Re: [Shorewall-users] Configuration for ppp0 and wlan0 (Standalone laptop - Debian Squeeze)

Sat, 06 Aug 2011 18:57:28 -0700 

> -----Original Message--------------------------------------------
> Date: Fri, 05 Aug 2011 06:09:31 -0700
> From: Tom Eastep <[email protected]>
> To: Shorewall Users <[email protected]>
> Subject: Re: [Shorewall-users] Configuration for ppp0 and wlan0 (Standalone 
> laptop - Debian Squeeze)
> 
> 
> I suggest that you install and configure Shorewall-init. It will close
> the firewall before the interfaces come up and will automatically
> restart Shorewall when interfaces come up. 
> 
> a) Make both interfaces optional (set the 'optional' option
> in /etc/shorewall/interfaces.
> b) Set REQUIRE_INTERFACE=Yes in shorewall.conf.
> c) Configure Shorewall-init as described at
> http://www.shorewall.net/Shorewall-init.html
> d) Remove the 'wait_interface=' setting from /etc/default/shorewall
> 
> -Tom
> -- 
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________


Hi Tom,

Thank you for your advice and help. I have done as you have described above and 
all seems to be ok.

Is it correct to keep startup disabled ("startup=0" in /etc/default/shorewall) 
in this instance? I read the following paragraph at 
http://www.shorewall.net/Shorewall-init.html, which refers to the situation 
when IFUPDOWN=1 in /etc/default/shorewall-init, that startup can be disabled 
when at least one interface is marked as optional (which I have). However, I 
have IFUPDOWN=0 since I'm using Gnome PPP and Wicd only; not NetworkManager or 
ifup/ifdown scripts) - is startup=0 ok in this case? 

    "Optional) -- If you have specified at least one required or optional 
interface, you can then disable automatic firewall startup at boot time. On 
Debian systems, set startup=0 in /etc/default/product. On other systems, use 
your service startup configuration tool (chkconfig, insserv, ...) to disable 
startup."

I would like to also take the opportunity to thank you for Shorewall, great 
software! 

Cheers,
Toby

------------------------------------------------------------------------------
BlackBerry&reg; DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts. 
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to