I just installed stock shorewall-3.4.2 and shorewall-perl-3.9.0 under
Cygwin on this Windows XP system. I downloaded the two-interface sample
and modified shorewall.conf by adding "SHOREWALL_COMPILER=perl". I
copied a capabilities file from my desktop and:
teastep@EASTEPNC6000 ~/Configs/test
$ shorewall check .
Checking...
Checking /home/teastep/Configs/test/zones...
Checking /home/teastep/Configs/test/interfaces...
Determining Hosts in Zones...
Preprocessing Action Files...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Checking /home/teastep/Configs/test/policy...
Checking /home/teastep/Configs/test/routestopped for critical hosts...
Checking /home/teastep/Configs/test/routestopped...
Adding Anti-smurf Rules
Adding rules for DHCP
Checking /usr/share/shorewall/rfc1918...
Checking TCP Flags filtering...
Checking Kernel Route Filtering...
Checking Martian Logging...
Checking /home/teastep/Configs/test/masq...
Checking MAC Filtration -- Phase 1...
Checking /home/teastep/Configs/test/rules...
Generating Transitive Closure of Used-action List...
Processing /usr/share/shorewall/action.Reject for chain Reject...
Processing /usr/share/shorewall/action.Drop for chain Drop...
Checking MAC Filtration -- Phase 2...
Applying Policies...
Generating Rule Matrix...
Creating iptables-restore input...
Shorewall configuration verified
teastep@EASTEPNC6000 ~/Configs/test $ shorewall compile . firewall
Compiling...
Compiling /home/teastep/Configs/test/zones...
Compiling /home/teastep/Configs/test/interfaces...
Determining Hosts in Zones...
Preprocessing Action Files...
Pre-processing /usr/share/shorewall/action.Drop...
Pre-processing /usr/share/shorewall/action.Reject...
Compiling /home/teastep/Configs/test/policy...
Compiling /home/teastep/Configs/test/routestopped for critical hosts...
Compiling /home/teastep/Configs/test/routestopped...
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling /usr/share/shorewall/rfc1918...
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling /home/teastep/Configs/test/masq...
Compiling MAC Filtration -- Phase 1...
Compiling /home/teastep/Configs/test/rules...
Generating Transitive Closure of Used-action List...
Processing /usr/share/shorewall/action.Reject for chain Reject...
Processing /usr/share/shorewall/action.Drop for chain Drop...
Compiling MAC Filtration -- Phase 2...
Applying Policies...
Generating Rule Matrix...
Creating iptables-restore input...
Shorewall configuration compiled to /home/teastep/Configs/test/firewall
teastep@EASTEPNC6000 ~/Configs/test $ grep Compiled firewall
# Compiled firewall script generated by Shorewall-perl 3.9.0-1 - Sun Apr
1 18:58:24 2007
teastep@EASTEPNC6000 ~/Configs/test
-Tom
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
On 4/2/07, Tom Eastep <teastep@shorewall.net> wrote:> I just installed stock shorewall-3.4.2 and shorewall-perl-3.9.0 under > Cygwin on this Windows XP system. I downloaded the two-interface sample > and modified shorewall.conf by adding "SHOREWALL_COMPILER=perl". I > copied a capabilities file from my desktop and: > teastep@EASTEPNC6000 ~/Configs/test $ shorewall compile . firewall...> Shorewall configuration compiled to /home/teastep/Configs/test/firewall > teastep@EASTEPNC6000 ~/Configs/test $ grep Compiled firewall > # Compiled firewall script generated by Shorewall-perl 3.9.0-1 - Sun Apr > 1 18:58:24 2007 > teastep@EASTEPNC6000 ~/Configs/testThe horror! Generating nice shorewall output from a Windows XP machine ;-)... Imagine someone writing a VB front-end for shorewall to make it easy to generate iptables rules.. Almost sounds like an April Fools joke :-)).. That offers one more option for all of us! Thanks! Prasanna. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Prasanna Krishnamoorthy wrote:> Almost sounds like an April Fools joke :-))..Yes, I know. I hesitated to release it on "April Fools Day" but I have a busy schedule this week and I''ll be out of town next weekend so it was now or wait two weeks. In addition: - I will be building a new server during my evenings this week - I will be speaking at the local Linuxfest on April 30; and - I haven''t done anything to prepare for my talk yet :-(. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
On Sun, 2007-04-01 at 19:13, Tom Eastep wrote:> I just installed stock shorewall-3.4.2 and shorewall-perl-3.9.0 under > Cygwin on this Windows XP system. I downloaded the two-interface sample > and modified shorewall.conf by adding "SHOREWALL_COMPILER=perl". I > copied a capabilities file from my desktop and:<snip> Nice to see your new code works cross-platform. :-) -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sitedocs ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Tom Eastep escribió:> - I will be building a new server during my evenings this weekif you need help with "web stuff" let me to know ;-) ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV