With a network connection configured and enabled at boot, I try to enable a firewall through drakfirewall. It installs mandi, mandi-ifw, shorewall and shorewall6, then I choose NICs to be protected: eth0, wlan0 (the active one) and left unmarked tun0 (my VPN enabled in the wlan setup). After reboot, mandi seems enabled, but net_applet doesn't show its options, nor warnings on pings or scans. # systemctl status mandi.service mandi.service - LSB: Network monitoring daemon Loaded: loaded (/etc/rc.d/init.d/mandi) Active: active (running) since Sun, 2013-06-02 11:11:36 CEST; 3s ago Process: 6450 ExecStart=/etc/rc.d/init.d/mandi start (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/mandi.service รข 6459 /usr/sbin/mandi -d Jun 02 11:11:36 Sirte systemd[1]: Starting LSB: Network monitoring daemon... Jun 02 11:11:36 Sirte mandi[6450]: Starting mandi daemon: nl_create_socke...ed Jun 02 11:11:36 Sirte mandi[6450]: unable to init netlink Jun 02 11:11:36 Sirte mandi[6450]: unable to init "Interactive Firewall" plugin Jun 02 11:11:36 Sirte mandi[6450]: [ OK ] Jun 02 11:11:36 Sirte systemd[1]: Started LSB: Network monitoring daemon. Disabling the VPN setup and with wlan setup alone it has the same problems. It seems manually modprobing ipt_IFWLOG into the kernel solves the problem, but I'm not sure. Versions: mandi-1.2-2.mga3, mandi-ifw-1.2-2.mga3
After "modprobe ipt_IFWLOG" I see drakids working and mandi doesn't complain about anything. net_applet shows interactive firewall options but it still doesn't show warnings on pings or scans.
CC: (none) => mageia
This is a duplicate of Bug 8225 which I am re-opening. Log contains same "WARNING: The state match is obsolete. Use conntrack instead." messages as 8225 *** This bug has been marked as a duplicate of bug 8225 ***
Status: NEW => RESOLVEDCC: (none) => derekjennResolution: (none) => DUPLICATE