Shorewall users - Jul 2002 - Shorewall Upgrade

Is shorewall-1.3.3.lrp compatible with Bering-rc3?  Everytime I did the upgrade 
shorewall gets terminated with "/var/lib/shorewall/functions does not
exist!"

Is shorewall-1.3.3.lrp compatible with Bering-rc3?  Everytime I did the upgrade,
shorewall gets terminated with "/var/lib/shorewall/functions does not
exist!"

This was from an archive of last month messages.  From what I can tell
for shorewall 1.3.3. and 1.3.4, the fix as described  by Jacques Nilo is
still required.  I had upgraded to shorewall 1.3.3 and then to 1.3.4
using the fix for  my Bering RC3 box.
Karl K. Sakai.

Email Archive: leaf-user (read-only)
From: Steve Sobka <hickbot@fu...>=20
 Is this a bug with bering + shorwall.lrp or did I upgrade LATEST.lrp
wrong  =20
2002-06-20 10:33 =20
I originally posted this message to the shorewall mailing list and it
was
 suggested that I also post here as this seems to be a bering specific
issue
 relating to shorwall.lrp and/or the script used to backup the
shorwall.lrp
 file.
=20
=20
 I''ve included my original two message, including one from Karl K.
Sakai
 along with the two replies from Tom Eastep.
=20
=20
 My original message was:
=20
 I recently tried upgrading from the shorewall that comes with Bering
1.0-rc2
 (shorwall.lrp 1.2.x I think) to the LATEST.lrp on the shorewall site as
of
 6/19/2002.
=20
 After I upgraded it worked fine on the first reboot, I copied my old
rules,
 interfaces, etc.. files into
 the /etc/shorewall directory.
=20
 I issued a shorewall stop and shorewall start command and everything
loaded
 correctly.
=20
 I went to the lrcfg program and backed up ''shorwall.lrp'' and
it
completes
 successfully.
=20
 I rebooted the computer and this time shorewall would not load.  I
dropped
 to a console and when I type: shorewall
=20
 I get this error message:
=20
 /var/lib/shorewall/functions does not exist!
=20
 If I mkdir the functions directory, shorewall then it complains that
 ''firewall'' does not exist?
=20
 Is this an issue with the lrpcfg script that backs up shorewall? is it
still
 trying to use the old directory structure to back up the config files?
=20
 FYI, I am not using Bering 1.0-rc3...
=20
 note: the only files I coppied from my older shorewall into the
 /etc/shorewall directory where:
 blacklist,interfaces,masq,policy,proxyarp,rules,tos,zones
=20
 Steve Sobka
 hickbot@fuzzylinux.net
=20
=20
 ----------------------------------------------------------
=20
 Karl K. Sakai''s original message:
=20
 I thought I was goin nuts.  I tried to update using Bering 1.0 RC3 with
 the shorewall 1.3.2 in the same manner.  Files I copied were blacklist,
 masq, interfaces, policy and rules.  I kept getting the same error
 message "/var/lib/shorewallfunctions does not exist".  I was watching
 the mailing list to see if I was the one with this problem.  I have
 tried this on two attempts, both with shorewal 1.3.2.  Previously I
have
 been using Bering 1.0 RC2 with shorewall 1.3.1.
=20
 Karl K. Sakai
=20
 ----------------------------------------------------------
=20
 Reply from Tom Eastep:
=20
 Sounds like /var/lib/shorewall isn''t being backed up. The
 /var/lib/lrpkg/shorwall.list file that''s included with Shorwall 1.3.2
 includes /var/lib/shorewall and I assume that file drives the backup.
Do
 you possibly still have the old file installed?
=20
 -Tom
=20
 ----------------------------------------------------------
=20
 My reply to Tom:
=20
 It''s possible I do... I assumed I did not because of the way I
upgraded:
=20
 Logon to firewall at console and drop to shell,
=20
 1) mount floppy, rename shorwall.lrp on Bering 1.0-rc2 to shorwall.bak
 2) copy LATEST.lrp to shorwall.lrp on Bering 1.0-rc2 disk
 3) reboot box
 4) mount floppy, copy shorwall.bak /tmp
 5) cd /tmp ; tar -zxvpf shorwall.bak
 6) cp /tmp/etc/shorewall/*.files_I_need /etc/shorewall
 7) rm -rf /tmp/*
 8) shorewall stop (no errors)
 9) shorewall start (no errors), loc, dmz, etc.. all work fine...
 10) umount floppy
 11) lrcfg, (b)ackup, shorwall.lrp, backup completed, no errors.
 12) reboot box
 13) when system restarts I cannot browse the net from loc, or dmz, I
logon
 at console...
 14) type:  shorewall
 15) get error messages about /var/lib/shorewall/functions not being
found...
=20
 I thought that by installing this way, I would be avoiding having two
 seperate versions running at the same time.  My guess is it''s the new
 shorewall directory structure for the ''firewall'' and version
files and
them
 not being backed up when the shorwall.lrp file is created from the
backup
 program?  But what do I know, I am just a hickbot! :-)
=20
 Hope this helps debug...
=20
 P.S. I think I forgot to mention that I was also using shorewall 1.3.1,
the
 one that was listed on the leaf.sf.net site under ''news'' as
of May 31,
2002.
=20
 Steve Sobka
=20
=20
 ----------------------------------------------------------
=20
 Toms reply:
=20
 Well, I don''t run Bering here at all so it will have to be one of the
 Bering folks who gives you a hand. I suggest posting on the LEAF list
as
 well.
=20
 -Tom
=20
=20
 ----------------------------------------------------------
=20
 That''s where I am... Anyone have any ideas? clues? Suggestions?
=20
 Steve Sobka
 hickbot@fuzzylinux.net
=20
=20
=20
 From=20
=20
=20
From: Jacques Nilo <jnilo@us...>=20
 Re: Is this a bug with bering + shorwall.lrp or did I upgrade
LATEST.lrp wrong  =20
2002-06-20 11:08 =20
Le Jeudi 20 Juin 2002 19:33, Steve Sobka a =E9crit :
 > I originally posted this message to the shorewall mailing list and it
was
 > suggested that I also post here as this seems to be a bering specific
issue
 > relating to shorwall.lrp and/or the script used to backup the
shorwall.lrp
 > file.
=20
 Steve
 Yes for some reason still unclear to me /var/lib/shorewall directory is
not=20
 backuped by lrcfg.=20
 The shorwall.lrp that I uploaded yesterday was therefore uncomplete.
 The fix is to replace
 var/lib/shorewall
 by
 var/lib/shorewall/  (notice the / at the end)
 in /var/lib/lrpkg/shorwall.list
 Then everything will be backuped OK. I still have to  understand this
:-)
 Might be related to the new gzip code in bbox 0.60.3.=20
 In the meanwhile, the shorwall.lrp package in /bering/update has been
updated=20
 with the above mentionned fix
 Jacques
=20
=20


