Hello, Usually when i''ve a hole to poke through firewalls, i have many hosts to update : workstation firewall, lan firewall, the other lan firewall, and the server behind the last firewall. all of them are managed with shorewall... Is there a smart way to update them all at once ? What you guys do on your firewalls ? thanks. -- xavier
xavier wrote:> Hello, > > Usually when i''ve a hole to poke through firewalls, > i have many hosts to update : > > workstation firewall, lan firewall, the other lan firewall, and the > server behind the last firewall. > > all of them are managed with shorewall... > > Is there a smart way to update them all at once ? > > What you guys do on your firewalls ?I have a shorewall generator script (which i''ve very creatively called "shoregen") which i use to do this. It''s not polished enough to release yet, but i''m happy to share it (and feedback on how it works for you would be good, too). -- Paul http://paulgear.webhop.net -- A: Because we read from top to bottom, left to right. Q: Why should i start my email reply *below* the quoted text? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20040420/0fb93c76/signature.bin
On Tue, Apr 20, 2004 at 07:27:36AM +1000, Paul Gear wrote:> xavier wrote: > > Hello, > > > > Usually when i''ve a hole to poke through firewalls, > > i have many hosts to update : > > > > workstation firewall, lan firewall, the other lan firewall, and the > > server behind the last firewall. > > > > all of them are managed with shorewall... > > > > Is there a smart way to update them all at once ? > > > > What you guys do on your firewalls ? > > I have a shorewall generator script (which i''ve very creatively called > "shoregen") which i use to do this. It''s not polished enough to release > yet, but i''m happy to share it (and feedback on how it works for you > would be good, too). >sure, please post on the list ! thanks -- xavier
xavier wrote:> ... > > sure, please post on the list !OK - i''m working on cleaning them up a bit now, and will post them on my web site with an announcement here when i''m ready. -- Paul http://paulgear.webhop.net -- A: Because we read from top to bottom, left to right. Q: Why should i start my email reply *below* the quoted text? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20040421/5c587fed/signature.bin