On 9/29/2015 11:58 PM, Erich Titl wrote:
> Hi Tom
>
> Am 30.09.2015 um 03:36 schrieb Tom Eastep:
>> On 9/29/2015 3:59 PM, Erich Titl wrote:
>>> Hi Tom
>>>
>>> Am 30.09.2015 um 00:34 schrieb Tom Eastep:
>>> ...
>>>
AUTOHELPERS=Yes doesn't cause helpers to be loaded automatically, unless
>
Hi Folks
Am 30.09.2015 um 16:49 schrieb kp kirchdoerfer:
> Am Mittwoch, 30. September 2015, 08:58:17 schrieb Erich Titl:
>> Hi Tom
>>
>> Am 30.09.2015 um 03:36 schrieb Tom Eastep:
I got it running, well partially, and as usual the culprit could be
found by looking in the mirror.
The problem was
Am Mittwoch, 30. September 2015, 08:58:17 schrieb Erich Titl:
> Hi Tom
>
> Am 30.09.2015 um 03:36 schrieb Tom Eastep:
> > On 9/29/2015 3:59 PM, Erich Titl wrote:
> >> Hi Tom
> >>
> >> Am 30.09.2015 um 00:34 schrieb Tom Eastep:
> >> ...
> >>
> >>> AUTOHELPERS=Yes doesn't cause helpers to be loade
Hi Tom
Am 30.09.2015 um 03:36 schrieb Tom Eastep:
> On 9/29/2015 3:59 PM, Erich Titl wrote:
>> Hi Tom
>>
>> Am 30.09.2015 um 00:34 schrieb Tom Eastep:
>> ...
>>
>>>
>>> AUTOHELPERS=Yes doesn't cause helpers to be loaded automatically, unless
>>> module autoloading is enabled. It rather associates
On 9/29/2015 3:59 PM, Erich Titl wrote:
> Hi Tom
>
> Am 30.09.2015 um 00:34 schrieb Tom Eastep:
> ...
>
>>
>> AUTOHELPERS=Yes doesn't cause helpers to be loaded automatically, unless
>> module autoloading is enabled. It rather associates each helper with its
>> standard protocols and ports -- see
Hi Tom
Am 30.09.2015 um 00:34 schrieb Tom Eastep:
...
>
> AUTOHELPERS=Yes doesn't cause helpers to be loaded automatically, unless
> module autoloading is enabled. It rather associates each helper with its
> standard protocols and ports -- see the /etc/shorewall/conntrack file.
> The standard /u
Hi Tom
Am 30.09.2015 um 00:34 schrieb Tom Eastep:
> On 09/29/2015 03:17 PM, Erich Titl wrote:
>> Hi Folks
>>
>> Am 29.09.2015 um 22:32 schrieb Erich Titl:
>>> Hi Folks
>>>
>>> I seem to be stuck in my 5_2 attempts :-(
>>>
>>> shorewall refuses to start and I have difficulties understanding why. I
On 09/29/2015 03:17 PM, Erich Titl wrote:
> Hi Folks
>
> Am 29.09.2015 um 22:32 schrieb Erich Titl:
>> Hi Folks
>>
>> I seem to be stuck in my 5_2 attempts :-(
>>
>> shorewall refuses to start and I have difficulties understanding why. I
>> can see there are a number of iptables related modules m
Hi Folks
Am 29.09.2015 um 22:32 schrieb Erich Titl:
> Hi Folks
>
> I seem to be stuck in my 5_2 attempts :-(
>
> shorewall refuses to start and I have difficulties understanding why. I
> can see there are a number of iptables related modules missing
I checked the sha sums of all files which I
Hi Folks
I seem to be stuck in my 5_2 attempts :-(
shorewall refuses to start and I have difficulties understanding why. I
can see there are a number of iptables related modules missing
I compared the libnetfilter checksums and they match the ones from 5_2
on the packages directory
This is the
Hi
I'm trying http://shorewall.net/MultiISP.html working example
Bering5.0.1
in /var/lib/firewall
Compiled firewall script generated by Shorewall 4.5.18
fgrep is used
busybox don't have fgrep
man grep
In addition, two variant programs egrep and fgrep are available. egrep is
the
sam
Am 08.03.2012 23:34, schrieb Yves Blusseau:
> Hi all,
>
> i resend my email because it's seems that it has not been deliver properly to
> the mailing list:
>
>
> i see that shorewall update it's stable version to 4.5.0.3. Do you think to
> upgrade the leaf package to this version ?
>
> Anothe
Hi Yves;
Am 08.03.2012 23:34, schrieb Yves Blusseau:
> Hi all,
>
> i resend my email because it's seems that it has not been deliver properly to
> the mailing list:
>
>
> i see that shorewall update it's stable version to 4.5.0.3. Do you think to
> upgrade the leaf package to this version ?
Hi all,
i resend my email because it's seems that it has not been deliver properly to
the mailing list:
i see that shorewall update it's stable version to 4.5.0.3. Do you think to
upgrade the leaf package to this version ?
Another note, if i try a command like:
# shorewall update -a
Processi
--
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw
Hi
on 08.06.2011 19:04, KP Kirchdoerfer wrote:
> Am Mittwoch, 8. Juni 2011, um 18:53:16 schrieb davidMbrooke:
...
>
> Hi David;
>
> you're not alone complaining about the changes, in the meantime Tom changed
> the default in 4.4.20.1, so in the latest packages I commited yesterday
> everything
Am Mittwoch, 8. Juni 2011, um 18:53:16 schrieb davidMbrooke:
> On Sun, 2011-06-05 at 22:09 +0200, KP Kirchdoerfer wrote:
> > Hello;
> >
> >
> > in the beginning the shorewall configuration files had an exhaustive
> > documentation including examples.
> >
> > Later the documentation has been remo
On Sun, 2011-06-05 at 22:09 +0200, KP Kirchdoerfer wrote:
> Hello;
>
>
> in the beginning the shorewall configuration files had an exhaustive
> documentation including examples.
>
> Later the documentation has been removed to improve support size-constrained
> distros like LEAF, and was only a
Hello;
in the beginning the shorewall configuration files had an exhaustive
documentation including examples.
Later the documentation has been removed to improve support size-constrained
distros like LEAF, and was only available online or in the man-pages (which we
never added to our packages
On Mon, 2011-05-09 at 16:28 +1000, ads...@genis-x.com wrote:
> Hi all,
>
> Just playing with the latest RC1
> Bering-uClibc_4.0-rc1_i686_syslinux_vga.tar.gz
>
> Prep'd a USB boot stick and booted for the first time. I have a minimum
> amount of packages at the moment.
>
> LRP="root config etc mo
Hi all,
Just playing with the latest RC1
Bering-uClibc_4.0-rc1_i686_syslinux_vga.tar.gz
Prep'd a USB boot stick and booted for the first time. I have a minimum
amount of packages at the moment.
LRP="root config etc modules mawk iptables keyboard libm perl shorwall
dropbear"
On start up I get th
[EMAIL PROTECTED] wrote:
> I am trying to setup Bering uClibc 3.1 beta 1,
>
> However When I try to insert some config in shorwall/tcdevices and tcclasses
> shorewall check complains with these
> --
> Validating /etc/shorewall/tcdevices...
> sed: bad option in
On Sun, 2007-04-01 at 17:43, Tom Eastep wrote:
> This is the first development release of the new Perl-based compiler.
Tom,
Congratulations on the new release. :-)
Everyone,
Now is the time to see if we can get the new perl release working with
microperl.
> It may be downloaded from:
>
> http:/
This is the first development release of the new Perl-based compiler.
It may be downloaded from:
http://www1.shorewall.net/pub/shorewall/development/3.9/shorewall-perl-3.9.0/
ftp://ftp1.shorewall.net/pub/shorewall/development/3.9/shorewall-perl-3.9.0/
Release notes are attached.
