diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh
index 69387aa32..fb677ac8e 100755
--- a/Shorewall-init/install.sh
+++ b/Shorewall-init/install.sh
@@ -297,8 +297,8 @@ fi
#
# Create /usr/share/shorewall-init if needed
#
-mkdir -p ${DESTDIR}/usr/share/shorewall-init
-chmod 755 ${DESTDIR}/usr/share/shorewall-init
+mkdir -p ${DESTDIR}${SHAREDIR}/shorewall-init
+chmod 755 ${DESTDIR}${SHAREDIR}/shorewall-init
#
# Install logrotate file
@@ -311,14 +311,14 @@ fi
#
# Create the version file
#
-echo "$VERSION" > ${DESTDIR}/usr/share/shorewall-init/version
-chmod 644 ${DESTDIR}/usr/share/shorewall-init/version
+echo "$VERSION" > ${DESTDIR}/${SHAREDIR}/shorewall-init/version
+chmod 644 ${DESTDIR}${SHAREDIR}/shorewall-init/version
#
# Remove and create the symbolic link to the init script
#
if [ -z "$DESTDIR" ]; then
- rm -f /usr/share/shorewall-init/init
+ rm -f ${SHAREDIR}/shorewall-init/init
ln -s ${INITDIR}/${INITFILE} ${SHAREDIR}/shorewall-init/init
fi
diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh
index e973bf19b..f751dbcb8 100755
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@@ -303,8 +303,8 @@ if [ -z "$DESTDIR" -a -d ${CONFDIR}/$PRODUCT ]; then
mv -f ${CONFDIR}/$PRODUCT/shorewall.conf ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
rm -rf ${DESTDIR}${CONFDIR}/$PRODUCT
- rm -rf ${DESTDIR}/usr/share/$PRODUCT
- rm -rf ${DESTDIR}/var/lib/$PRODUCT
+ rm -rf ${DESTDIR}${SHAREDIR}/$PRODUCT
+ rm -rf ${DESTDIR}${VARDIR}/$PRODUCT
[ "$LIBEXECDIR" = /usr/share ] || rm -rf ${DESTDIR}/usr/share/$PRODUCT/wait4ifup ${DESTDIR}/usr/share/$PRODUCT/shorecap
fi
@@ -327,9 +327,9 @@ echo "$Product control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT"
# Create ${CONFDIR}/$PRODUCT, /usr/share/$PRODUCT and /var/lib/$PRODUCT if needed
#
mkdir -p ${DESTDIR}${CONFDIR}/$PRODUCT
-mkdir -p ${DESTDIR}/usr/share/$PRODUCT
+mkdir -p ${DESTDIR}${SHAREDIR}/$PRODUCT
mkdir -p ${DESTDIR}${LIBEXECDIR}/$PRODUCT
-mkdir -p ${DESTDIR}/var/lib/$PRODUCT
+mkdir -p ${DESTDIR}${VARDIR}/$PRODUCT
chmod 755 ${DESTDIR}${CONFDIR}/$PRODUCT
chmod 755 ${DESTDIR}/usr/share/$PRODUCT
diff --git a/Shorewall/install.sh b/Shorewall/install.sh
index 26b49e305..0cd1f4be4 100755
--- a/Shorewall/install.sh
+++ b/Shorewall/install.sh
@@ -371,7 +371,7 @@ mkdir -p ${DESTDIR}/${CONFDIR}/$PRODUCT
mkdir -p ${DESTDIR}${LIBEXECDIR}/$PRODUCT
mkdir -p ${DESTDIR}${PERLLIBDIR}/Shorewall
mkdir -p ${DESTDIR}${SHAREDIR}/$PRODUCT/configfiles
-mkdir -p ${DESTDIR}/var/lib/$PRODUCT
+mkdir -p ${DESTDIR}${VARDIR}/$PRODUCT
chmod 755 ${DESTDIR}${CONFDIR}/$PRODUCT
chmod 755 ${DESTDIR}${SHAREDIR}/$PRODUCT
diff --git a/docs/FAQ.xml b/docs/FAQ.xml
index c146d65d6..4ede4eb11 100644
--- a/docs/FAQ.xml
+++ b/docs/FAQ.xml
@@ -247,7 +247,7 @@ DNAT net:address loc:local-IP-address
You are trying to test from inside your firewall (no, that
- won't work -- see ).
+ won't work -- see ).
@@ -949,6 +949,20 @@ DNAT loc dmz:192.168.2.4 tcp 80 -
Open Ports
+
+ (FAQ 100) With Shorewall started, the output of 'iptables -L'
+ looks like my firewall is wide open!
+
+ Answer: The problem here is that
+ a bare iptables -L command produces totally useless
+ output. Use shorewall show instead.
+
+
+ The shorewall show command is a wrapper
+ around iptables -L -n -v.
+
+
+
(FAQ 51) How do I Open Ports in Shorewall?
@@ -2871,7 +2885,7 @@ Shorewall has detected the following iptables/netfilter capabilities:
Persistent SNAT: Available
gateway:~#
-
+