Bug #2338: Shorewall not configured, fails to start - NethServer 6 - NethServer.org

Bug #2338

Shorewall not configured, fails to start

Added by Davide Principi over 7 years ago. Updated over 7 years ago.

Status:

CLOSED

Start date:

11/08/2013

Priority:

Low

Due date:

11/08/2013

Assignee:

% Done:

100%

Category:

nethserver-shorewall

Target version:

v6.5-beta3

Security class:

Resolution:

Affected version:

v6.4-beta2

NEEDINFO:

Description

The event nethserver-shorewall-update fails the first time nethserver-shorewall is installed.

In /var/log/messages

Nov  8 14:42:19 davidep3 esmith::event[25405]: Restarting shorewall:    ERROR: No IP zones defined
Nov  8 14:42:19 davidep3 root: ERROR:Shorewall restart failed
Nov  8 14:42:19 davidep3 esmith::event[25405]: [FAILED]#015
Nov  8 14:42:19 davidep3 esmith::event[25405]: [WARNING] service shorewall restart failed!
Nov  8 14:42:19 davidep3 esmith::event[25405]: adjust-services=action|Event|nethserver-shorewall-update|Action|adjust-services|Start|1383921727 137444|End|1383921739 871871|Elapsed|12.734427|Status|256

Associated revisions

Revision 54f43433
Added by Davide Principi over 7 years ago

Enable shorewall service. Refs #2338

Shorewall service is disabled by default. It must be enabled
explicitly.

Revision acaffde7
Added by Davide Principi over 7 years ago

Changed shorewall default service status to disabled. Refs #2338

History

#1 Updated by Davide Principi over 7 years ago

Status changed from TRIAGED to ON_DEV
% Done changed from 20 to 30

The problem arises because nethserver-firewall-base templates are still missing when Shorewall is started.

Solution: default Shorewall service status must be disabled. nethserver-firewall-base enables shorewall during its *update event.

#2 Updated by Davide Principi over 7 years ago

Status changed from ON_DEV to MODIFIED
Assignee deleted (~~Davide Principi~~)
% Done changed from 30 to 60

Test case

Install nethserver-shorewall:

Check actions don't fail:

   # grep -F '|Status' /var/log/messages

Check shorewall service is disabled:

    # config show shorewall
shorewall=service
    status=disabled

Now install nethserver-firewall-base:

Check actions don't fail:

   # grep -F '|Status' /var/log/messages

Check shorewall service is enabled:

    # config show shorewall
shorewall=service
    status=enabled

Check shorewall service is "running":

     # service shorewall status
Shorewall-4.5.18 Status at davidep3.vboxnet0.tld - Fri Nov  8 16:12:17 GMT 2013

Shorewall is running
State:Started (Fri Nov  8 16:06:58 GMT 2013) from /etc/shorewall/

#3 Updated by Davide Principi over 7 years ago

Status changed from MODIFIED to ON_QA
% Done changed from 60 to 70

In nethserver-testing:
nethserver-firewall-base-1.0.6-3.0git54f43433.ns6.noarch.rpm
nethserver-shorewall-1.0.2-3.0gitacaffde7.ns6.noarch.rpm

#4 Updated by Davide Principi over 7 years ago

Estimated time set to 2.00

#5 Updated by Davide Principi over 7 years ago

Due date set to 11/08/2013
Start date set to 11/08/2013

#6 Updated by Giacomo Sanchietti over 7 years ago

Assignee set to Giacomo Sanchietti

#7 Updated by Giacomo Sanchietti over 7 years ago

Status changed from ON_QA to VERIFIED
Assignee deleted (~~Giacomo Sanchietti~~)
% Done changed from 70 to 90

Marking as VERIFIED.

