Hi All, I am attempting to install Shorewall on a new Debian box. I tried installing it via apt-get, but found that the version in the repos is 2.2.3-ish. I removed it and then sourced and installed 3.2. The install went well, but there are no documents or sample config files where I would expect to find them based on the documentation at the shorewall site. The following directories are mentioned at the Shorewall site, but do not exist on my system after installing the 3.2 deb. /usr/share/doc/shorewall/default-config There is a shorewall.conf in my /etc directory, but no modules or any sample files are to be found anywhere. Instead of a /usr/share/doc/shorewall/default-config directory, I have: rex:/usr/share/doc/shorewall-doc# ls -al total 2812 drwxr-xr-x 3 root root 4096 Mar 4 06:33 . drwxr-xr-x 306 root root 12288 Mar 4 06:38 .. -rw-r--r-- 1 root root 1110 Oct 15 14:23 changelog.gz -rw-r--r-- 1 root root 678 Apr 10 2005 copyright drwxr-xr-x 3 root root 4096 Mar 4 06:33 html -rw-r--r-- 1 root root 2843869 Oct 15 14:25 shorewall.pdf.gz Can someone shed some light for me on where I would find the modules file and the sample config files? THanks! Jon -- Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E http://www.jonwatson.ca +1.403.770.2837 "Trying to learn to hack on a DOS or Windows machine or under MacOS is like trying to learn to dance while wearing a body cast" - ESR ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Jon wrote:>I am attempting to install Shorewall on a new Debian box. I tried >installing it via apt-get, but found that the version in the repos is >2.2.3-ish. I removed it and then sourced and installed 3.2. The install >went well, but there are no documents or sample config files where I >would expect to find them based on the documentation at the shorewall site. > >The following directories are mentioned at the Shorewall site, but do >not exist on my system after installing the 3.2 deb. > >/usr/share/doc/shorewall/default-configThree suggestions : 1) Grab the deb package for Etch and manually sort out any dependencies. I see that my Etch box has Shorewall 3.2.6-2 installed. This can be an ''interesting'' experience ! 2) Look at the backports project (http://www.backports.org/) which takes the newer packages and does all the hard work for you. I see that also has 3.2.6. 3) Just grab the latest deb anyway, and manually extract the missing files. I think "dpkg --extract <package>" is what you need. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
On Sun, Mar 04, 2007 at 11:36:32AM +0000, Simon Hobson wrote:> Three suggestions : > > 1) Grab the deb package for Etch and manually sort out any > dependencies. I see that my Etch box has Shorewall 3.2.6-2 installed. > This can be an ''interesting'' experience ! > > 2) Look at the backports project (http://www.backports.org/) which > takes the newer packages and does all the hard work for you. I see > that also has 3.2.6. > > 3) Just grab the latest deb anyway, and manually extract the missing > files. I think "dpkg --extract <package>" is what you need.Curiously enough, you can usually grab the .deb binary package from sid and install it on sarge as-is - since there is no compiled code in shorewall, there are no dependency issues. You''ll need a kernel update from the one shipped with sarge, but aside from that it should work fine. It wouldn''t work for just about any other package, but it does work for shorewall. For some reason Tom doesn''t appear to have developed the fetish for backwards-incompatibility that plagues most projects. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Thanks for the info, guys. In reality, all I really need is the modules file. I can recreate the rules, policy, zones etc from the documentation on the site but I don''t know what the mdules file looks like. J --- Sent from the road... -----Original Message----- From: Andrew Suffield <asuffield@suffields.me.uk> Date: Sunday, Mar 4, 2007 4:59 am Subject: Re: [Shorewall-users] Debian 3.2 Sample Config Files? To: shorewall-users@lists.sourceforge.netReply-To: Shorewall Users <shorewall-users@lists.sourceforge.net> On Sun, Mar 04, 2007 at 11:36:32AM +0000, Simon Hobson wrote:> Three suggestions : > > 1) Grab the deb package for Etch and manually sort out any > dependencies. I see that my Etch box has Shorewall 3.2.6-2 installed. > This can be an ''interesting'' experience ! > > 2) Look at the backports project (http://www.backports.org/) which > takes the newer packages and does all the hard work for you. I see > that also has 3.2.6. > > 3) Just grab the latest deb anyway, and manually extract the missing > files. I think "dpkg --extract <package>" is what you need. > >Curiously enough, you can usually grab the .deb binary package from sid and install it on sarge as-is - since there is no compiled code in shorewall, there are no dependency issues. You''ll need a kernel update from the one shipped with sarge, but aside from that it should work >fine. > >It wouldn''t work for just about any other package, but it does work for shorewall. For some reason Tom doesn''t appear to have developed >the fetish for backwards-incompatibility that plagues most projects. > >------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT >Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash >http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >_______________________________________________ >Shorewall-users mailing list >Shorewall-users@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Andrew Suffield wrote:> ... > Curiously enough, you can usually grab the .deb binary package from > sid and install it on sarge as-is - since there is no compiled code in > shorewall, there are no dependency issues. You''ll need a kernel update > from the one shipped with sarge, but aside from that it should work > fine.I''ve never had a problem with just pinning Shorewall to testing: http://linuxman.wikispaces.com/PPPPPPS#tocPPPPPPS4 -- Paul <http://paulgear.webhop.net> -- Did you know? Using HTML email rather than plain text is less efficient, taking anywhere from 2 to 20 times longer to download, and a corresponding amount more space on disk. Learn more about using email efficiently at <http://www.expita.com/nomime.html>. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV