Problema con el shorewall

Imagen de gnarvaez

Forums: 

HELP ME!!!!

hoy revise mi servidor lnux mandrake 10.2 y no puedo bajar correos ni muhco menos navegar, mi amigo el shorewall esta muerto!!!!

como puedo arreglar este error.

Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
lockfile: Try praying, giving up on "/var/lib/shorewall/lock"
Restarting Shorewall...
Initializing...
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Connection Tracking Match: Available
Determining Zones...
Zones: net loc
Validating interfaces file...
Validating hosts file...
Validating Policy file...
Determining Hosts in Zones...
Net Zone: eth0:0.0.0.0/0
Local Zone: eth1:0.0.0.0/0
Processing /etc/shorewall/init ...
touch: cannot touch `/var/lib/shorewall/nat': Read-only file system
rm: cannot remove `/var/lib/shorewall/proxyarp': Read-only file system
touch: cannot touch `/var/lib/shorewall/proxyarp': Read-only file system
Deleting user chains...
WARNING: DISABLE_IPV6=Yes in shorewall.conf but this system does not appear to have ip6tables
Setting up Accounting...
Creating Interface Chains...
Configuring Proxy ARP
/usr/share/shorewall/firewall: line 1690: /var/lib/shorewall/proxyarp: Read-only file system
Setting up NAT...
/usr/share/shorewall/firewall: line 1892: /var/lib/shorewall/nat: Read-only file system
Setting up NETMAP...
Adding Common Rules
Processing /etc/shorewall/initdone ...
IP Forwarding Enabled
Processing /etc/shorewall/tunnels...
Pre-processing Actions...
Pre-processing /usr/share/shorewall/action.DropSMB...
Pre-processing /usr/share/shorewall/action.RejectSMB...
Pre-processing /usr/share/shorewall/action.DropUPnP...
Pre-processing /usr/share/shorewall/action.RejectAuth...
Pre-processing /usr/share/shorewall/action.DropPing...
Pre-processing /usr/share/shorewall/action.DropDNSrep...
Pre-processing /usr/share/shorewall/action.AllowPing...
Pre-processing /usr/share/shorewall/action.AllowFTP...
Pre-processing /usr/share/shorewall/action.AllowDNS...
Pre-processing /usr/share/shorewall/action.AllowSSH...
Pre-processing /usr/share/shorewall/action.AllowWeb...
Pre-processing /usr/share/shorewall/action.AllowSMB...
Pre-processing /usr/share/shorewall/action.AllowAuth...
Pre-processing /usr/share/shorewall/action.AllowSMTP...
Pre-processing /usr/share/shorewall/action.AllowPOP3...
Pre-processing /usr/share/shorewall/action.AllowIMAP...
Pre-processing /usr/share/shorewall/action.AllowTelnet...
Pre-processing /usr/share/shorewall/action.AllowVNC...
Pre-processing /usr/share/shorewall/action.AllowVNCL...
Pre-processing /usr/share/shorewall/action.AllowNTP...
Pre-processing /usr/share/shorewall/action.AllowRdate...
Pre-processing /usr/share/shorewall/action.AllowNNTP...
Pre-processing /usr/share/shorewall/action.AllowTrcrt...
Pre-processing /usr/share/shorewall/action.AllowSNMP...
Pre-processing /usr/share/shorewall/action.AllowPCA...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Processing /etc/shorewall/rules...
Rule "ACCEPT net fw tcp 80,443,22,25,109,110,143,10000 -" added.
Rule "ACCEPT net fw icmp 8 -" added.
Rule "ACCEPT loc fw tcp 80,443,22,25,109,110,143,10000 -" added.
Rule "ACCEPT loc fw icmp 8 -" added.
Rule "REDIRECT loc 3128 tcp www -" added.
Rule "ACCEPT fw net tcp www" added.
Processing Actions...
Processing /usr/share/shorewall/action.Drop...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "dropInvalid" added.
Rule "DropSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" added.
Rule "DropDNSrep" added.
Processing /usr/share/shorewall/action.Reject...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "dropInvalid" added.
Rule "RejectSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" added.
Rule "DropDNSrep" added.
Processing /usr/share/shorewall/action.RejectAuth...
Rule "REJECT - - tcp 113" added.
Processing /usr/share/shorewall/action.DropSMB...
Rule "DROP - - udp 135" added.
Rule "DROP - - udp 137:139" added.
Rule "DROP - - udp 445" added.
Rule "DROP - - tcp 135" added.
Rule "DROP - - tcp 139" added.
Rule "DROP - - tcp 445" added.
Processing /usr/share/shorewall/action.DropUPnP...
Rule "DROP - - udp 1900" added.
Processing /usr/share/shorewall/action.DropDNSrep...
Rule "DROP - - udp - 53" added.
Processing /usr/share/shorewall/action.RejectSMB...
Rule "REJECT - - udp 135" added.
Rule "REJECT - - udp 137:139" added.
Rule "REJECT - - udp 445" added.
Rule "REJECT - - tcp 135" added.
Rule "REJECT - - tcp 139" added.
Rule "REJECT - - tcp 445" added.
Processing /etc/shorewall/policy...
Policy ACCEPT for fw to net using chain fw2net
Policy ACCEPT for fw to loc using chain fw2loc
Policy DROP for net to fw using chain net2all
Policy ACCEPT for loc to fw using chain loc2fw
Policy ACCEPT for loc to net using chain loc2net
Masqueraded Networks and Hosts:
To 0.0.0.0/0 (all) from 192.168.4.0/255.255.255.0 through eth0
Processing /etc/shorewall/tos...
Rule "all all tcp - ssh 16" added.
Rule "all all tcp ssh - 16" added.
Rule "all all tcp - ftp 16" added.
Rule "all all tcp ftp - 16" added.
Rule "all all tcp ftp-data - 8" added.
Rule "all all tcp - ftp-data 8" added.
Processing /etc/shorewall/ecn...
Activating Rules...
/usr/share/shorewall/firewall: line 5349: /var/lib/shorewall/chains: Read-only file system
/usr/share/shorewall/firewall: line 5350: /var/lib/shorewall/zones: Read-only file system
Processing /etc/shorewall/start ...
/usr/share/shorewall/firewall: line 5599: /var/lib/shorewall/restarted: Read-only file system
Shorewall Restarted
mv: inter-device move failed: `/root/tmp/shorewall.u16916' to `/var/lib/shorewall/restore-base'; unable to remove target: Read-only file system
[root@mail shorewall]#

más info porfa

Hola, según veo algo pasa con el directorio /var/lib/shorewall

por ende puedes postear qué devuelve el comando

mount

y también qué devuelve el comando


ls -l /var/lib/shorewall

Esperaré respuesta para poderte ayudar, si deseas para ayudarte mejor, me avisas y te agrego al amsn.

Y creo q te puedo ayudar porque yo también uso shorewall.

------------------
José Villavicencio

------------------
José Villavicencio

Tienes varios mensajes del

Imagen de deathUser

Tienes varios mensajes del tipo:
[quote]touch: cannot touch `/var/lib/shorewall/nat': Read-only file system
[/quote]

Así que parece que tuviste algún problema al iniciar tu máquina, de pronto y te está pidiendo que le hagas un fsck, mira si reinicias y te fijas en los mensajes que te de al arrancar, quizás te pida que ejecutes manualmente fsck, si es así hazlo y de pronto solucionas el problema, por cualquier cosa obten un backup de tu info...

bye
:)

necesito ayuda shorewall si

necesito ayuda shorewall
si tengo un servidor con dos tarjetas de red cada cual en una red diferente A y B, cada una de estas tarjetas se conecta a un switch y estos a su ves tienen pc de usuario final

si quiero q un usuario del segmento A vea a un usuario del segmento B, como lo hago con shorewall?? a parte de dar permisos totales de trafico entre A y B con shorewall tengo q definir rutas estáticas en mi server o el shorewall me hace tambien las rutas estaticas al momento de configurar zonas permisos interfaces y eso

Att.

Xavier !!!