Ubuntu
shorewall package

Shorewall fails to start with > 1 interface in tcdevices

Bug #654760 reported by overkill
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
shorewall (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: shorewall

Shorewall fails to start when more than one interface is specified in /etc/shorewall/tcdevices. Per the known_issues file in shorewall_4.4.7:
-------------------------------------------------------------------------------------------------------
...
6) If multiple entries are present in /etc/shorewall/tcdevices and
    globally unique class numbers are not explicitly specified in
    /etc/shorewall/tcclasses, then 'shorewall start' will fail with a
    diagnostic such as:

    Setting up Traffic Control...
    RTNETLINK answers: File exists
      ERROR: Command "tc qdisc add dev eth1 parent 2:2 handle 2: sfq quantum
             1500 limit 127 perturb 10" Failed
    Processing /etc/shorewall/stop ...

    Corrected in 4.4.7.5.
...
-------------------------------------------------------------------------------------------------------
As shorewall 4.4.10 is already available for 10.10, can 4.4.10 be made available for lucid?

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: shorewall 4.4.6-1
ProcVersionSignature: Ubuntu 2.6.32-24.43-generic-pae 2.6.32.15+drm33.5
Uname: Linux 2.6.32-24-generic-pae i686
Architecture: i386
Date: Mon Oct 4 13:27:25 2010
InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release i386 (20100427)
PackageArchitecture: all
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: shorewall

Revision history for this message
overkill (kparent) wrote :
Revision history for this message
overkill (kparent) wrote :

I had some time to test further. I used shorewall.conf from the "three-interfaces" example (/usr/share/doc/shorewall/examples/three-interfaces/shorewall.conf. That file has "WIDE_TC_MARKS=Yes" as default. Changing to "No" eliminated the start up error.

It's still a bug, but at least there is a workaround.

Revision history for this message
overkill (kparent) wrote :

3 months and no reply? Is this not the correct place to report bugs for ubuntu?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.