extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 09:47:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove the controversial symbolic link /sbin/shorewall

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4079 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-06-12 17:48:20 +00:00
parent ac636aabb2
commit b52477a629
21 changed files with 91 additions and 222 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall-lite/Makefile
View File

@ -5,13 +5,13 @@ RESTOREFILE?=.restore
all: $(VARDIR)/${RESTOREFILE} all: $(VARDIR)/${RESTOREFILE}
$(VARDIR)/${RESTOREFILE}: $(SHAREDIR)/firewall $(VARDIR)/${RESTOREFILE}: $(SHAREDIR)/firewall
@/usr/share/shorewall-lite/shorewall -q save >/dev/null; \ @/sbin/shorewall-lite -q save >/dev/null; \
if \ if \
/usr/share/shorewall-lite/shorewall -q restart >/dev/null 2>&1; \ /sbin/shorewall-lite -q restart >/dev/null 2>&1; \
then \ then \
/usr/share/shorewall-lite/shorewall -q save >/dev/null; \ /sbin/shorewall-lite -q save >/dev/null; \
else \ else \
/usr/share/shorewall-lite/shorewall -q restart 2>&1 | tail >&2; \ /sbin/shorewall-lite -q restart 2>&1 | tail >&2; \
fi fi
# EOF # EOF

2
Shorewall-lite/fallback.sh
View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {

6
Shorewall-lite/init.archlinux.sh
View File

@ -20,7 +20,7 @@ DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon.
case "$1" in case "$1" in
start) start)
stat_busy "Starting $DAEMON_NAME" stat_busy "Starting $DAEMON_NAME"
/usr/share/shorewall-lite/shorewall $OPTIONS start &>/dev/null /sbin/shorewall-lite $OPTIONS start &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else
@ -32,7 +32,7 @@ case "$1" in
stop) stop)
stat_busy "Stopping $DAEMON_NAME" stat_busy "Stopping $DAEMON_NAME"
/usr/share/shorewall-lite/shorewall stop &>/dev/null /sbin/shorewall-lite stop &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else
@ -43,7 +43,7 @@ case "$1" in
restart|reload) restart|reload)
stat_busy "Restarting $DAEMON_NAME" stat_busy "Restarting $DAEMON_NAME"
/usr/share/shorewall-lite/shorewall restart &>/dev/null /sbin/shorewall-lite restart &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else

2
Shorewall-lite/init.debian.sh
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
SRWL=/usr/share/shorewall-lite/shorewall SRWL=/sbin/shorewall-lite
WAIT_FOR_IFUP=/usr/share/shorewall-lite/wait4ifup WAIT_FOR_IFUP=/usr/share/shorewall-lite/wait4ifup
# Note, set INITLOG to /dev/null if you do not want to # Note, set INITLOG to /dev/null if you do not want to
# keep logs of the firewall (not recommended) # keep logs of the firewall (not recommended)

6
Shorewall-lite/init.sh
View File

@ -74,14 +74,14 @@ command="$1"
case "$command" in case "$command" in
start) start)
exec /usr/share/shorewall-lite/shorewall $OPTIONS $@ exec /sbin/shorewall-lite $OPTIONS $@
;; ;;
stop|restart|status) stop|restart|status)
exec /usr/share/shorewall-lite/shorewall $@ exec /sbin/shorewall-lite $@
;; ;;
reload) reload)
shift shift
exec /usr/share/shorewall-lite/shorewall restart $@ exec /sbin/shorewall-lite restart $@
;; ;;
*) *)
usage usage

16
Shorewall-lite/install.sh
View File

@ -22,7 +22,7 @@
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
# #
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {
@ -226,6 +226,10 @@ else
rm -rf ${PREFIX}/var/lib/shorewall-lite rm -rf ${PREFIX}/var/lib/shorewall-lite
fi fi
install_file_with_backup shorewall-lite ${PREFIX}/sbin/shorewall-lite 0544 ${PREFIX}/var/lib/shorewall-lite-${VERSION}.bkout
echo "Shorewall Lite control program installed in ${PREFIX}/sbin/shorewall-lite"
# #
# Install the Firewall Script # Install the Firewall Script
# #
@ -268,16 +272,6 @@ fi
run_install $OWNERSHIP -m 0600 Makefile ${PREFIX}/etc/shorewall-lite/Makefile run_install $OWNERSHIP -m 0600 Makefile ${PREFIX}/etc/shorewall-lite/Makefile
echo "Makefile installed as ${PREFIX}/etc/shorewall-lite/Makefile" echo "Makefile installed as ${PREFIX}/etc/shorewall-lite/Makefile"
install_file shorewall ${PREFIX}/usr/share/shorewall-lite/shorewall 0555
echo "shorewall control program installed in /usr/share/shorewall-lite/shorewall"
if [ -z "$PREFIX" ]; then
if [ ! -L /sbin/shorewall ]; then
[ -f /sbin/shorewall ] && backup_file /sbin/shorewall ${PREFIX}/var/lib/shorewall-lite-${VERSION}.bkout
ln -sf /usr/share/shorewall-lite/shorewall /sbin/shorewall
fi
fi
# #
# Install the default config path file # Install the default config path file
# #

