shorewall-users April 2012 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: Re: [Shorewall-users] problems with shorewall p

Re: [Shorewall-users] problems with shorewall proxyarp

From: <dark_night_at_nospam>
Date: Mon Apr 16 2012 - 19:09:13 GMT
To: shorewall-users@lists.sourceforge.net

Hello tom,
proxyarp file:
94.23.87.229 vmbr0 eth0 no yes
same error with openvz.
thanks for the help.
regards,
Santiago.

-----Original Message-----
From: Tom Eastep <teastep@shorewall.net>
To: shorewall-users <shorewall-users@lists.sourceforge.net>
Sent: Mon, Apr 16, 2012 1:52 pm
Subject: Re: [Shorewall-users] problems with shorewall proxyarp

On 4/16/12 9:07 AM, dark_night@aol.es wrote:
> m
> Subject: Re: [Shorewall-users] problems with shorewall proxyarp
>
> Hello Tom,
>
> I configured shorewall as explained in the guide, starts well but when
> I try to start a vps with shorewall started get this error:
> Starting CT 101: Starting container ...
> Container is mounted
> Adding IP address(es): 94.23.87.229
> RTNETLINK answers: File exists
> vps-net_add ERROR: Unable to add route ip route add 94.23.87.229 dev
> venet0
> Container start failed (try to check kernel messages, e.g. "dmesg |
> tail")
> What should edit to work well proxy arp?
> my proxyarp file:
> #ADDRESS INTERFACE EXTERNAL HAVEROUTE
> PERSISTENT
> 94.23.87.229 vmbr0 eth0
> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
> masq file:
> #INTERFACE SOURCE ADDRESS PROTO
PORT(S)
> IPSEC MARK
> eth0 10.1.1.0/24
> interfaces:
> net eth0 detect
> tcpflags,routefilter,nosmurfs,logmartians
> dmz venet0 detect routeback
> dmz vmbr0 detect routeback,bridge
> zones file:
> fw firewall
> net ipv4
> loc ipv4
> dmz ipv4

Put 'Yes' in the HAVEROUTE column of the proxyarp file.

-Tom
-- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------- ----- For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users