> Another note -- when someone sends me a problem configuration, the *first* > thing I do is edit the shorewall.conf file and set > CONFIG_PATH=/usr/share/shorewall/ (that's where I install Shorewall > --YMMV). As I already pointed out, my "CONFIG_PATH=.:/usr/share/shorewall" (that's the config path in shorewall.conf which resides in my test case directory), so I don't see why shorewall decided not to honour this setting and started looking in /etc/shorewall for whatever reason.
Besides, setting "CONFIG_PATH=/usr/share/shorewall" in shorewall.conf still gets me "/usr/share/shorewall/lib.cli-std: line 41: /etc/shorewall/params: Permission denied". > That stops the compiler from looking in /etc/shorewall. Now I can > compile the configuration without interference from /etc/shorewall. That still doesn't explain why lib.common has CONFIG_PATH set to different values (including shoving "/etc" in there) to what I have specified in my own shorewall.conf, which was more or less the point I was making. > The > *second* thing I do is add a capabilities file if the person neglected to > include one. Now I can 'shorewall check .' and 'shorewall compile . > firewall' and analyze the problem. I haven't reached that far - one problem at the time. ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
