Your message dated Wed, 23 Oct 2013 11:04:02 +0000 with message-id <e1vywem-0007hm...@franck.debian.org> and subject line Bug#726306: fixed in shorewall 4.5.21.2-1 has caused the Debian Bug report #726306, regarding shorewall: In tcrules using "|" mark prefix gives errors. to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 726306: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726306 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: shorewall Version: 4.5.16.1-1 Severity: normal Dear Maintainer, My shorewall stopped working after an upgrade, refusing to start. A quick check shows that it considers using the "|" prefix on marks in the tcrules to be invalid; $ sudo shorewall check Checking... Processing /etc/shorewall/params ... [...] Checking /etc/shorewall/tcrules... ERROR: Invalid Mark or Mask value (|0x10) /etc/shorewall/tcrules (line 19) The line it is complaining about in my tcrules file is; |0x10:T 192.168.0.0/24 0.0.0.0/0 all - - - !0 Using this feature is documented in the shorewall-tcrules man page, though it is not mentioned in other online shorewall documentation. The man page says; If preceded by a vertical bar ("|"), the mark value will be logically ORed with the current mark value to produce a new mark value. Interestingly the similar "&" prefix still works fine, as confirmed by changing all the "|" prefixes to "&" prefixes and re-running "shorewall check" (but gives me incorrect tc marks). This makes shorewall unusable for me, since I rely on this "|" prefix feature for correctly setting my tc marks. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (200, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.10-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages shorewall depends on: ii bc 1.06.95-8 ii debconf [debconf-2.0] 1.5.51 ii iproute 1:3.11.0-1 ii iptables 1.4.20-2 ii perl-modules 5.18.1-4 ii shorewall-core 4.5.16.1-1 shorewall recommends no packages. Versions of packages shorewall suggests: ii linux-image-3.10-3-amd64 [linux-image] 3.10.11-1 ii make 3.81-8.2 ii shorewall-doc 4.5.16-1
--- End Message ---
--- Begin Message ---Source: shorewall Source-Version: 4.5.21.2-1 We believe that the bug you reported is fixed in the latest version of shorewall, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 726...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Roberto C. Sanchez <robe...@connexer.com> (supplier of updated shorewall package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 22 Oct 2013 20:45:07 -0400 Source: shorewall Binary: shorewall Architecture: source all Version: 4.5.21.2-1 Distribution: unstable Urgency: low Maintainer: Roberto C. Sanchez <robe...@connexer.com> Changed-By: Roberto C. Sanchez <robe...@connexer.com> Description: shorewall - Shoreline Firewall, netfilter configurator Closes: 726306 Changes: shorewall (4.5.21.2-1) unstable; urgency=low . * New Upstream Version (Closes: #726306) Checksums-Sha1: 8185488cd35a58a72fbcd274caec537d832d1a9a 1921 shorewall_4.5.21.2-1.dsc 3ce0d31b72274fa7bd084dc89b9875eebc28938a 758306 shorewall_4.5.21.2.orig.tar.gz c0d248ec992c5934a4466d4d329a6f5ca50be47c 40986 shorewall_4.5.21.2-1.debian.tar.gz 1375e448b22650258bb4cb7f85cb5439811d36bf 706236 shorewall_4.5.21.2-1_all.deb Checksums-Sha256: a69b9725987928c504b4fca252a2b68a59e51cf7dcac1805ead849d08bcac43a 1921 shorewall_4.5.21.2-1.dsc 8c575e895a728629b1093df416b88f676b09dc4cb3a94433fe4fad67f1f17db1 758306 shorewall_4.5.21.2.orig.tar.gz 0526f899deecf20cda0a9990602d8bf4f7fb6f21c29b1f231b73de9086db4669 40986 shorewall_4.5.21.2-1.debian.tar.gz f09c6f111a602cabd5c139af59e2ede293aec043186605e8ae3f5bb29d3347ac 706236 shorewall_4.5.21.2-1_all.deb Files: 374c2008e59655e40340e615235f18dc 1921 net optional shorewall_4.5.21.2-1.dsc ce9ec6d7ae8269dbc7a98cda4704ece9 758306 net optional shorewall_4.5.21.2.orig.tar.gz 22b7ae7141709f6b264c5e63196ad759 40986 net optional shorewall_4.5.21.2-1.debian.tar.gz 0ac8d09c96eb6cad9abe4adacc77ca45 706236 net optional shorewall_4.5.21.2-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJSZyhUAAoJECzXeF7dp7IP6L4P/A8kKsPX2w5jBk8LaegkKQPR l7aHYFTlFW2oEfki1jxZbE3Xngn+btshD3teo080h+tovn5KbqBlTDeU08KPYSKc EcsYSCx03AmHzmoKln1XIE7VEX5XLH8/fLvtO5Hihk044xc47/PB7wggc/2SvxMe XhVBzvt34Xemu2URbz29W/78jXAEcXK6VR7ROz2+BMe+9Of1tLYB+7WKGQTKXvxW OErU1hTlapTd4eJkLgLRu2RGhyHPubjxn+OMMifAanAbuhEXf2kj3yvEal8SnjNk vZ8V2HKNnW+v6AJWwg2BVgucmlZXBPh/NbvUX59rcnkYug4yurrfnvnRkUuyadXo Nxaul5wSJw/Mq46VJbUiRX8PRtc9EZtgNGASvH9XOXaRIYa5a9PJEfLRZPY1PMYr C/cDQGDcSWcG6jHjlm9Ti3E/mrL4kGL7cTQrJhSPV+4xBNSd7cYAMjJngRd4Nk5M gPDZCmFKw+M/CQYvGQXYq7hlUA5dC7WdBRHCSFIYDI5gOuG4vQ3eW/1aGuGKxYwL AL7euceNEioX2ph3T1T7r+Ifp+k0b6Zm+4IdQRsIyLzLyi0lMSZzvL9Z0dI/i+SM kG2ziNWX+pnZksC0p/V7EKu50KPX3WTZZ+t2MzPClKeSoYB0oBduTS2yvB/6quZO XobDnFcXMArzLpBva5gF =78PT -----END PGP SIGNATURE-----
--- End Message ---
