API tools faq
paste
AndrzejL

shorewall diagnostics after reboot

AndrzejL
Dec 14th, 2012
181
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.44 KB | None | 0 0
raw download clone embed print report
  1. root@wishmacer andrzejl]# systemctl status shorewall.service
  2. shorewall.service - Shorewall IPv4 firewall
  3. Loaded: loaded (/usr/lib/systemd/system/shorewall.service; enabled)
  4. Active: active (exited) since Fri, 2012-12-14 13:18:24 GMT; 1min 42s ago
  5. Process: 381 ExecStart=/usr/sbin/shorewall $OPTIONS start (code=exited, status=0/SUCCESS)
  6. CGroup: name=systemd:/system/shorewall.service
  7.  
  8. Dec 14 13:18:23 wishmacer.loc shorewall[381]: Setting up Martian Logging...
  9. Dec 14 13:18:23 wishmacer.loc shorewall[381]: Setting up Proxy ARP...
  10. Dec 14 13:18:23 wishmacer.loc shorewall[381]: Preparing iptables-restore input...
  11. Dec 14 13:18:23 wishmacer.loc shorewall[381]: Running /usr/sbin/iptables-restore...
  12. Dec 14 13:18:23 wishmacer.loc shorewall[381]: IPv4 Forwarding Enabled
  13. Dec 14 13:18:23 wishmacer.loc shorewall[381]: Processing /etc/shorewall/start ...
  14. Dec 14 13:18:24 wishmacer.loc shorewall[381]: Processing /etc/shorewall/started ...
  15. Dec 14 13:18:24 wishmacer.loc logger[1135]: Shorewall started
  16. Dec 14 13:18:24 wishmacer.loc shorewall[381]: done.
  17. Dec 14 13:18:24 wishmacer.loc systemd[1]: Started Shorewall IPv4 firewall.
  18. [root@wishmacer andrzejl]# cat /var/log/shorewall.log
  19. Fri 14 Dec 13:11:49 GMT 2012
  20. [root@wishmacer andrzejl]# cat /var/log/shorewall-init.log
  21. Dec 14 13:18:15 Processing /etc/shorewall/params ...
  22. Dec 14 13:18:15 Processing /etc/shorewall/shorewall.conf...
  23. Dec 14 13:18:15 Loading Modules...
  24. Dec 14 13:18:21 Compiling /etc/shorewall/zones...
  25. Dec 14 13:18:21 Compiling /etc/shorewall/interfaces...
  26. Dec 14 13:18:21 Interface "net eth0 -" Validated
  27. Dec 14 13:18:21 Determining Hosts in Zones...
  28. Dec 14 13:18:21 net (ipv4)
  29. Dec 14 13:18:21 eth0:0.0.0.0/0
  30. Dec 14 13:18:21 fw (firewall)
  31. Dec 14 13:18:21 Locating Action Files...
  32. Dec 14 13:18:21 Compiling /usr/share/shorewall/action.Drop for chain Drop...
  33. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.Auth...
  34. Dec 14 13:18:21 Rule "PARAM - - tcp 113" Compiled
  35. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.Auth
  36. Dec 14 13:18:21 Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast...
  37. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
  38. Dec 14 13:18:21 Rule "PARAM - - icmp fragmentation-needed" Compiled
  39. Dec 14 13:18:21 Rule "PARAM - - icmp time-exceeded" Compiled
  40. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.AllowICMPs
  41. Dec 14 13:18:21 Compiling /usr/share/shorewall/action.Invalid for chain Invalid...
  42. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.SMB...
  43. Dec 14 13:18:21 Rule "PARAM - - udp 135,445" Compiled
  44. Dec 14 13:18:21 Rule " PARAM - - udp 137:139" Compiled
  45. Dec 14 13:18:21 Rule "PARAM - - udp 1024: 137" Compiled
  46. Dec 14 13:18:21 Rule "PARAM - - tcp 135,139,445" Compiled
  47. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.SMB
  48. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
  49. Dec 14 13:18:21 Rule "PARAM - - udp 1900" Compiled
  50. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.DropUPnP
  51. Dec 14 13:18:21 Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...
  52. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
  53. Dec 14 13:18:21 Rule "PARAM - - udp - 53" Compiled
  54. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.DropDNSrep
  55. Dec 14 13:18:21 Compiling /usr/share/shorewall/action.Reject for chain Reject...
  56. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.Auth...
  57. Dec 14 13:18:21 Rule "PARAM - - tcp 113" Compiled
  58. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.Auth
  59. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.AllowICMPs...
  60. Dec 14 13:18:21 Rule "PARAM - - icmp fragmentation-needed" Compiled
  61. Dec 14 13:18:21 Rule "PARAM - - icmp time-exceeded" Compiled
  62. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.AllowICMPs
  63. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.SMB...