36
Shorewall-lite/releasenotes.txt
View File

@ -14,7 +14,13 @@ Problems Corrected in 3.2.0 RC 2
Other changes in 3.2.0 RC 3 Other changes in 3.2.0 RC 3
None. 1) The controversial symbolic link /sbin/shorewall has been
eliminated. The Shorewall Lite control program is now
/sbin/shorewall-lite. Those users who only run Shorewall Lite and
who prefer the name /sbin/shorewall may create a symbolic link as
follows:
ln -sf shorewall-lite /sbin/shorewall
New Features: New Features:
@ -51,32 +57,8 @@ e) On the administrative system, for each firewall system you:
/sbin/shorewall compile -e . firewall /sbin/shorewall compile -e . firewall
scp firewall root@<firewall system>:/usr/share/shorewall/ scp firewall root@<firewall system>:/usr/share/shorewall/
3) On the firewall system, 'shorewall start'. 3) On the firewall system, 'shorewall-lite start'.
It is possible to have both shorewall and Shorewall Lite It is possible to have both shorewall and Shorewall Lite
installed on the same system if you use RPM. Regardless of whether installed on the same system.
you use RPM or the installer, Shorewall Lite directory names have
been change from 'shorewall' to 'shorewall-lite':
/etc/shorewall -> /etc/shorewall-lite
/usr/share/shorewall -> /usr/share/shorewall-lite
/var/lib/shorewall -> /var/lib/shorewall-lite
If you use the RPMs, whichever package is installed first will
determine which package /sbin/shorewall invokes. /sbin/shorewall is
now a symbolic link created by 'rpm':
Shorewall: /sbin/shorewall points to /usr/share/shorewall/shorewall
Shorewall Lite:
/sbin/shorewall points to /usr/share/shorewall/shorewall-lite
You may use the 'ln -sf' command to change from one to the other:
To use 'Shorewall' rather than 'Shorewall Lite'
ln -sf /usr/share/shorewall/shorewall /sbin/shorewall
To use 'Shorewall Lite' rather than 'Shorewall'
ln -sf /usr/share/shorewall-lite/shorewall /sbin/shorewall

2
Shorewall-lite/shorewall → Shorewall-lite/shorewall-lite
View File

@ -6,7 +6,7 @@
# #
# (c) 1999,2000,2001,2002,2003,2004,2005,2006 - Tom Eastep (teastep@shorewall.net) # (c) 1999,2000,2001,2002,2003,2004,2005,2006 - Tom Eastep (teastep@shorewall.net)
# #
# This file should be placed in /usr/share/shorewall-lite/shorewall. # This file should be placed in /sbin/shorewall-lite.
# #
# Shorewall documentation is available at http://shorewall.sourceforge.net # Shorewall documentation is available at http://shorewall.sourceforge.net
# #

