I did what you suggested on a fresh install, copying shorewallrc from
the firewall system to the administrative system and modifying
shorewallrc with the provided line but no luck!
root@old:/usr/share/shorewall/3700# /sbin/shorewall load 192.168.88.1
Processing /usr/share/shorewall/3700/params ...
Processing /usr/share/shorewall/3700/shorewall.conf...
WARNING: Your capabilities file is out of date -- it does not
contain all of the capabilities defined by Shorewall version 4.5.18
Compiling /usr/share/shorewall/3700/zones...
Compiling /usr/share/shorewall/3700/interfaces...
Determining Hosts in Zones...
WARNING: *** mult2 is an EMPTY ZONE ***
Locating Action Files...
Compiling /usr/share/shorewall/3700/policy...
Running /usr/share/shorewall/3700/initdone...
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling /usr/share/shorewall/3700/masq...
Compiling MAC Filtration -- Phase 1...
Compiling /usr/share/shorewall/3700/rules...
Compiling /usr/share/shorewall/3700/conntrack...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Compiling /usr/share/shorewall/action.Drop for chain Drop...
Compiling /usr/share/shorewall/action.Broadcast for chain
Broadcast...
Generating Rule Matrix...
Compiling /usr/share/shorewall/action.Reject for chain Reject...
Creating iptables-restore input...
Compiling /usr/share/shorewall/3700/stoppedrules...
Shorewall configuration compiled to
/usr/share/shorewall/3700/firewall
Copying /usr/share/shorewall/3700/firewall and
/usr/share/shorewall/3700/firewall.conf to
192.168.88.1:/var/lib/shorewall-lite...
Enter passphrase for key '/root/.ssh/id_rsa':
scp: /var/lib/shorewall-lite: No such file or directory
root@old:/usr/share/shorewall/3700# cat shorewallrc
#
# Created by Shorewall Core version 4.5.7 configure - Tue Sep 10
18:53:19 MST 2013
#
# Input: --target=mips-openwrt-linux --host=mips-openwrt-linux
--build=x86_64-linux-gnu --program-prefix= --program-suffix=
--prefix=/usr --exec-prefix=/usr --bindir=/usr/bin
--sbindir=/usr/sbin --libexecdir=/usr/lib --sysconfdir=/etc
--datadir=/usr/share --localstatedir=/var --mandir=/usr/man
--infodir=/usr/info --disable-nls vendor=linux
#
HOST=linux
PREFIX=/usr
SHAREDIR=/usr/share
LIBEXECDIR=/usr/lib
PERLLIBDIR=${PREFIX}/share/shorewall
CONFDIR=/etc
SBINDIR=/usr/sbin
MANDIR=/usr/man
INITDIR=etc/init.d
INITSOURCE=init.sh
INITFILE=$PRODUCT
AUXINITSOURCE=
AUXINITFILE=
SYSTEMD=
SYSCONFFILE=
SYSCONFDIR=/etc
SPARSE=
ANNOTATED=
#VARDIR=/var/lib
VARDIR=/etc/shorewall/state
MD
On 13 Sep 2013 at 7:44, Tom Eastep wrote:
Date sent: Fri, 13 Sep 2013 07:44:35 -0700
From: Tom Eastep <[email protected]>
To: [email protected]
Subject: Re: [Shorewall-users] shorewall-lite error at start
Send reply to: Shorewall Users <[email protected]>
<mailto:[email protected]?subject=unsubscribe>
<mailto:[email protected]?subject=subscribe>
> On 9/13/2013 7:06 AM, matt darfeuille wrote:
> > yes the file vardir does exist on the firewall system and has the
> > following: root@OpenWrt:~# cat /etc/shorewall-lite/vardir
> > # move state dir out of ram
> > VARDIR=/etc/shorewall-lite/state
> >
>
> Okay -- try this:
>
> a) copy the /usr/share/shorewall/shorewallrc file from the
> Shorewall-lite box to it's configuration directory on the Shorewall
> system.
>
> b) Modify that copy to say:
>
> VARDIR=/etc/shorewall/state
>
> Now try 'shorewall load <lite box name-or-address>'
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