Extract from messages:

Dec  9 11:23:52 test esmith::event[7424]: Processing event: nethserver-shorewall-update 
Dec  9 11:23:52 test esmith::event[7424]: Running event handler S00initialize-default-databases
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database domains
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database accounts
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database hosts
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database vpn
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database configuration
Dec  9 11:23:52 test /etc/e-smith/events/nethserver-shorewall-update/S00initialize-default-databases[7425]: /var/lib/nethserver/db/configuration: OLD shorewal
l=(undefined)
Dec  9 11:23:52 test /etc/e-smith/events/nethserver-shorewall-update/S00initialize-default-databases[7425]: /var/lib/nethserver/db/configuration: NEW shorewal
l=service|status|disabled
Dec  9 11:23:52 test esmith::event[7424]: Migrating existing database networks
Dec  9 11:23:52 test esmith::event[7424]: /etc/e-smith/events/nethserver-shorewall-update/S00initialize-default-databases=action|Event|nethserver-shorewall-up
date|Action|/etc/e-smith/events/nethserver-shorewall-update/S00initialize-default-databases|Start|1386588232 594426|End|1386588232 744837|Elapsed|0.150411
Dec  9 11:23:52 test esmith::event[7424]: Running event handler S02nethserver-shorewall-conf
Dec  9 11:23:52 test esmith::event[7424]: /etc/e-smith/events/nethserver-shorewall-update/S02nethserver-shorewall-conf=action|Event|nethserver-shorewall-updat
e|Action|/etc/e-smith/events/nethserver-shorewall-update/S02nethserver-shorewall-conf|Start|1386588232 745276|End|1386588232 747512|Elapsed|0.002236
Dec  9 11:23:52 test esmith::event[7424]: Running event handler S05generic_template_expand
Dec  9 11:23:52 test esmith::event[7424]: expanding /etc/shorewall/shorewall.conf
Dec  9 11:23:52 test esmith::event[7424]: /etc/e-smith/events/actions/generic_template_expand=action|Event|nethserver-shorewall-update|Action|/etc/e-smith/eve
nts/actions/generic_template_expand|Start|1386588232 747820|End|1386588232 822792|Elapsed|0.074972
Dec  9 11:23:52 test esmith::event[7424]: Running event handler S90adjust-services
Dec  9 11:23:52 test esmith::event[7424]: [INFO] service rsyslog restart
Dec  9 11:23:52 test kernel: Kernel logging (proc) stopped.
Dec  9 11:23:52 test rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="6662" x-info="http://www.rsyslog.com"] exiting on signal 15.
Dec  9 11:23:53 test kernel: imklog 5.8.10, log source = /proc/kmsg started.
Dec  9 11:23:53 test rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="7451" x-info="http://www.rsyslog.com"] start
Dec  9 11:23:53 test esmith::event[7424]: Starting system logger: [  OK  ]#015
Dec  9 11:23:53 test root: Shorewall Stopped
Dec  9 11:23:53 test esmith::event[7424]: Shutting down shorewall: [  OK  ]#015
Dec  9 11:23:53 test esmith::event[7424]: [INFO] shorewall is disabled and has been stopped
Dec  9 11:23:53 test esmith::event[7424]: /etc/e-smith/events/actions/adjust-services=action|Event|nethserver-shorewall-update|Action|/etc/e-smith/events/acti
ons/adjust-services|Start|1386588232 823191|End|1386588233 264128|Elapsed|0.440937

#8 Updated by Davide Principi over 7 years ago

Status changed from VERIFIED to CLOSED
% Done changed from 90 to 100

In nethserver-updates:
nethserver-samba-1.4.0-1.ns6.noarch.rpm
nethserver-directory-1.3.0-1.ns6.noarch.rpm
nethserver-dnsmasq-1.1.0-1.ns6.noarch.rpm
nethserver-shorewall-1.0.3-1.ns6.noarch.rpm
nethserver-mail-server-1.5.0-1.ns6.noarch.rpm
nethserver-mail-filter-1.1.4-1.ns6.noarch.rpm
nethserver-nethgui-1.3.0-1.ns6.noarch.rpm
nethserver-base-1.5.0-1.ns6.noarch.rpm
nethserver-lib-1.4.0-1.ns6.noarch.rpm
nethserver-httpd-admin-1.1.0-1.ns6.noarch.rpm
nethserver-yum-1.2.0-1.ns6.noarch.rpm
nethserver-ntopng-1.1.0-1.ns6.noarch.rpm

Also available in: Atom PDF

NethServer 6

Issues

Custom queries