On the Shorewall-lite box, what does 'shorewall-lite show config' produce? Tom teas...@shorewall.net http://www.shorewall.net
-----Original Message----- From: matt darfeuille [mailto:matd...@gmail.com] Sent: Thursday, September 12, 2013 1:06 PM To: Shorewall Users Subject: Re: [Shorewall-users] shorewall-lite error at start I should have explained a bit more what I already did! I refollowed the provided link with the following steps: one generating the capabilities file on the firewall system then copying it along with shorewallrc to the administrative system. Then on the administrative system in the export directory(/usr/share I put the capabilities, shorewallrc files along with those copied from /usr/share/shorewall/configfiles. then I configured the zone interface policy stoppedrules masq along with the shorewall.conf modified as stated on the provided link. then I issued the command /sbin/shorewall load 192.168.88.1 and the output of it is: --- Processing /usr/share/shorewall/3700/params ... Processing /usr/share/shorewall/3700/shorewall.conf... WARNING: Your capabilities file is out of date -- it does not contain all of the capabilities defined by Shorewall version 4.5.18 Compiling /usr/share/shorewall/3700/zones... Compiling /usr/share/shorewall/3700/interfaces... Determining Hosts in Zones... WARNING: *** mult2 is an EMPTY ZONE *** Locating Action Files... Compiling /usr/share/shorewall/3700/policy... Running /usr/share/shorewall/3700/initdone... Adding Anti-smurf Rules Adding rules for DHCP Compiling TCP Flags filtering... Compiling Kernel Route Filtering... Compiling Martian Logging... Compiling /usr/share/shorewall/3700/masq... Compiling MAC Filtration -- Phase 1... Compiling /usr/share/shorewall/3700/rules... Compiling /usr/share/shorewall/3700/conntrack... Compiling MAC Filtration -- Phase 2... Applying Policies... Compiling /usr/share/shorewall/action.Drop for chain Drop... Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast... Generating Rule Matrix... Compiling /usr/share/shorewall/action.Reject for chain Reject... Creating iptables-restore input... Compiling /usr/share/shorewall/3700/stoppedrules... Shorewall configuration compiled to /usr/share/shorewall/3700/firewall Copying /usr/share/shorewall/3700/firewall and /usr/share/shorewall/3700/firewall.conf to 192.168.88.1:/var/lib/shorewall-lite... Enter passphrase for key '/root/.ssh/id_rsa': scp: /var/lib/shorewall-lite: No such file or directory ------ Am I totally mistaken? Md On 12 Sep 2013 at 11:41, Tom Eastep wrote: Date sent: Thu, 12 Sep 2013 11:41:16 -0700 From: Tom Eastep <teas...@shorewall.net> To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] shorewall-lite error at start Send reply to: Shorewall Users <shorewall-users@lists.sourceforge.net> <mailto:shorewall-users-requ...@lists.sourceforge.net?subject=unsubscribe> <mailto:shorewall-users-requ...@lists.sourceforge.net?subject=subscribe> > On 09/12/2013 11:04 AM, matt darfeuille wrote: > > Hi, > > > > My main gateway is a router running on OpenWrt Barrier Breaker > > r37816/ Kernel Version3.10.4. > > > > I installed shorewall-lite from openwrt's repo using opkg but while > > trying to start shorewall-lite I get the folowing errors: > > > > The first error i got was "scp: /var/lib/shorewall-lite: No such > > file or directory" simply resolved by making the folder > > "shorewall-lite" in/var/lib/ > > > > the second error I am facing is > > > > "ERROR: Shorewall Lite is not properly installed > > The file /etc/shorewall-lite/state/firewall does not > > exist" > > > > As expected creating the file "firewall" in /etc/shorewall-lite/ > > does not help so if any one can assist fixing it I would be > > appreciated!:) > > > > Sounds like you don't understand how Shorewall-lite works. Please look > at http://www.shorewall.net/Shorewall-Lite.html. That article > describes how to generate the firewall script on a system that has > Shorewall installed and how to transfer the script to the > Shorewall-lite system. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ---------------------------------------------------------------------------- -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