-Tom
--
Tom Ea
Simon Hobson wrote:
> Tom Eastep wrote:
>
>> Eventually, I might break Shorewall into three pieces:
>>
>> - shorewall-common
>> - shorewall-shell
>> - shorewall-perl
>
> Now that does make sense.
>
As such time as I do this (maybe as early as Shorewall 4.0.0), I will be
looking for someone else
Tom Eastep wrote:
>
> I forgot one step:
>
> e) Create a symbolic link /usr/share/shorewall/Shorewall which points to the
> Directory containing the trunk/New files. On my system, I have:
>
> [EMAIL PROTECTED]:~/shorewall# ll /usr/share/shorewall/Shorewall
> lrwxrwxrwx 1 root root 33 2007-03-15
Tom Eastep wrote:
> My experimentation with a Perl-based compiler for Shorewall is beginning
> to bear fruit. Here is a timing from the main firewall at shorewall.net
> using the Perl-based compiler. That compiler generates a script that
> uses iptables-restore to configure Netfilter.
>
> [EMAIL P
Tom Eastep wrote:
> Natanael Copa wrote:
>
>> Have you thought of lua? should give you better performance than perl
>> and would still be small enough for embedded. I can't say I have been
>> looking at the shorewall code, but lua is very table oriented, which
>> might be good for your table based
Simon Matter wrote:
> My question is whether it's possible to use perl for some kind of
> Shorewall-accelerator. I mean if it would be possible to create a simple
> shell to perl converter which then runs perl instead of the shell and does
> exactly the same, then it could be used whenever perl is
Mike Noyes wrote:
>
>
> I'd worry when distributions start dropping Shorewall. That's an
> indication of decline.
>
Good point.
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key
Natanael Copa wrote:
>
> Have you thought of lua? should give you better performance than perl
> and would still be small enough for embedded. I can't say I have been
> looking at the shorewall code, but lua is very table oriented, which
> might be good for your table based config files.
I suspe
I had hoped to be able to avoid another RC but there have been enough
changes that I've decided that the safe thing to do is to release RC3.
http://www1.shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-RC3/
ftp://ftp1.shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-RC3/
Pro
On Fri, 2007-02-23 at 16:02, Tom Eastep wrote:
> Activity on the mailing lists and IRC channel has been steadily declining
> for the last couple of years. This signals to me that the rate at which
> people are adopting Shorewall is waning (I grant that the documentation has
> gotten better over th
On Fri, 23 Feb 2007 16:02:06 -0800
Tom Eastep <[EMAIL PROTECTED]> wrote:
> I have begun some experimentation with rewriting the compiler in Perl and
> that is looking promising. Converting to Perl will unfortunately present
> migration/compatibility issues with compile-time extension scripts altho
On Sat, 2007-02-24 at 11:21, Tom Eastep wrote:
> I have thought about rewriting in C or C++ but writing C/C++ code is
> what I've done for a living for years. I look at Shorewall as an
> opportunity to do something other than what I do in my professional life.
Tom,
Since, in my opinion, FOSS devel
Mike Noyes wrote:
> Have you considered using glibc? This would address your speed issues,
> and possibly allow embedded systems to compile with uclibc.
>
>
>> I welcome your input and look forward to further discussion.
>
> I hope my input is useful in some way.
>
I have thought about rewrit
http://www1.shorewall.net/manpages/Manpages.html
They will be replicated to the main site and other mirrors shortly.
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://l
KP Kirchdoerfer wrote:
> Tom, the 3.4 beta has become pretty small, a complete build is only 98kb, a
> minimal but useful package with additional "modules" is just 84kb. Many
> thanks for your work to reduce the size.
You're welcome.
>
> Do you intend to make the man pages available on the sh
Am Mittwoch, 10. Januar 2007 21:11 schrieb Tom Eastep:
> KP Kirchdoerfer wrote:
> > I've built a version a Beta 2 for LEAF in the meantime.
