Hi.
By default there are no files in /etc/shorewall. I have set up shorewall
through webmin. Which created some files that contained only setting (no
commends) but somehow server stoped to be accesible. When I started
shorewall through console, I could see: "Warning: Zone loc is empty."
So
I deleted all /etc/shorewall/* files and copied same files from
"/usr/share/doc/shorewall/default-config/" and edited the same setting
as was done by webmin. Then it worked. Diference betwen files was only,
that files from "/usr/share/doc/shorewall/default-config/" had also
commend lines #....
Do you anderstand it?
Thanks
Dexter
Dexter wrote:> Hi. > By default there are no files in /etc/shorewall. I have set up shorewall > through webmin. Which created some files that contained only setting (no > commends) but somehow server stoped to be accesible. When I started > shorewall through console, I could see: "Warning: Zone loc is empty." So > I deleted all /etc/shorewall/* files and copied same files from > "/usr/share/doc/shorewall/default-config/" and edited the same setting > as was done by webmin. Then it worked. Diference betwen files was only, > that files from "/usr/share/doc/shorewall/default-config/" had also > commend lines #.... > Do you anderstand it?You really should have followed the appropriate QuickStart Guide (http://www.shorewall.net/shorewall_quickstart_guide.htm) to set up Shorewall WITHOUT WEBMIN. The Webmin tool is not meant to be used for initial Shorewall installation (it is my opinion in fact that the Webmin tool is so many releases behind the current version of Shorewall that it is pretty near useless even after Shorewall has been installed). As for the empty /etc/shorewall, the QuickStart Guides cover that -- it is a Debian-specific issue. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:>Dexter wrote: > > >>Hi. >>By default there are no files in /etc/shorewall. I have set up shorewall >>through webmin. Which created some files that contained only setting (no >>commends) but somehow server stoped to be accesible. When I started >>shorewall through console, I could see: "Warning: Zone loc is empty." So >>I deleted all /etc/shorewall/* files and copied same files from >>"/usr/share/doc/shorewall/default-config/" and edited the same setting >>as was done by webmin. Then it worked. Diference betwen files was only, >>that files from "/usr/share/doc/shorewall/default-config/" had also >>commend lines #.... >>Do you anderstand it? >> >> > >You really should have followed the appropriate QuickStart Guide >(http://www.shorewall.net/shorewall_quickstart_guide.htm) to set up Shorewall >WITHOUT WEBMIN. The Webmin tool is not meant to be used for initial Shorewall >installation (it is my opinion in fact that the Webmin tool is so many releases >behind the current version of Shorewall that it is pretty near useless even >after Shorewall has been installed). > >As for the empty /etc/shorewall, the QuickStart Guides cover that -- it is a >Debian-specific issue. > >-Tom > >That is write, that after I copied files from /usr/share/doc/shorewall/default-config/ (as said in QuickStart Guides) and edited. Than it worked fine. Configuration was simple and only diference between files from webmin and from /usr/share/doc/shorewall/default-config/ where, that files from /usr/share/doc/shorewall/default-config/ had comments, while files from webmin had none. Does comment matters in config files? It is strange if yes. Thanks Dexter
Dexter wrote:>> > That is write, that after I copied files from > /usr/share/doc/shorewall/default-config/ (as said in QuickStart Guides) and edited. > Than it worked fine. Configuration was simple and only diference between files from > webmin and from /usr/share/doc/shorewall/default-config/ where, that files > from /usr/share/doc/shorewall/default-config/ had comments, while files from webmin > had none.If Shorewall was reporting that the loc zone was empty with the webmin-generated files then I don''t believe that those files were the same as your current files except for comments.> Does comment matters in config files? It is strange if yes.The comments *do not* matter. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:>Dexter wrote: > > > >>That is write, that after I copied files from >>/usr/share/doc/shorewall/default-config/ (as said in QuickStart Guides) and edited. >>Than it worked fine. Configuration was simple and only diference between files from >>webmin and from /usr/share/doc/shorewall/default-config/ where, that files >>from /usr/share/doc/shorewall/default-config/ had comments, while files from webmin >>had none. >> >> > >If Shorewall was reporting that the loc zone was empty with the webmin-generated >files then I don''t believe that those files were the same as your current files >except for comments. > > > >>Does comment matters in config files? It is strange if yes. >> >> > >The comments *do not* matter. > >-Tom > >I forgot about "shorewall.conf" file, this file was also generated by webmin and i did not check it. There could be a problem. Anyway, now it is working. Thank you wery much for explanation. Dexter