Hi, I''m currently running 2.0.17 and looking at upgrading, I noticed on the website that we''ve started on the 3.0.3. I use Red Hat so use Simon Matter''s RPM releases. On the shorewall website, I tried to find the changes put into 3.0.3 compared to the version I''m running, so that if I was to issue a RPM upgrade of my installation, to see what files need to be changed in order for shorewall to work, but couldn''t find anything related to this. Has anyone performed an upgrade of this sort ie. from an old 2.0.x series to 3.0.x? if so, were there any gotchas or was it just a nice clean upgrade? In an ideal world, I''d hope an RPM upgrade would do the trick and my currently configured files for shorewall 2.0.x would just work, but thought I''d ask here before taking the plunge. Thanks. Michael. Send instant messages to your online friends http://au.messenger.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
Michael Mansour wrote:> Hi, > > I''m currently running 2.0.17 and looking at upgrading, > I noticed on the website that we''ve started on the > 3.0.3. > > I use Red Hat so use Simon Matter''s RPM releases. > > On the shorewall website, I tried to find the changes > put into 3.0.3 compared to the version I''m running, so > that if I was to issue a RPM upgrade of my > installation, to see what files need to be changed in > order for shorewall to work, but couldn''t find > anything related to this. > > Has anyone performed an upgrade of this sort ie. from > an old 2.0.x series to 3.0.x? if so, were there any > gotchas or was it just a nice clean upgrade? > > In an ideal world, I''d hope an RPM upgrade would do > the trick and my currently configured files for > shorewall 2.0.x would just work, but thought I''d ask > here before taking the plunge. > > Thanks. > > Michael. >did you read the release notes and the Upgrade issues right ??'' http://www1.shorewall.net/upgrade_issues.htm
Hi Christian,> Michael Mansour wrote: > > Hi, > > > > I''m currently running 2.0.17 and looking at > upgrading, > > I noticed on the website that we''ve started on the > > 3.0.3. > > > > I use Red Hat so use Simon Matter''s RPM releases. > > > > On the shorewall website, I tried to find the > changes > > put into 3.0.3 compared to the version I''m > running, so > > that if I was to issue a RPM upgrade of my > > installation, to see what files need to be changed > in > > order for shorewall to work, but couldn''t find > > anything related to this. > > > > Has anyone performed an upgrade of this sort ie. > from > > an old 2.0.x series to 3.0.x? if so, were there > any > > gotchas or was it just a nice clean upgrade? > > > > In an ideal world, I''d hope an RPM upgrade would > do > > the trick and my currently configured files for > > shorewall 2.0.x would just work, but thought I''d > ask > > here before taking the plunge. > > > > Thanks. > > > > Michael. > > > did you read the release notes and the Upgrade > issues right ??'' > > http://www1.shorewall.net/upgrade_issues.htmThat is exactly what I was looking for, I rarely visit the website unless I need to upgrade so didn''t know where to find this type of information. Many thanks. Michael. Send instant messages to your online friends http://au.messenger.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
Hi,> > Michael Mansour wrote: > > > Hi, > > > > > > I''m currently running 2.0.17 and looking at > > upgrading, > > > I noticed on the website that we''ve started on > the > > > 3.0.3. > > > > > > I use Red Hat so use Simon Matter''s RPM > releases. > > > > > > On the shorewall website, I tried to find the > > changes > > > put into 3.0.3 compared to the version I''m > > running, so > > > that if I was to issue a RPM upgrade of my > > > installation, to see what files need to be > changed > > in > > > order for shorewall to work, but couldn''t find > > > anything related to this. > > > > > > Has anyone performed an upgrade of this sort ie. > > from > > > an old 2.0.x series to 3.0.x? if so, were there > > any > > > gotchas or was it just a nice clean upgrade? > > > > > > In an ideal world, I''d hope an RPM upgrade would > > do > > > the trick and my currently configured files for > > > shorewall 2.0.x would just work, but thought I''d > > ask > > > here before taking the plunge. > > > > > > Thanks. > > > > > > Michael. > > > > > did you read the release notes and the Upgrade > > issues right ??'' > > > > http://www1.shorewall.net/upgrade_issues.htm > > That is exactly what I was looking for, I rarely > visit > the website unless I need to upgrade so didn''t know > where to find this type of information. > > Many thanks. > > Michael.Just as an update. I updated two firewalls now to shorewall-2.4.7-1 from 2.0.17-1 I didn''t encounter any real dramas except for the fact that when using Simon Matter''s RPM, the /etc/shorewall/tos file was extracted from the update archive and my current /etc/shorewall/tos file was deleted in the process. This happened on both firewalls. The first firewall I upgraded from 2.0.17 to 2.2.6 (where the tos file was replaced with an "empty" one - ie. no tos entries) and then upgraded to 2.4.7 (which did notice the tos file and created the new tos.rpmnew) The second firewall I just went straight from 2.0.17 to 2.4.7, and the /etc/shorewall/tos file was just written over with an "empty" one. Other than that all went fine. I took a look at the upgrade to 3.0.3 at that point and it seems a little more involved, so I think I''ll leave that to another time - I don''t like too many changes before the dust settles :) Thanks for that link once again. Michael. Send instant messages to your online friends http://au.messenger.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
Michael Mansour wrote:> Just as an update. I updated two firewalls now to > shorewall-2.4.7-1 from 2.0.17-1 > > I didn''t encounter any real dramas except for the fact > that when using Simon Matter''s RPM, the > /etc/shorewall/tos file was extracted from the update > archive and my current /etc/shorewall/tos file was > deleted in the process.Oops .seems Simon forgot "%noreplace" for tos file..
> Michael Mansour wrote: > >> Just as an update. I updated two firewalls now to >> shorewall-2.4.7-1 from 2.0.17-1 >> >> I didn''t encounter any real dramas except for the fact >> that when using Simon Matter''s RPM, the >> /etc/shorewall/tos file was extracted from the update >> archive and my current /etc/shorewall/tos file was >> deleted in the process. > > > Oops .seems Simon forgot "%noreplace" for tos file..Interesting, I''d like to learn more about this. All my shorewall packages from http://www.invoca.ch/pub/packages/shorewall/ have this in the spec: %attr(0755,root,root) %dir %{_sysconfdir}/%{name} %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/%{name}/* This applies to all packages from 2.0.17 to 3.0.3. I just tried upgrading a 2.0.17 to 3.0.3 and got this: [root@wurro tmp]# rpm -Fvh /mnt/nfs/Linux/Invoca/packages/shorewall/3.0/shorewall-3.0.3/shorewall-3.0.3-1.noarch.rpm Preparing... ########################################### [100%] 1:shorewall warning: /etc/shorewall/tos created as /etc/shorewall/tos.rpmnew ########################################### [100%] Works as expected from my point of view. Simon> > >------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
Hi Simon,> >> Just as an update. I updated two firewalls now to > >> shorewall-2.4.7-1 from 2.0.17-1 > >> > >> I didn''t encounter any real dramas except for the > fact > >> that when using Simon Matter''s RPM, the > >> /etc/shorewall/tos file was extracted from the > update > >> archive and my current /etc/shorewall/tos file > was > >> deleted in the process. > > > > Oops .seems Simon forgot "%noreplace" for tos > file.. > > Interesting, I''d like to learn more about this. All > my shorewall packages > from http://www.invoca.ch/pub/packages/shorewall/ > have this in the spec: > > %attr(0755,root,root) %dir %{_sysconfdir}/%{name} > %attr(0600,root,root) %config(noreplace) > %{_sysconfdir}/%{name}/* > > This applies to all packages from 2.0.17 to 3.0.3. I > just tried upgrading > a 2.0.17 to 3.0.3 and got this: > [root@wurro tmp]# rpm -Fvh >/mnt/nfs/Linux/Invoca/packages/shorewall/3.0/shorewall-3.0.3/shorewall-3.0.3-1.noarch.rpm> Preparing... > ########################################### > [100%] > 1:shorewall warning: > /etc/shorewall/tos created as > /etc/shorewall/tos.rpmnew > ########################################### [100%] > > Works as expected from my point of view. > > SimonYeah I can''t explain it mate, all the other files generated the .rpmnew (all of the oes that I had modified) except for the tos file. I have no idea why, it just did that. Michael. Send instant messages to your online friends http://au.messenger.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click