> >
> > I've found that installing shorewall within our buildtool env
> > the /usr/share/shorewall/lib* files have tripled with lib*.orig and
> > lib*.orig.ori
KP Kirchdoerfer wrote:
> I've built a version a Beta 2 for LEAF in the meantime.
>
> I've found that installing shorewall within our buildtool env
> the /usr/share/shorewall/lib* files have tripled with lib*.orig and
> lib*.orig.orig
>
> Is this a shorewall problem in install.sh?
Not that I'm
Am Donnerstag, 28. Dezember 2006 17:20 schrieb Tom Eastep:
> I'm pleased to announce that Shorewall 3.4.0 Beta 1 is available at
> ftp://shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-Beta1 and
> at mirror sites world wide.
>
Thx Tom;
I've built a version a Beta 2 for LEAF in the mea
I'm pleased to announce that Shorewall 3.4.0 Beta 1 is available at
ftp://shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-Beta1 and at
mirror sites world wide.
The release notes can be viewed at
ftp://shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-Beta1/releasenotes.txt
R
Mostly bug fixes in this one. The shorewall-lite footprint has become smaller as
a result of splitting the former 'functions' file into two libraries: lib.base
and lib.config. See the release notes for details.
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline
Shorewall 3.2.4 is available at a mirror near you.
The release notes for both Shorewall 3.2.4 and Shorewall Lite 3.2.4 may be
viewed at
http://www.shorewall.net/pub/shorewall/3.2/shorewall-3.2.4/releasenotes.txt
One change is worth noting -- while it won't cause you any new problems if you
ignore
http://www1.shorewall.net/pub/shorewall/3.3/shorewall-3.3.1
ftp://ftp1.shorewall.net/pub/shorewall/3.3/shorewall-3.3.1
This release completes the modularization of Shorewall which began in
3.3.0. Action processing is now in a separate library. In most cases,
users can omit lib.action without seein
Am Dienstag, 29. August 2006 00:09 schrieb Tom Eastep:
> Eric Spakman wrote:
> > Hello Tom,
> >
> > That's great news! Thank you very much!
>
> You're welcome, Eric.
>
> Note that I'm leaving the separate packaging of the individual libraries to
> the embedded distros like Bering; the packages that
Eric Spakman wrote:
> Hello Tom,
>
> That's great news! Thank you very much!
>
You're welcome, Eric.
Note that I'm leaving the separate packaging of the individual libraries to the
embedded distros like Bering; the packages that I release will always contain
the full set of the libraries in as
Hello Tom,
That's great news! Thank you very much!
Eric Spakman
> I have opened up the 3.3 development thread.
>
>
> http://www1.shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0
> ftp://ftp1.shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0
>
>
> The two major changes in 3.3
I have opened up the 3.3 development thread.
http://www1.shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0
ftp://ftp1.shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0
The two major changes in 3.3.0 when compared to 3.2.3 are:
a) I have finished the code consolidation that I
Am Sonntag, 27. August 2006 19:17 schrieb Tom Eastep:
> Recently, KP sent me a private email that commented unfavorably on the
> increasing size of Shorewall. In my response, I indicated that there was
> some low-hanging fruit that could be picked to reduce Shorewall's overall
> size.
>
> I made so
Recently, KP sent me a private email that commented unfavorably on the
increasing size of Shorewall. In my response, I indicated that there was some
low-hanging fruit that could be picked to reduce Shorewall's overall size.
I made some of the changes in the just-released 3.2.3 version. I've now
co
I am pleased to announce the availability of Shorewall 3.2.0. This release
introduces a major change in the way that Shorewall processes its configuration
files. In older versions of Shorewall, the configuration files were parsed and
iptables commands were executed as a single step. In 3.2.0, the f
Thanks to the work of Cristian Rodriguez, the Shorewall source repository at
Sourceforge has been migrated from CVS to SVN.
http://sourceforge.net/svn/?group_id=22587
Thanks Cristian!
