Find the answer to your Linux question:
Results 1 to 4 of 4
I'm trying to use Shorewall on Ubuntu for the first time. According to /usr/share/doc/shorewall-common/README.Debian.gz , I should ONLY need the following files configured: /etc/shorewall/interfaces /etc/shorewall/policy /etc/shorewall/rules /etc/shorewall/zones I've created these ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2008
    Posts
    2

    Question Shorewall Error: The firewall won't be started/stopped unless it is configured


    I'm trying to use Shorewall on Ubuntu for the first time. According to /usr/share/doc/shorewall-common/README.Debian.gz, I should ONLY need the following files configured:

    1. /etc/shorewall/interfaces
    2. /etc/shorewall/policy
    3. /etc/shorewall/rules
    4. /etc/shorewall/zones


    I've created these files (via /usr/share/doc/shorewall-common/default-config/) and verified their data with shorewall check, but I get the following error when trying to restart shorewall:

    Code:
    #### WARNING ####
    The firewall won't be started/stopped unless it is configured
    
    Please read about Debian specific customization in
    /usr/share/doc/shorewall-common/README.Debian.gz.
    #################
    The only thing that looks weird is the wrapping in the rules file. I'm thinking that there could be another issue with Ubuntu/Debian, but I checked the README file and couldn't find anything there. The content of each file is outlined below:

    /etc/shorewall/interfaces
    Code:
    #
    # Shorewall version 4 - Interfaces File
    #
    # For information about entries in this file, type "man shorewall-interfaces"
    #
    # The manpage is also online at
    # http://www.shorewall.net/manpages/shorewall-interfaces.html
    #
    ###############################################################################
    #ZONE	INTERFACE	BROADCAST	OPTIONS
    net	eth0		detect		dhcp,tcpflags,logmartians,nosmurfs
    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
    /etc/shorewall/policy
    Code:
    #
    # Shorewall version 4 - Policy File
    #
    # For information about entries in this file, type "man shorewall-policy"
    #
    # The manpage is also online at
    # http://www.shorewall.net/manpages/shorewall-policy.html
    #
    ###############################################################################
    #SOURCE		DEST		POLICY		LOG		LIMIT:BURST
    #						LEVEL
    $FW		net		ACCEPT
    net		$FW		DROP		info
    net		all		DROP		info
    # The FOLLOWING POLICY MUST BE LAST
    all		all		REJECT		info
    #LAST LINE -- DO NOT REMOVE
    /etc/shorewall/rules
    Code:
    #
    # Shorewall version 4 - Rules File
    #
    # For information on the settings in this file, type "man shorewall-rules"
    #
    # The manpage is also online at
    # http://www.shorewall.net/manpages/shorewall-rules.html
    #
    ############################################################################################################################
    #ACTION		SOURCE		DEST		PROTO	DEST	SOURCE		ORIGINAL	RATE		USER/	MARK
    #							PORT	PORT(S)		DEST		LIMIT		GROUP
    #SECTION ESTABLISHED
    #SECTION RELATED
    SECTION NEW
    SSH/ACCEPT	net		$FW
    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
    /etc/shorewall/zones
    Code:
    #
    # Shorewall version 4 - Zones File
    #
    # For information about this file, type "man shorewall-zones"
    #
    # The manpage is also online at
    # http://www.shorewall.net/manpages/shorewall-zones.html
    #
    ###############################################################################
    #ZONE	TYPE		OPTIONS		IN			OUT
    #					OPTIONS			OPTIONS
    fw	firewall
    # loc	ipv4
    net	ipv4
    #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
    Has anyone ever seen this?
    Last edited by figmented; 07-09-2008 at 06:57 PM. Reason: "...wrapping in the [B]zones[/B] file." to "...wrapping in the [B]rules[/B] file."

  2. #2
    Just Joined!
    Join Date
    Oct 2008
    Posts
    1
    Edit the file /etc/default/shorewall and change startup=0 to startup=1

  3. #3
    Just Joined!
    Join Date
    Feb 2012
    Posts
    1

    shorewall:the firewall won't be initialized unless it is configured

    I know this is an old thread, but I am having the same issue. I have enable both files to 'yes' and '1'; however, I am getting this error instead. I am running Ubuntu server 11.10.
    fsck from util-linux 2.19.1
    /dev/sdb1: clean, 104534/15007744 files, 2089061/59999488 blocks (check in 3 mounts)
    #### WARNING ####
    the firewall won't be initialized unless it is configured

    Please read about Debian specific customization in
    /usr/share/doc/shorewall-init/README.Debian.gz.
    #################
    Starting "Shorewall firewall": done.
    * Stopping Failsafe Boot Delay[ OK ]
    * Stopping System V initialisation compatibility[ OK ]
    * Starting System V runlevel compatibility[ OK ]
    * Stopping automatic crash report generation[fail]
    * Starting save kernel messages[ OK ]
    * Starting CPU interrupts balancing daemon[ OK ]
    * Autostarting VPN 'server'  * Starting regular background program processing daemon[ OK ]
    * Starting deferred execution scheduler[ OK ]
    * Starting configure network device security[ OK ]
    * Starting configure network device[ OK ]
    * Starting virtual private network daemon(s)... 
    [ OK ]

  4. $spacer_open
    $spacer_close
  5. #4
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    Location
    Kentucky
    Posts
    5,023
    Hi, duceduc. Welcome to LinuxForums!

    Since the thread is so old, I'm locking it down.
    Feel free to start a new thread, though, describing your exact problem.
    Be sure to post as much information as possible. I'm sure someone will be able to help you out.
    Jay

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •