:40:02 2025
    On Thu, Feb 13, 2025 at 09:39:29 -0700, [email protected] wrote:
    # grep startup /etc/default/shorewall
    # prevent startup with default configuration [Badly stated comment.] startup=1

    And does 'systemctl status shorewall' show that it is enabled?

    # systemctl status shorewall
    ○ shorewall.service - Shorewall IPv4 firewall
    Loaded: loaded (/lib/systemd/system/shorewall.service; disabled; preset: e>

    It's a native systemd service (/lib/systemd/...) but the service is
    showing as disabled.

    systemctl enable shorewall
    systemctl start shorewall

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From john doe@21:1/5 to [email protected] on Thu Feb 13 19:40:02 2025
    On 2/13/25 17:39, [email protected] wrote:
    Roberto & all,

    From: Roberto C. Sánchez <[email protected]>
    Date: Thu, 13 Feb 2025 11:20:44 -0500
    What about /etc/default/shorewall?

    # grep startup /etc/default/shorewall
    # prevent startup with default configuration [Badly stated comment.] startup=1

    And does 'systemctl status shorewall' show that it is enabled?

    # systemctl status shorewall
    ○ shorewall.service - Shorewall IPv4 firewall
    Loaded: loaded (/lib/systemd/system/shorewall.service; disabled; preset: e>

    Looks like the service is not starting at boot:

    $ systemctl is-enabled shorewall

    If this is the case, simply "enable"ed via systemd.

    --
    John Doe

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)