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://s
I'm about to start development on Shorewall 2.3. Given that Paul has
integrated Shorewall into the Bering buildtool environment, I propose
that beginning with Shorewall 2.3, I no longer provide Bering packages.
Any thoughts?
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented
A port of 2.2.3 to B-U's buildtool has been uploaded to
devel/pstraina/shorewall.
Please code review and send opinions/hate-mail, etc.
Thanks,
Paul
---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds o
Hi everybody
Networks 83.0.0.0 and 84.0.0.0 have been assigned to RIPE last year. In my version
(1.4.8) of shorewall these networks are still blocked by the rfc1918 rules. It it
probably worthwhile to remove these two networks from /etc/shorewall/rfc1918 if they
should still be there.
cheers
E
Mike Noyes wrote:
I know you've expressed concerns with LEAF branch scripting (ash,
busybox) limitations in the past. Any suggestions (lua, ruby, etc.) you
have are welcome. Maybe even contemplating a static target build from a
Shorewall host script is an option.
I see this as an extension of the g
Subject was Re: [leaf-devel] New Website & IE
On Sun, 2004-07-04 at 08:16, Tom Eastep wrote:
> Mike Noyes wrote:
> > As always, everyone's opinion is valuable. This is how we reach
> > consensus.
>
> I'm not sure that I had anything valuable to say in the first place. I
> should have taken a dee
On Tue, 2003-12-02 at 19:55, Mike Noyes wrote:
> Tom posted these messages to the Shorewall users list today.
>
> [Shorewall-users] Re: Shorewall For Dummies
> http://lists.shorewall.net/pipermail/shorewall-users/2003-December/010212.html
>
> [Shorewall-users] LEAF Support
> http://lists.sho
Everyone,
Tom posted these messages to the Shorewall users list today.
[Shorewall-users] Re: Shorewall For Dummies
http://lists.shorewall.net/pipermail/shorewall-users/2003-December/010212.html
[Shorewall-users] LEAF Support
http://lists.shorewall.net/pipermail/shorewall-users/2003-December/
As I announced today on the Shorewall lists, I am about to release
Shorewall 1.3.14. That will definitely be the last 1.3 release and will
probably be the last of the Shorewall 1.x.x releases. I am going to be
concentrating on Shorewall 2.
I will continue to support Shorewall 1.3 but will not b
Has anyone written instructions for the best way to do this? I would like
to include it (by reference if nothing else) in the Shorewall
Install/Upgrade instructions.
Thanks,
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline,\ http://www.shorewall.net
Washington USA \ [EMAIL PRO
On Sun, 2002-06-02 at 11:05, Mike Noyes wrote:
> Tom placed the Shorewall quick start guide and sample configurations in
> cvs. Please take a look at these documents. Tom could really use a hand
> maintaining them. If you're willing to help please contact Tom, so he
> can set you up with write acc
Everyone,
Tom placed the Shorewall quick start guide and sample configurations in
cvs. Please take a look at these documents. Tom could really use a hand
maintaining them. If you're willing to help please contact Tom, so he
can set you up with write access to the repository. Thanks.
Pserver check
In this release:
1. The 'try' command now accepts an optional timeout. If the timeout is
given in the command, the standard configuration will automatically
be restarted after the new configuration has been running for that
length of time. This prevents a remote admin from being locked o
Version 1.2 contains the following new features:
- Support for Traffic Control/Shaping
- Support for Filtering of Mangled/Invalid Packets
- Support for GRE Tunnels
For the next month or so, I will continue to provide corrections to version
1.1.18 as necessary so that current version 1.1.x user
I decided to release a 1.1.18 version. It:
a) Fixes the spelling of ADD_IP_ALIASES in shorewall.conf
b) Simplifies the logic for deleting user-defined filter chains to
work around a problem with the 'cut' utility in LRP.
c) Fix the /var/lib/lrpkg/shorwall.conf file to properly display the NAT
In this release:
a) A new "shorewall show connections" command has been added.
b) In the "shorewall monitor" output, the currently tracked
connections are now shown on a separate page.
c) Prior to this release, Shorewall unconditionally added the
external IP address(es) specified in /etc/
In this version:
a) Support for nested and overlapping zones has been enhanced.
b) Shorewall now correctly looks in the alternate configuration
directory for the 'zones' file.
