I get the following while running the requested command root@OpenWrt:~# shorewall-lite show config Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite Default VARDIR is /var/lib/shorewall-lite LIBEXEC is /usr/lib SBINDIR is /usr/sbin CONFDIR is /etc LITEDIR is /etc/shorewall-lite/state
MD On 12 Sep 2013 at 13:31, Tom Eastep wrote: From: "Tom Eastep" <[email protected]> To: <[email protected]> Date sent: Thu, 12 Sep 2013 13:31:25 -0700 Subject: Re: [Shorewall-users] shorewall-lite error at start Send reply to: Shorewall Users <[email protected]> <mailto:[email protected]?subject=unsubscr ibe> <mailto:[email protected]?subject=subscrib e> > On the Shorewall-lite box, what does 'shorewall-lite show config' > produce? > > Tom > [email protected] > http://www.shorewall.net > > -----Original Message----- > From: matt darfeuille [mailto:[email protected]] > Sent: Thursday, September 12, 2013 1:06 PM > To: Shorewall Users > Subject: Re: [Shorewall-users] shorewall-lite error at start > > I should have explained a bit more what I already did! > > I refollowed the provided link with the following steps: > one generating the capabilities file on the firewall system then > copying it along with shorewallrc to the administrative system. Then > on the administrative system in the export directory(/usr/share I put > the capabilities, shorewallrc files along with those copied from > /usr/share/shorewall/configfiles. then I configured the zone interface > policy stoppedrules masq along with the shorewall.conf modified as > stated on the provided link. then I issued the command /sbin/shorewall > load 192.168.88.1 and the output of it is: --- Processing > /usr/share/shorewall/3700/params ... Processing > /usr/share/shorewall/3700/shorewall.conf... > WARNING: Your capabilities file is out of date -- it does not > contain all > of the capabilities defined by Shorewall version 4.5.18 Compiling > /usr/share/shorewall/3700/zones... Compiling > /usr/share/shorewall/3700/interfaces... Determining Hosts in Zones... > WARNING: *** mult2 is an EMPTY ZONE *** Locating Action Files... > Compiling /usr/share/shorewall/3700/policy... Running > /usr/share/shorewall/3700/initdone... Adding Anti-smurf Rules Adding > rules for DHCP Compiling TCP Flags filtering... Compiling Kernel Route > Filtering... Compiling Martian Logging... Compiling > /usr/share/shorewall/3700/masq... Compiling MAC Filtration -- Phase > 1... Compiling /usr/share/shorewall/3700/rules... Compiling > /usr/share/shorewall/3700/conntrack... Compiling MAC Filtration -- > Phase 2... Applying Policies... Compiling > /usr/share/shorewall/action.Drop for chain Drop... Compiling > /usr/share/shorewall/action.Broadcast for chain Broadcast... > Generating Rule Matrix... Compiling /usr/share/shorewall/action.Reject > for chain Reject... Creating iptables-restore input... Compiling > /usr/share/shorewall/3700/stoppedrules... Shorewall configuration > compiled to /usr/share/shorewall/3700/firewall Copying > /usr/share/shorewall/3700/firewall and > /usr/share/shorewall/3700/firewall.conf to > 192.168.88.1:/var/lib/shorewall-lite... Enter passphrase for key > '/root/.ssh/id_rsa': scp: /var/lib/shorewall-lite: No such file or > directory ------ > > Am I totally mistaken? > > Md > > On 12 Sep 2013 at 11:41, Tom Eastep wrote: > > Date sent: Thu, 12 Sep 2013 11:41:16 -0700 > From: Tom Eastep <[email protected]> > To: [email protected] > Subject: Re: [Shorewall-users] shorewall-lite error at start > Send reply to: Shorewall Users <[email protected]> > > <mailto:[email protected]?subject=unsubscr > ibe> > > <mailto:[email protected]?subject=subscrib > e> > > > On 09/12/2013 11:04 AM, matt darfeuille wrote: > > > Hi, > > > > > > My main gateway is a router running on OpenWrt Barrier Breaker > > > r37816/ Kernel Version3.10.4. > > > > > > I installed shorewall-lite from openwrt's repo using opkg but > > > while trying to start shorewall-lite I get the folowing errors: > > > > > > The first error i got was "scp: /var/lib/shorewall-lite: No such > > > file or directory" simply resolved by making the folder > > > "shorewall-lite" in/var/lib/ > > > > > > the second error I am facing is > > > > > > "ERROR: Shorewall Lite is not properly installed > > > The file /etc/shorewall-lite/state/firewall does not > > > exist" > > > > > > As expected creating the file "firewall" in /etc/shorewall-lite/ > > > does not help so if any one can assist fixing it I would be > > > appreciated!:) > > > > > > > Sounds like you don't understand how Shorewall-lite works. Please > > look at http://www.shorewall.net/Shorewall-Lite.html. That article > > describes how to generate the firewall script on a system that has > > Shorewall installed and how to transfer the script to the > > Shorewall-lite system. > > > > -Tom > > -- > > Tom Eastep \ When I die, I want to go like my Grandfather who > > Shoreline, \ died peacefully in his sleep. Not screaming > > like Washington, USA \ all of the passengers in his car > > http://shorewall.net > > \________________________________________________ > > > > > > > > ---------------------------------------------------------------------- > ------ -- How ServiceNow helps IT people transform IT departments: 1. > Consolidate legacy IT systems to a single system of record for IT 2. > Standardize and globalize service processes across IT 3. Implement > zero-touch automation to replace manual, redundant tasks > http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.c > lktrk _______________________________________________ Shorewall-users > mailing list [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > ---------------------------------------------------------------------- > -------- How ServiceNow helps IT people transform IT departments: 1. > Consolidate legacy IT systems to a single system of record for IT 2. > Standardize and globalize service processes across IT 3. Implement > zero-touch automation to replace manual, redundant tasks > http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.c > lktrk _______________________________________________ Shorewall-users > mailing list [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
