[Firewall] Firewall version 1.9.2f (stable) available for download

Philip A. Prindeville philipp_subx at redfish-solutions.com
Mon Jan 11 20:52:02 CET 2010


In general, you can get quite a lot of troubleshooting done on your own by running:

TRACE=1 /usr/sbin/arno-iptables-firewall start

and then looking at /tmp/aif*


You should be able to run this by hand, in fact, as "bash -x /tmp/aif-xxxx" and see which particular line is blowing out, and then work from there.



On 01/11/2010 09:57 AM, Jay wrote:
> Hi,
>     Anyone getting (1) iptables: Bad rule (does a matching rule exist
> in that chain?) on start in new version? Is there a way to debug which
> rule is conflicting?
>
> thanks
>
> On Wed, Nov 11, 2009 at 2:49 AM, Arno van Amersfoort
> <arnova at rocky.eld.leidenuniv.nl> wrote:
>   
>> Hi all,
>>
>> A few issues popped up in 1.9.2e, addressed by this 1.9.2f
>> "service-release".
>>
>> You can grab it from:
>> http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_1.9.2f.tar.gz
>>
>> CHANGELOG:
>>
>> Version 1.9.2f (November 10, 2009)
>> ---------------------------------
>> * Tweaked some kernel settings
>> ! Fixed modprobe errors. Always use $@ as $* might do things you don't
>> expect! (Thanks Lonnie!)
>> ! Don't disable TCP sack when DoS-reducation is enabled since performance
>> degrades from it
>>
>> Njoy!
>>
>> Arno
>>     



More information about the Firewall mailing list