-Tom
--
Tom Eastep \ [EMAIL PROTECTED]
ICQ: #60745924 \ http://shorewall.sourceforge.net
AIM: tmea
Shorewall 1.1.14 is available for download at:
http://sourceforge.net/projects/shorewall
In this version:
a) Shorewall now supports alternate configuration directories.
When an alternate directory is specified when starting or
restarting Shorewall (e.g., "shorewall -c /etc/testc
In this release:
1) Shell variables may now be used to parameterize your firewall rules.
A new file /etc/shorewall/params is provided for setting shell variable
values.
Example:
/etc/shorewall/params:
NET_IF=eth0
NET_BCAST=130.252.100.255
NET_OPTIONS=noping,norfc1918
The 1.1.12 LRP version of Shorewall has an obsolete copy of
/etc/shorewall/functions. The result is many error messages of the form:
separate_list: not found
The correct version may be obtained from:
ftp://seattlefirewall.dyndns.org/pub/shorewall/errata/1.1.12/functions
I apol
In this release:
a) An IP address, interface or subnet may be preceded by "!" to
specify complementation. For example, !192.168.1.2 means
"all hosts except 192.168.1.2".
b) The CLIENT(S), PORT(S) and CLIENT PORT(S) columns in the
rules file may now contain a comma-separated list.
Ex
a) The "tunnels" file is now in the RPM (really!)
b) SNAT can now be applied to port-forwarded connections.
c) A bug which would cause fireall start failures in some DHCP
configurations has been fixed.
d) The firewall script now issues a message if you have the
name of an interface in the se
This is a minor enhancement release. Changes include:
a) NAT may now be applied to packets sent from the firewall system itself.
b) Masquerade can be enabled by destination IP address.
A typo in the /etc/shorewall/rules template was also corrected.
-Tom
--
Tom Eastep \ [EMAIL PROTECT
Thus spoke David Douthitt:
> Tom Eastep wrote:
>
> > I believe that the problem here is that Eiger2Beta uses ash for sh and
> > ash's handling of at least the ${%%} shell construct is
> > broken:
> >
> > Here's what should happen (/bin/sh from Oxygen):
>
> Well, Oxygen uses ash also
Nod -- I
Thus spoke Tom Eastep:
> I believe that the problem here is that Eiger2Beta uses ash for sh and
> ash's handling of at least the ${%%} shell construct is
> broken:
>
> Here's what should happen (/bin/sh from Oxygen):
>
> # server="loc:192.168.1.1"
> # echo ${server%:*}
> loc
> # echo ${server%%:
Tom Eastep wrote:
> I believe that the problem here is that Eiger2Beta uses ash for sh and
> ash's handling of at least the ${%%} shell construct is
> broken:
>
> Here's what should happen (/bin/sh from Oxygen):
Well, Oxygen uses ash also I did try to compile (and did compile)
a newer versi
Thus spoke Ewald Wasscher:
> Ewald Wasscher wrote:
>
> >
> > I'll throw it all onto a floppy, put my current shorewall configfiles
> > with it and give it a try.
>
> And it didn't work when I used my real-world configuration. These
> configuration files do work whith shorewall 1.1.0 on Trustix 1.
Ewald Wasscher wrote:
>> If you think that it's working now,
>> I'll post a new .lrp in my download area that contains the fixes.
>
Too bad it doesn't. I have sent the garbage output by private email.