16
Shorewall-lite/shorewall-lite.spec
View File

@ -1,6 +1,6 @@
%define name shorewall-lite %define name shorewall-lite
%define version 3.2.0 %define version 3.2.0
%define release 0RC2 %define release 0RC3
%define prefix /usr %define prefix /usr
Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
@ -51,8 +51,6 @@ if [ $1 -eq 1 ]; then
fi fi
fi fi
[ -L /sbin/shorewall ] || [ -f /sbin/shorewall ] || ln -s /usr/share/shorewall-lite/shorewall /sbin/shorewall
%preun %preun
if [ $1 = 0 ]; then if [ $1 = 0 ]; then
@ -64,12 +62,6 @@ if [ $1 = 0 ]; then
fi fi
%triggerpostun -- shorewall-lite <= 3.2.0-0RC1
if [ -f /usr/share/shorewall-lite/shorewall ]; then
[ -L /sbin/shorewall ] || ln -s /usr/share/shorewall-lite/shorewall /sbin/shorewall
fi
%files %files
%defattr(0644,root,root,0755) %defattr(0644,root,root,0755)
%attr(0755,root,root) %dir /etc/shorewall-lite %attr(0755,root,root) %dir /etc/shorewall-lite
@ -79,7 +71,8 @@ fi
%attr(0755,root,root) %dir /usr/share/shorewall-lite %attr(0755,root,root) %dir /usr/share/shorewall-lite
%attr(0700,root,root) %dir /var/lib/shorewall-lite %attr(0700,root,root) %dir /var/lib/shorewall-lite
%attr(0555,root,root) /usr/share/shorewall-lite/shorewall %attr(0555,root,root) /sbin/shorewall-lite
%attr(0644,root,root) /usr/share/shorewall-lite/version %attr(0644,root,root) /usr/share/shorewall-lite/version
%attr(0644,root,root) /usr/share/shorewall-lite/configpath %attr(0644,root,root) /usr/share/shorewall-lite/configpath
%attr(0444,root,root) /usr/share/shorewall-lite/functions %attr(0444,root,root) /usr/share/shorewall-lite/functions
@ -91,6 +84,9 @@ fi
%doc COPYING changelog.txt releasenotes.txt %doc COPYING changelog.txt releasenotes.txt
%changelog %changelog
* Mon Jun 12 2006 Tom Eastep tom@shorewall.net
- Change control program to /sbin/shorewall-lite
- Version 3.2.0-RC3
* Fri Jun 09 2006 Tom Eastep tom@shorewall.net * Fri Jun 09 2006 Tom Eastep tom@shorewall.net
- Install Shorewall-lite in its own directories - Install Shorewall-lite in its own directories
* Wed Jun 07 2006 Tom Eastep tom@shorewall.net * Wed Jun 07 2006 Tom Eastep tom@shorewall.net

2
Shorewall-lite/uninstall.sh
View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {

2
Shorewall/fallback.sh
View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {

6
Shorewall/init.archlinux.sh
View File

@ -20,7 +20,7 @@ DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon.
case "$1" in case "$1" in
start) start)
stat_busy "Starting $DAEMON_NAME" stat_busy "Starting $DAEMON_NAME"
/usr/share/shorewall/shorewall $OPTIONS start &>/dev/null /sbin/shorewall $OPTIONS start &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else
@ -32,7 +32,7 @@ case "$1" in
stop) stop)
stat_busy "Stopping $DAEMON_NAME" stat_busy "Stopping $DAEMON_NAME"
/usr/share/shorewall/shorewall stop &>/dev/null /sbin/shorewall stop &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else
@ -43,7 +43,7 @@ case "$1" in
restart|reload) restart|reload)
stat_busy "Restarting $DAEMON_NAME" stat_busy "Restarting $DAEMON_NAME"
/usr/share/shorewall restart &>/dev/null /sbin/shorewall restart &>/dev/null
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
stat_fail stat_fail
else else

2
Shorewall/init.debian.sh
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
SRWL=/usr/share/shorewall/shorewall SRWL=/sbin/shorewall
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
# Note, set INITLOG to /dev/null if you do not want to # Note, set INITLOG to /dev/null if you do not want to
# keep logs of the firewall (not recommended) # keep logs of the firewall (not recommended)

6
Shorewall/init.sh
View File

@ -74,14 +74,14 @@ command="$1"
case "$command" in case "$command" in
start) start)
exec /usr/share/shorewall/shorewall $OPTIONS $@ exec /sbin/shorewall $OPTIONS $@
;; ;;
stop|restart|status) stop|restart|status)
exec /usr/share/shorewall/shorewall $@ exec /sbin/shorewall $@
;; ;;
reload) reload)
shift shift
exec /usr/share/shorewall/shorewall restart $@ exec /sbin/shorewall restart $@
;; ;;
*) *)
usage usage

18
Shorewall/install.sh
View File

@ -22,7 +22,7 @@
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
# #
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {
@ -223,6 +223,10 @@ else
first_install="Yes" first_install="Yes"
fi fi
install_file_with_backup shorewall ${PREFIX}/sbin/shorewall 0555 ${PREFIX}/var/lib/shorewall-${VERSION}.bkout
echo "shorewall control program installed in ${PREFIX}/sbin/shorewall"
# #
# Install the Firewall Script # Install the Firewall Script
# #
@ -272,18 +276,6 @@ if [ ! -f ${PREFIX}/etc/shorewall/zones ]; then
run_install $OWNERSHIP -m 0744 zones ${PREFIX}/etc/shorewall/zones run_install $OWNERSHIP -m 0744 zones ${PREFIX}/etc/shorewall/zones
echo "Zones file installed as ${PREFIX}/etc/shorewall/zones" echo "Zones file installed as ${PREFIX}/etc/shorewall/zones"
fi fi
#
# Install control program
#
install_file shorewall ${PREFIX}/usr/share/shorewall/shorewall 0555
echo "shorewall control program installed in /usr/share/shorewall/shorewall"
if [ -z "$PREFIX" ]; then
if [ ! -L /sbin/shorewall ]; then
[ -f /sbin/shorewall ] && backup_file /sbin/shorewall ${PREFIX}/var/lib/shorewall-lite-${VERSION}.bkout
ln -sf /usr/share/shorewall/shorewall /sbin/shorewall
fi
fi
# #
# Install the functions file # Install the functions file

58
Shorewall/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 3.2.0 RC 2 Shorewall 3.2.0 RC 3
Note to users upgrading from Shorewall 2.x or 3.0 Note to users upgrading from Shorewall 2.x or 3.0
@ -31,52 +31,30 @@ Note to users upgrading from Shorewall 2.x or 3.0
Please see the "Migration Considerations" below for additional upgrade Please see the "Migration Considerations" below for additional upgrade
information. information.
Problems Corrected in 3.2.0 RC 2 Problems Corrected in 3.2.0 RC 3
1) The treatment of IPTABLES and LOGFORMAT have been clarified with 1) When -e is specified to the compile command, it is possible for an
respect to Shorewall Lite. If these options are set in the incorrect direct reference to /var/lib/shorewall to be included in the
shorewall.conf file used at compile time, then the generated compiled script.
firewall script will use those values. /sbin/shorewall on the
firewall system will use the corresponding values from
/etc/shorewall/shorewall.conf on that system.
If the values are not given in shorewall.conf at compile time then 2) A typo in the compiler resulted in a wrong file being removed during
the values in /etc/shorewall/shorewall.conf on the firewall system "shorewall stop" and "shorewall restart". The result was generally harmless.
will be used by the generated firewall script.
To take advantage of this change, both the administrative system Replace /usr/share/shorewall/compiler with the 'compiler' file from the
and the firewall system(s) must be running RC2 or later. errata/Shorewall sub-directory.
Other changes in 3.2.0 RC 2 Replace /usr/share/shorewall/prog.footer with the 'prog.footer' file from
the errata/Shorewall sub-directory.
1) The sample configurations have been updated for version 3.2. Other changes in 3.2.0 RC 3
2) It is now possible to have both shorewall and Shorewall Lite 1) The controversial symbolic link /sbin/shorewall has been
installed on the same system if you use RPM. Regardless of whether eliminated. The Shorewall Lite control program is now
you use RPM or the installer, Shorewall Lite directory names have /sbin/shorewall-lite. Those users who only run Shorewall Lite and
been change from 'shorewall' to 'shorewall-lite': who prefer the name /sbin/shorewall may create a symbolic link as
follows:
/etc/shorewall -> /etc/shorewall-lite ln -sf shorewall-lite /sbin/shorewall
/usr/share/shorewall -> /usr/share/shorewall-lite
/var/lib/shorewall -> /var/lib/shorewall-lite
If you use the RPMs, whichever package is installed first will
determine which package /sbin/shorewall invokes. /sbin/shorewall is
now a symbolic link created by 'rpm':
Shorewall: /sbin/shorewall points to /usr/share/shorewall/shorewall
Shorewall Lite:
/sbin/shorewall points to /usr/share/shorewall/shorewall-lite
You may use the 'ln -sf' command to change from one to the other:
To use 'Shorewall' rather than 'Shorewall Lite'
ln -sf /usr/share/shorewall/shorewall /sbin/shorewall
To use 'Shorewall Lite' rather than 'Shorewall'
ln -sf /usr/share/shorewall-lite/shorewall /sbin/shorewall
Migration Considerations: Migration Considerations:

