Shorewall And The Latest Kernel Problem

Home » CentOS » Shorewall And The Latest Kernel Problem
CentOS 3 Comments

I just installed the latest kernel 2.6.32-573.8.1.el6.x86_64 and when I
rebooted it shorewall (shorewall-4.5.4-1.el6.noarch) failed with the following error

ERROR: a non-empty masq file requires NAT in your kernel and iptables
/etc/shorewall/masq (line 15)

Question is is this a problem in the kernel or is it a problem in Shorewall?

Booting the previous kernel allowed shorewall to start normally.

Any one else seen this error, if so what’s the fix?

Any help would be greatly appreciated.

Pete

3 thoughts on - Shorewall And The Latest Kernel Problem

  • Em 12-11-2015 11:12, Pete Geenhuizen escreveu:

    That points to something different in kernel. What is your ‘previous’
    kernel? Sounds like the nat modules aren’t being loaded, for some reason.

    Marcelo

  • Marcelo, Thanks for the input, it works fine in 2.6.32-573.7.1.el6.x86_64, and yeah I would tend to agree with you that it’s more likely as not kernel related. Of course it’s possible I suppose that the kernel has changed slightly enough that the shorewall rpm needs to be updated.

    Thanks Pete

  • FYI

    I have the same kernel (2.6.32-573.8.1.el6.x86_64) and shorewall
    (shorewall-4.5.4-1.el6.noarch) versions and non-empty
    /etc/shorewall/masq here and do not see this problem.

    Try as root: service shorewall restart.