  64. Dec 14 13:18:21 Rule "PARAM - - udp 135,445" Compiled
  65. Dec 14 13:18:21 Rule " PARAM - - udp 137:139" Compiled
  66. Dec 14 13:18:21 Rule "PARAM - - udp 1024: 137" Compiled
  67. Dec 14 13:18:21 Rule "PARAM - - tcp 135,139,445" Compiled
  68. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.SMB
  69. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.DropUPnP...
  70. Dec 14 13:18:21 Rule "PARAM - - udp 1900" Compiled
  71. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.DropUPnP
  72. Dec 14 13:18:21 ..Expanding Macro /usr/share/shorewall/macro.DropDNSrep...
  73. Dec 14 13:18:21 Rule "PARAM - - udp - 53" Compiled
  74. Dec 14 13:18:21 ..End Macro /usr/share/shorewall/macro.DropDNSrep
  75. Dec 14 13:18:21 Compiling /etc/shorewall/policy...
  76. Dec 14 13:18:21 Policy for fw to net is ACCEPT using chain fw2net
  77. Dec 14 13:18:21 Policy for net to fw is DROP using chain net2all
  78. Dec 14 13:18:21 Policy for net to fw is REJECT using chain all2all
  79. Dec 14 13:18:21 Policy for fw to net is REJECT using chain all2all
  80. Dec 14 13:18:22 Running /etc/shorewall/initdone...
  81. Dec 14 13:18:22 Compiling Kernel Route Filtering...
  82. Dec 14 13:18:22 Compiling Martian Logging...
  83. Dec 14 13:18:22 Compiling /etc/shorewall/tcrules...
  84. Dec 14 13:18:22 Compiling MAC Filtration -- Phase 1...
  85. Dec 14 13:18:22 Chain eth0_iop deleted
  86. Dec 14 13:18:22 Chain eth0_fop deleted
  87. Dec 14 13:18:22 Compiling /etc/shorewall/rules...
  88. Dec 14 13:18:22 Rule "ACCEPT net fw tcp 50505 -" Compiled
  89. Dec 14 13:18:22 Compiling /etc/shorewall/conntrack...
  90. Dec 14 13:18:22 Conntrack rule "CT:helper:amanda:PO - - udp 10080" Compiled
  91. Dec 14 13:18:22 Conntrack rule "CT:helper:amanda:PO - - udp 10080" Compiled
  92. Dec 14 13:18:22 Conntrack rule "CT:helper:ftp:PO - - tcp 21" Compiled
  93. Dec 14 13:18:22 Conntrack rule "CT:helper:ftp:PO - - tcp 21" Compiled
  94. Dec 14 13:18:22 Conntrack rule "CT:helper:irc:PO - - tcp 6667" Compiled
  95. Dec 14 13:18:22 Conntrack rule "CT:helper:irc:PO - - tcp 6667" Compiled
  96. Dec 14 13:18:22 Conntrack rule "CT:helper:netbios-ns:PO - - udp 137" Compiled
  97. Dec 14 13:18:22 Conntrack rule "CT:helper:netbios-ns:PO - - udp 137" Compiled
  98. Dec 14 13:18:22 Conntrack rule "CT:helper:pptp:PO - - tcp 1723" Compiled
  99. Dec 14 13:18:22 Conntrack rule "CT:helper:pptp:PO - - tcp 1723" Compiled
  100. Dec 14 13:18:22 Conntrack rule "CT:helper:sane:PO - - tcp 6566" Compiled
  101. Dec 14 13:18:22 Conntrack rule "CT:helper:sane:PO - - tcp 6566" Compiled
  102. Dec 14 13:18:22 Conntrack rule "CT:helper:sip:PO - - udp 5060" Compiled
  103. Dec 14 13:18:22 Conntrack rule "CT:helper:sip:PO - - udp 5060" Compiled
  104. Dec 14 13:18:22 Conntrack rule "CT:helper:snmp:PO - - udp 161" Compiled
  105. Dec 14 13:18:22 Conntrack rule "CT:helper:snmp:PO - - udp 161" Compiled
  106. Dec 14 13:18:22 Conntrack rule "CT:helper:tftp:PO - - udp 69" Compiled
  107. Dec 14 13:18:22 Conntrack rule "CT:helper:tftp:PO - - udp 69" Compiled
  108. Dec 14 13:18:22 Compiling MAC Filtration -- Phase 2...
  109. Dec 14 13:18:22 Applying Policies...
  110. Dec 14 13:18:22 Policy DROP from net to fw using chain net2fw
  111. Dec 14 13:18:22 Policy ACCEPT from fw to net using chain fw2net
  112. Dec 14 13:18:22 Generating Rule Matrix...