13
Shorewall/shorewall.spec
View File

@ -1,6 +1,6 @@
%define name shorewall %define name shorewall
%define version 3.2.0 %define version 3.2.0
%define release 0RC2 %define release 0RC3
%define prefix /usr %define prefix /usr
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@ -48,8 +48,6 @@ if [ $1 -eq 1 ]; then
fi fi
fi fi
[ -L /sbin/shorewall ] || [ -f /sbin/shorewall ] || ln -s /usr/share/shorewall/shorewall /sbin/shorewall
%preun %preun
if [ $1 = 0 ]; then if [ $1 = 0 ]; then
@ -63,12 +61,6 @@ if [ $1 = 0 ]; then
fi fi
%triggerpostun -- shorewall <= 3.2.0-0RC1
if [ -f /usr/share/shorewall/shorewall ]; then
[ -L /sbin/shorewall ] || ln -s /usr/share/shorewall/shorewall /sbin/shorewall
fi
%files %files
%defattr(0644,root,root,0755) %defattr(0644,root,root,0755)
%attr(0544,root,root) /etc/init.d/shorewall %attr(0544,root,root) /etc/init.d/shorewall
@ -109,7 +101,8 @@ fi
%attr(0600,root,root) %config(noreplace) /etc/shorewall/tcdevices %attr(0600,root,root) %config(noreplace) /etc/shorewall/tcdevices
%attr(0600,root,root) /etc/shorewall/Makefile %attr(0600,root,root) /etc/shorewall/Makefile
%attr(0555,root,root) /usr/share/shorewall/shorewall %attr(0555,root,root) /sbin/shorewall
%attr(0644,root,root) /usr/share/shorewall/version %attr(0644,root,root) /usr/share/shorewall/version
%attr(0644,root,root) /usr/share/shorewall/actions.std %attr(0644,root,root) /usr/share/shorewall/actions.std
%attr(0644,root,root) /usr/share/shorewall/action.Drop %attr(0644,root,root) /usr/share/shorewall/action.Drop

2
Shorewall/uninstall.sh
View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=3.2.0-RC2 VERSION=3.2.0-RC3
usage() # $1 = exit status usage() # $1 = exit status
{ {

76
docs/CompiledPrograms.xml
View File

@ -197,63 +197,10 @@
<para>The firewall systems do <emphasis role="bold">NOT</emphasis> <para>The firewall systems do <emphasis role="bold">NOT</emphasis>
need to have the full Shorewall product installed but rather only need to have the full Shorewall product installed but rather only
the Shorewall Lite product. Shorewall and Shorewall LIte may be the Shorewall Lite product. Shorewall and Shorewall LIte may be
installed on the same system <emphasis role="bold">although we don't installed on the same system.</para>
recommend doing so</emphasis>; whichever package is installed first
will be the one invoked by <filename
class="symlink">/sbin/shorewall</filename>. <filename
class="symlink">/sbin/shorewall</filename> is a symbolic link that
points to the real shorewall script:</para>
<itemizedlist>
<listitem>
<para>It points to
<filename>/usr/share/shorewall/shorewall</filename> if the full
Shorewall package is to be used.</para>
</listitem>
<listitem>
<para>It points to
<filename>/usr/share/shorewall-lite/shorewall</filename> if
Shorewall Lite is to be used.</para>
</listitem>
</itemizedlist>
<para>You can switch between the two using the <command>ln
-sf</command> command:</para>
<itemizedlist>
<listitem>
<para>To select Shorewall:</para>
<programlisting><command>ln -sf /usr/share/shorewall/shorewall /sbin/shorewall</command></programlisting>
</listitem>
<listitem>
<para>To select Shorewall Lite</para>
<programlisting><command>ln -sf /usr/share/shorewall-lite/shorewall /sbin/shorewall</command></programlisting>
</listitem>
</itemizedlist>
</note> </note>
</listitem> </listitem>
<listitem>
<para>You can always see which product is being used by running the
version command.</para>
<para>On a system running full Shorewall:</para>
<programlisting>wifitipper:~ # <command>shorewall version</command>
3.2.0-RC2
wifitipper:~ # </programlisting>
<para>On a system running Shorewall Lite:</para>
<programlisting>wireless:~ # <command>shorewall version</command>
3.2.0-RC2 Lite
wireless:~ # </programlisting>
</listitem>
<listitem> <listitem>
<para>On the administrative system you create a separete <para>On the administrative system you create a separete
'configuration directory' for each firewall system. You copy the 'configuration directory' for each firewall system. You copy the
@ -297,7 +244,7 @@ wireless:~ # </programlisting>
<para>If you are running Debian or one of its derivatives like Ubuntu <para>If you are running Debian or one of its derivatives like Ubuntu
then edit /etc/default/shorewall-lite and set startup=1.</para> then edit /etc/default/shorewall-lite and set startup=1.</para>
<programlisting><command>shorewall start</command></programlisting> <programlisting><command>shorewall-lite start</command></programlisting>
</listitem> </listitem>
</orderedlist> </orderedlist>
@ -337,9 +284,10 @@ wireless:~ # </programlisting>
</simplelist> </simplelist>
</blockquote> </blockquote>
<para>The <filename>/sbin/shorewall</filename> program included with <para>The <filename>/sbin/shorewall-lite</filename> program included with
Shorewall Lite supports the same set of commands as the one in a full Shorewall Lite supports the same set of commands as the
Shorewall installation with the following exceptions:</para> <filename>/sbin/shorewall</filename> program in a full Shorewall
installation with the following exceptions:</para>
<blockquote> <blockquote>
<simplelist> <simplelist>
@ -357,6 +305,16 @@ wireless:~ # </programlisting>
</simplelist> </simplelist>
</blockquote> </blockquote>
<para>On systems with only Shorewall Lite installed, I recommend that you
create a symbolic link <filename>/sbin/shorewall</filename> and point it
at <filename>/sbin/shorewall-lite</filename>. That way, you can use
<command>shorewall</command> as the command regardless of which product is
installed.</para>
<blockquote>
<programlisting><command>ln -sf shorewall-lite /sbin/shorewall</command></programlisting>
</blockquote>
<section> <section>
<title>Converting a system from Shorewall to Shorewall Lite</title> <title>Converting a system from Shorewall to Shorewall Lite</title>
@ -424,7 +382,7 @@ wireless:~ # </programlisting>
Ubuntu then edit /etc/default/shorewall-lite and set Ubuntu then edit /etc/default/shorewall-lite and set
startup=1.</para> startup=1.</para>
<programlisting><command>shorewall start</command></programlisting> <programlisting><command>shorewall-lite start</command></programlisting>
</listitem> </listitem>
</orderedlist> </orderedlist>
</section> </section>

