similar to: Shorewall recipe BETA, need comments !!

Hello, I use some define in classes like class foo { define bar() {} } before in .22.4 i had require => Bar[''mybar''] on object and it worked. Now i have : err: Could not apply complete configuration: Could not retrieve dependency ''Shorewall-realize[shorewall.conf]'' at /etc/puppet/manifests/classes/shorewall.pp: for exemple. Do anyone knwo why it

sorry to come with such a silly request but i have a code: shorewall-zone { "$name": SHTYPE => ''ipv4'', PARENT => "$PARENT" } and it bring a syntax error : debug: importing

Greetings - Maybe I''m a bit slow, but I''ve been trying to understand how to use a module for the better part of a day and I''m not getting it. Here''s what I''ve done: Using puppet 0.23.2 1. Downloaded the shorewall module from David Schmitt''s git repo (Thanks David!!!!) and placed it in the directory /var/lib/puppet/modules (using the rpm

I have a little issue with purging. I use: file { [''/etc/shorewall/puppet'',''/etc/shorewall/puppet/rules'']: ensure => directory, mode => 0700, recurse => true, purge => true, } but purging does not work, i can do a touch

i got a little idea there, should not puppet use environement LANG=C when managing facts or packages etc... ? i have LANG=fr_FR.UTF-8 and puppet choke on quite a few facts (erors messages with uname for exemple: Pour en savoir davantage, faites: « uname --help ». ) and also with packages updates : /usr/bin/apt-cache policy mysql-client-4.1 => err:

Hello, As i still have issue i wonder if anyone using this version of openssl ? OpenSSL 0.9.7e-p1 I still cannot make puppet accept Certificate on freeBSD6 with this openssl version. I got the famous error 7 at 1 depth lookup:certificate signature failure and i havent find a way to get around that :( -- Cordialement, Ghislain _______________________________________________

Hi, I have a little trickky thing i wanted to do with puppet, mainly this is configuring web host on servers. I have a tree like this : NODE - WEB -APACHE - 1.x - 2.x - FTP - VSFTP - PROFTPD - STATS -AWSTATS - if FTP then configure awstats for awstats - URCHIN5 So my issue is that i want to be able to have

Although Shorewall provides safeguards against it, people seem to regularly shoot themselves in the foot when doing remote system administration. I''ve been thinking about this problem and wonder if a change to the way that "shorewall stop" behaves might help. Today, "shorewall stop" stops all traffic except to/from those destinations listed in

I get this enabling the option "routestopped" in my interface (eth0, net, one interface): Failed to apply configuration : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... ERROR: Invalid Interface option (routestopped) : /etc/shorewall/interfaces (line 11) Means that routestopped don''tt work, is it? Then, what could i do? Thank you very

Hi. I set, for example, a rule with a host server: Macro.http accept fw net:www.google.es I restart shorewall and it works, but when i stop the firewall for disabling Internet (for any reason), and i want start the firewall it says: Failed to start firewall : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... WARNING: Support for the detectnets interface

Hi. I set, for example, a rule with a host server: Macro.http accept fw net:www.google.es I restart shorewall and it works, but when i stop the firewall for disabling Internet (for any reason), and i want start the firewall it says: Failed to start firewall : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... WARNING: Support for the detectnets interface

Hi all, I''m working on a patch for shorewall to make it run with a Crossbeam X40 machine (www.crossbeamsystems.com) and I would like to know where to send it, is this list the correct location?. The patch is necesary because of Crossbeam X series running mode: when you make a shorewall start, restart or clear, there are a packet dropping until shorewall is Started or cleaned. At

I believe that 2.4.0 is about ready to be sent out the door. I''ve made a couple of small changes since RC2 but I don''t believe that they warrant another RC. There remains the issue of what to do about support for Shorewall 2.0 given that 2.2 has only been available since March. It would be my recommendation to make 2.4 the new "stable" release but continue to

Hello, i use a file type to manage sysctl.conf. For some work i override this file by doign File[''/etc/sysctl.conf''] and i have an exec refresh only to run sysctl -p so it reread the sysctl.conf file if changed. My issue is that at each run i got, i start in state when i see the overriden one on the server: 1st run, i have the basic sysctl.conf not the ovveriden one

Hi all, I''m having problems making some manifest work, and it''s so simple that I don''t know where the issue is: I get this error message when trying to load this vhost.pp file: "Could not retrieve configuration: Syntax error at ''}'' in file /etc/puppet/manifests/classes/vhost.pp at line 9" define vhost ( $domain, $admin, $docroot, $enable )

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello I try to setup a bridge firewall base on http://shorewall.net/bridge.html I''m using shorewall-1.4.10g-1. I doublecheck on /etc/shorewall/routestopped file on my firewall, and there is no "OPTIONS" options. Should I use different shorewall version ? Thanks -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)

I was wondering how to trigger a configration run remotely. Is this possible? Looking through the docs, I see mention that puppet can listen on port 8139, but I don''t see that this is the case on my servers. Can someone please enlighten me as to the proper method of doing this, if it can indeed be done? Thanks!

Hi! I am looking for suggestions how I can add rules (or change the configuration otherwise) without interrupting of services. Right now, when I need to do a ''shorewall restart'' all services are not available during this time. I tried playing with the ''routestopped'' parameter but without success. How do you get around this? Thanks in advance, Christian

Hi all, I have just started using shorewall. So far so good. I have two questions which I cant find an answer to either on the website or googling. They may be stupid so please forgive my ignorance. 1) What is shorewalls preferred operating status, running or stopped? What I mean is, some firewalls start-up and run, and they do their thing, then they stop. But the firewall is still really

hi all, i have a classic net topology with two local zone, a firewall/router with dsl connection loc1 (192.168.11.0/24) ----- fw ----- net loc2 (192.168.12.0/24) now on the local zone 1 (on a WinXP machine) i have installed OpenVPN 2.x to make a test connection with a company. OpenVPN is configured as client to use tun on udp port 10000 with ip 10.0.0.2, on the other