I originally posted this message to the shorewall mailing list and it was suggested that I also post here as this seems to be a bering specific issue relating to shorwall.lrp and/or the script used to backup the shorwall.lrp file.
I've included my original two message, including one from Karl K. Sakai along with the two replies from Tom Eastep. My original message was: I recently tried upgrading from the shorewall that comes with Bering 1.0-rc2 (shorwall.lrp 1.2.x I think) to the LATEST.lrp on the shorewall site as of 6/19/2002. After I upgraded it worked fine on the first reboot, I copied my old rules, interfaces, etc.. files into the /etc/shorewall directory. I issued a shorewall stop and shorewall start command and everything loaded correctly. I went to the lrcfg program and backed up 'shorwall.lrp' and it completed successfully. I rebooted the computer and this time shorewall would not load. I dropped to a console and when I type: shorewall I get this error message: /var/lib/shorewall/functions does not exist! If I mkdir the functions directory, shorewall then it complains that 'firewall' does not exist? Is this an issue with the lrpcfg script that backs up shorewall? is it still trying to use the old directory structure to back up the config files? FYI, I am not using Bering 1.0-rc3... note: the only files I coppied from my older shorewall into the /etc/shorewall directory where: blacklist,interfaces,masq,policy,proxyarp,rules,tos,zones Steve Sobka [EMAIL PROTECTED] ---------------------------------------------------------- Karl K. Sakai's original message: I thought I was goin nuts. I tried to update using Bering 1.0 RC3 with the shorewall 1.3.2 in the same manner. Files I copied were blacklist, masq, interfaces, policy and rules. I kept getting the same error message "/var/lib/shorewallfunctions does not exist". I was watching the mailing list to see if I was the one with this problem. I have tried this on two attempts, both with shorewal 1.3.2. Previously I have been using Bering 1.0 RC2 with shorewall 1.3.1. Karl K. Sakai ---------------------------------------------------------- Reply from Tom Eastep: Sounds like /var/lib/shorewall isn't being backed up. The /var/lib/lrpkg/shorwall.list file that's included with Shorwall 1.3.2 includes /var/lib/shorewall and I assume that file drives the backup. Do you possibly still have the old file installed? -Tom ---------------------------------------------------------- My reply to Tom: It's possible I do... I assumed I did not because of the way I upgraded: Logon to firewall at console and drop to shell, 1) mount floppy, rename shorwall.lrp on Bering 1.0-rc2 to shorwall.bak 2) copy LATEST.lrp to shorwall.lrp on Bering 1.0-rc2 disk 3) reboot box 4) mount floppy, copy shorwall.bak /tmp 5) cd /tmp ; tar -zxvpf shorwall.bak 6) cp /tmp/etc/shorewall/*.files_I_need /etc/shorewall 7) rm -rf /tmp/* 8) shorewall stop (no errors) 9) shorewall start (no errors), loc, dmz, etc.. all work fine... 10) umount floppy 11) lrcfg, (b)ackup, shorwall.lrp, backup completed, no errors. 12) reboot box 13) when system restarts I cannot browse the net from loc, or dmz, I logon at console... 14) type: shorewall 15) get error messages about /var/lib/shorewall/functions not being found... I thought that by installing this way, I would be avoiding having two seperate versions running at the same time. My guess is it's the new shorewall directory structure for the 'firewall' and version files and them not being backed up when the shorwall.lrp file is created from the backup program? But what do I know, I am just a hickbot! :-) Hope this helps debug... P.S. I think I forgot to mention that I was also using shorewall 1.3.1, the one that was listed on the leaf.sf.net site under 'news' as of May 31, 2002. Steve Sobka ---------------------------------------------------------- Toms reply: Well, I don't run Bering here at all so it will have to be one of the Bering folks who gives you a hand. I suggest posting on the LEAF list as well. -Tom ---------------------------------------------------------- That's where I am... Anyone have any ideas? clues? Suggestions? Steve Sobka [EMAIL PROTECTED] ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