Ewald Wasscher
___
Leaf-devel mailing list
[EMAI
Tom Eastep wrote:
> Thus spoke Ewald Wasscher:
>
>
>> Ah, that helps! Thx alot for your quick replies.
>>
>
> Thank YOU for helping verify the .lrp.
My pleasure.
> If you think that it's working now,
> I'll post a new .lrp in my download area that contains the fixes.
I'll throw it all onto
Thus spoke Ewald Wasscher:
> >
> Ah, that helps! Thx alot for your quick replies.
>
Thank YOU for helping verify the .lrp. If you think that it's working now,
I'll post a new .lrp in my download area that contains the fixes. If
people don't have any problems with that version for a couple of da
Tom Eastep wrote:
>
> I think that I've spotted the problem. In function default_policy(),
> replace
>
> if [ "$chain" == "$chain1" ]; then
>
> with
>
> if [ "$chain" = "$chain1" ]; then
>
> I've been coding in C for too long I guess :=)
>
Ah, that helps! Thx alot for your quick
Thus spoke Ewald Wasscher:
> After using dos2unix on it it seems to work. Except for this strange output:
>
> Starting Shorewall...
> Loading Modules...
> Initializing...
> Determining Zones...
> Zones: net local dmz gw
> Determining Hosts in Zones...
> Deleting user chains...
> Configuring Pro
Tom Eastep wrote:
> Please "shorewall debug restart" 2> /tmp/trace and send me the /tmp/trace
> file.
Here it is.
Ewald Wasscher
trace.gz
Thus spoke Ewald Wasscher:
> Tom Eastep wrote:
>
> > Thus spoke Tom Eastep:
> >
> >> Hmmm -- This is probably because of how "grep" is defined on LRP. Please
> >> try it with the attached /etc/shorewall/functions file.
> >>
> >
> > Pardon me for following up my own post but the previously-posted
Tom Eastep wrote:
> Thus spoke Tom Eastep:
>
>> Hmmm -- This is probably because of how "grep" is defined on LRP. Please
>> try it with the attached /etc/shorewall/functions file.
>>
>
> Pardon me for following up my own post but the previously-posted functions
> file was brain-damaged. Here's
Thus spoke Tom Eastep:
> Hmmm -- This is probably because of how "grep" is defined on LRP. Please
> try it with the attached /etc/shorewall/functions file.
>
Pardon me for following up my own post but the previously-posted functions
file was brain-damaged. Here's one that works better...
Regard
Thus spoke Ewald Wasscher:
> Tom Eastep wrote:
>
> >
> > Hmmm -- This is probably because of how "grep" is defined on LRP. Please
> > try it with the attached /etc/shorewall/functions file.
>
> I did and the result is:
>
> : not found
> /etc/shorewall/functions: 29: Syntax error: expecting "in"
>
Tom Eastep wrote:
>
> Hmmm -- This is probably because of how "grep" is defined on LRP. Please
> try it with the attached /etc/shorewall/functions file.
I did and the result is:
: not found
/etc/shorewall/functions: 29: Syntax error: expecting "in"
But as I was reading around the shorewall sc
Thus spoke Ewald Wasscher:
> Hello Tom and others,
>
> I've been testing the new shorewall-1.1.1.lrp package on Eigerstein2beta
> today and have run into a few problems:
>
> First there seems to be an extra space in the line for
> /etc/shorewall/policy in /var/lib/lrpkg/shorewal.conf. When I trie
Hello Tom and others,
I've been testing the new shorewall-1.1.1.lrp package on Eigerstein2beta
today and have run into a few problems:
First there seems to be an extra space in the line for
/etc/shorewall/policy in /var/lib/lrpkg/shorewal.conf. When I tried to
edit /etc/shorewall/policy throu
As I mentioned last week, I've been working on an iptables-based firewall
script. It has reached the point where I believe it is ready for others
to try. Start at
http://seattlefirewall.dyndns.org/shorewall
where there are links to the documentation and to the downloads. I don't
have a .
93 matches
Mail list logo