  113. Dec 14 13:18:22 Handling complex zones...
  114. Dec 14 13:18:22 Entering main matrix-generation loop...
  115. Dec 14 13:18:22 Chain eth0_in deleted
  116. Dec 14 13:18:22 Finishing matrix...
  117. Dec 14 13:18:22 Chain eth0_fwd deleted
  118. Dec 14 13:18:22 Creating iptables-restore input...
  119. Dec 14 13:18:22 Shorewall configuration compiled to /var/lib/shorewall/.start
  120. Dec 14 13:18:22 Starting Shorewall....
  121. Dec 14 13:18:22 Initializing...
  122. Dec 14 13:18:23 Processing /etc/shorewall/init ...
  123. Dec 14 13:18:23 Processing /etc/shorewall/tcclear ...
  124. Dec 14 13:18:23 Setting up Route Filtering...
  125. Dec 14 13:18:23 Setting up Martian Logging...
  126. Dec 14 13:18:23 Setting up Proxy ARP...
  127. Dec 14 13:18:23 Disabling Kernel Automatic Helper Association
  128. Dec 14 13:18:23 Preparing iptables-restore input...
  129. Dec 14 13:18:23 Running /usr/sbin/iptables-restore...
  130. Dec 14 13:18:23 IPv4 Forwarding Enabled
  131. Dec 14 13:18:23 Processing /etc/shorewall/start ...
  132. Dec 14 13:18:24 Processing /etc/shorewall/started ...
  133. Dec 14 13:18:24 done.
  134. [root@wishmacer andrzejl]# systemd-analyze blame
  135. 15699ms shorewall.service
  136. 6739ms dkms.service
  137. 6080ms snmpd.service
  138. 5042ms bluetooth.service
  139. 4943ms systemd-logind.service
  140. 2622ms systemd-modules-load.service
  141. 1989ms media-WindowsXP.mount
  142. 1314ms systemd-vconsole-setup.service
  143. 785ms systemd-udevd.service
  144. 756ms systemd-sysctl.service
  145. 468ms media-Disk_1.mount
  146. 381ms media-Disk_3.mount
  147. 339ms polkit.service
  148. 337ms systemd-tmpfiles-setup.service
  149. 321ms media-Disk_2.mount
  150. 256ms tmp.mount
  151. 188ms systemd-remount-fs.service
  152. 176ms systemd-udev-trigger.service
  153. 175ms media-PCLinuxOS_Home.mount
  154. 146ms media-55_GB_X\x2dTernal.mount
  155. 134ms dev-hugepages.mount
  156. 129ms sys-kernel-debug.mount
  157. 120ms dev-mqueue.mount
  158. 119ms upower.service
  159. 107ms home.mount
  160. 44ms media-189_GB_X\x2dTernal.mount
  161. 32ms udisks.service
  162. 4ms systemd-user-sessions.service
  163. [root@wishmacer andrzejl]# cat /usr/share/shorewall/modules | grep -i modules | grep -i -v -e "#"
  164. INCLUDE modules.essential
  165. INCLUDE modules.xtables
  166. INCLUDE modules.ipset
  167. INCLUDE modules.tc
  168. INCLUDE modules.extensions
  169. [root@wishmacer andrzejl]#
  170.  
  171. And some specs
  172.  
  173. [andrzejl@wishmacer ~]$ inxi -v7
  174. System: Host: wishmacer.loc Kernel: 3.6.9-1-ARCH i686 (32 bit, gcc: 4.7.2)
  175. Desktop: KDE 4.9.4 (Qt 4.8.4) info: plasma-desktop dm: kdm Distro: Arch Linux
  176. Machine: System: Acer product: TravelMate 2420 version: 0100 Chassis: type: 10
  177. Mobo: Acer model: Garda-910 version: Rev Bios: Phoenix version: V1.01 date: 12/15/2005
  178. CPU: Single core Intel Celeron M (-UP-) cache: 1024 KB flags: (nx sse sse2) bmips: 2993.35 clocked at 1496.332 MHz
  179. Graphics: Card: Intel Mobile 915GM/GMS/910GML Express Graphics Controller bus-ID: 00:02.0 chip-ID: 8086:2592
  180. X.Org: 1.13.0.902 driver: intel Resolution: [email protected]
  181. GLX Renderer: Mesa DRI Intel 915GM x86/MMX/SSE2 GLX Version: 1.4 Mesa 9.0.1 Direct Rendering: Yes
  182. Audio: Card: Intel 82801FB/FBM/FR/FW/FRW (ICH6 Family) AC'97 Audio Controller
  183. driver: snd_intel8x0 ports: 1c00 18c0 bus-ID: 00:1e.2 chip-ID: 8086:266e
  184. Sound: Advanced Linux Sound Architecture ver: 1.0.25
  185. Network: Card-1: Realtek RTL-8139/8139C/8139C+ driver: 8139too ver: 0.9.28 port: 3000 bus-ID: 06:07.0 chip-ID: 10ec:8139
  186. IF: eth0 state: unknown speed: 100 Mbps duplex: full mac: 00:0a:e4:f6:d4:8f
  187. Card-2: Atheros AR5416 Wireless Network Adapter [AR5008 802.11(a)bgn]
  188. driver: ath9k bus-ID: 06:05.0 chip-ID: 168c:0023
  189. IF: wlan0 state: down mac: 00:1e:52:7a:46:5d
  190. WAN IP: 92.251.247.175 IF: eth0 ip: 192.168.0.100 ip-v6: N/A
  191. Drives: HDD Total Size: 474.0GB (40.5% used)
  192. 1: id: /dev/sda model: SAMSUNG_HM160HC size: 160.0GB serial: S12TJDQB229753
  193. 2: USB id: /dev/sdb model: ST950212A size: 50.0GB serial: 0000000000000000W-0:0
  194. 3: USB id: /dev/sdc model: WD600UE size: 60.0GB serial: 0000000000000000W-0:0
  195. 4: USB id: /dev/sdd model: 6Y200P0 size: 203.9GB serial: 0000000000000000W-0:0
  196. Optical: /dev/sr0 model: N/A rev: N/A dev-links: cdrom,cdrw,dvd,dvdrw
  197. Features: speed: 24x multisession: yes audio: yes dvd: yes rw: cd-r,cd-rw,dvd-r,dvd-ram state: N/A
  198. Partition: ID: / size: 25G used: 8.0G (35%) fs: ext4 dev: /dev/sda1
  199. label: N/A uuid: 1d57d4c0-ecdc-4f85-b997-bbaac4313b16
  200. ID: /media/189_GB_X-Ternal size: 187G used: 82G (47%) fs: ext4 dev: /dev/sdd1
  201. label: 189_GB_X-Ternal uuid: 91dfb8e5-c6e9-480e-9e54-1ec3ed95265d
  202. ID: /media/55_GB_X-Ternal size: 56G used: 15G (29%) fs: ext4 dev: /dev/sdc1
  203. label: 55_GB_X-Ternal uuid: 1b8dc88e-03e9-4d45-b2c3-33f9ed8eac2e
  204. ID: /media/Disk_2 size: 34G used: 24G (76%) fs: ext4 dev: /dev/sda8
  205. label: Data_Disk_2 uuid: 9a4e9fc2-e67f-4d7b-806b-df7f4c6fe3c3
  206. ID: /media/Disk_3 size: 25G used: 172M (1%) fs: ext4 dev: /dev/sda9
  207. label: N/A uuid: e27d88a0-bff9-4fad-abf6-ffa9ed5d88a1
  208. ID: /media/WindowsXP size: 10G used: 9.1G (91%) fs: fuseblk dev: /dev/sda3
  209. label: N/A uuid: 3E585764585719CB
  210. ID: /media/Disk_1 size: 34G used: 32G (100%) fs: ext4 dev: /dev/sda7
  211. label: Data_Disk_1 uuid: f5c313e3-22b8-484e-8ae8-8e0f79f1026c
  212. ID: /media/PCLinuxOS_Home size: 9.0G used: 1.6G (19%) fs: ext4 dev: /dev/sda10
  213. label: N/A uuid: 320cf41c-dc8c-41a0-bc10-e5fbfca3624f
  214. ID: /home size: 9.9G used: 7.4G (79%) fs: ext4 dev: /dev/sda6
  215. label: N/A uuid: b0cd3c12-a326-45b6-9a18-96c5af876a7e
  216. ID: /media/46_GB_X-Ternal size: 47G used: 168M (1%) fs: fuseblk dev: /dev/sdb1
  217. label: 46_GB_X-Ternal uuid: 14C0D1DFC0D1C6E0
  218. ID: /media/1862_GB_X-Ternal size: 1.9T used: 1.7T (97%) fs: fuse.sshfs dev: /dev/1862_GB_X-Ternal
  219. label: N/A uuid: N/A
  220. ID: swap-1 size: 2.15GB used: 0.00GB (0%) fs: swap dev: /dev/sda5
  221. label: N/A uuid: f84bd38a-3ab1-48c7-bc87-8251c8603d85
  222. RAID: No RAID data available - /proc/mdstat is missing - is md_mod kernel module loaded?
  223. Unmounted: ID: /dev/sr0 size: 1.07G label: N/A uuid: N/A
  224. Sensors: System Temperatures: cpu: 55.0C mobo: 30.0C
  225. Fan Speeds (in rpm): cpu: N/A
  226. Info: Processes: 134 Uptime: 27 min Memory: 566.3/2011.2MB Runlevel: 5 Gcc sys: 4.7.2
  227. Client: Shell (bash 4.2.39) inxi: 1.8.24
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!