     =20

=20

 =20

=20
Powered by SourceForge(tm) collaborative software development (CSD)
platform from VA Software
=20


-----Original Message-----
From: shorewall-users-admin@shorewall.net
[mailto:shorewall-users-admin@shorewall.net] On Behalf Of Godfried Duodu
Sent: Saturday, July 20, 2002 13:07
To: rogan@lynchdom.dyndns.org; shorewall-users@shorewall.net;
teastep@shorewall.net; zmully@smartbrief.com
Subject: [Shorewall-users] Shorewall Upgrade


Is shorewall-1.3.3.lrp compatible with Bering-rc3?  Everytime I did the
upgrade  shorewall gets terminated with "/var/lib/shorewall/functions
does not exist!"


_______________________________________________
Shorewall-users mailing list
Shorewall-users@shorewall.net
http://www.shorewall.net/mailman/listinfo/shorewall-users

I have gotten it working....... Though I did have that problem. rename the 
old shorwall.lrp after taring your configuration files and saving them to 
disk. Replace the shorwall.lrp with the new one & reboot. See if with a 
virgin configuration it works. Then replace your configuration &see if it 
still works (do not cp or otherwise replace the entire contents of the 
/etc/shorewall this screwed me at least once)

I msged tom about this back when 1.3.3 was released, but apparently
it''s a
problem with bering not shorewall. Also check to make sure the lrp (a tgz 
file) contains the /etc/lib/functions and is in everyway comparablt to the 
old lrp

Hope that''s helpful


At 04:15 PM 7/20/2002, Godfried Duodu wrote:
>Is shorewall-1.3.3.lrp compatible with Bering-rc3?  Everytime I did the 
>upgrade,  shorewall gets terminated with "/var/lib/shorewall/functions 
>does not exist!"