21
docs/FAQ.xml
View File

@ -1837,27 +1837,6 @@ eth0 eth1 # eth1 = interface to local netwo
installed on at least one system within your network in order to use installed on at least one system within your network in order to use
Shorewall Lite.</para> Shorewall Lite.</para>
</section> </section>
<section id="faq55">
<title>(FAQ 55) I just installed Shorewall but /sbin/shorewall runs
Shorewall Lite!</title>
<para>Example:</para>
<blockquote>
<programlisting>wireless:/usr/share/shorewall-lite # <command>shorewall version</command>
ERROR: Shorewall Lite is not properly installed
The file /usr/share/shorewall-lite/firewall does not exist
wireless:/usr/share/shorewall-lite #</programlisting>
</blockquote>
<para><emphasis role="bold">Answer</emphasis>: This means that Shorewall
Lite was already installed when you installed Shorewall and the
/sbin/shorewall symbolic link is still pointing to the Shorewall Lite
version of the program. See the <ulink
url="CompiledPrograms.html#Lite">Shorewall Lite documentation</ulink>
for instructions on how to correct this condition.</para>
</section>
</section> </section>
<section> <section>

13
docs/starting_and_stopping_shorewall.xml
View File

@ -95,10 +95,6 @@
</orderedlist> </orderedlist>
</warning> </warning>
<para>Beginning with Shorewall version 3.2.0 RC 2,
<filename>/sbin/shorewall</filename> is a symbolic link that points to
<filename>/usr/share/shorewall/shorwall</filename>.</para>
<para>To see a list of supported commands, use the <para>To see a list of supported commands, use the
<command>help</command> command:</para> <command>help</command> command:</para>
@ -156,9 +152,8 @@
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para><filename>/sbin/shorewall</filename> — A symbolic link to <para><filename>/sbin/shorewall-lite</filename> — This is the program
<filename>/usr/share/shorewall-lite/shorwall</filename>. This is the that you use to interact with Shorewall Lite.</para>
program that you use to interact with Shorewall Lite.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -596,7 +591,9 @@
<filename>/etc/shorewall/shorewall.conf</filename>.</para> <filename>/etc/shorewall/shorewall.conf</filename>.</para>
</blockquote> </blockquote>
<para>Following in alphabetical order are the supported commands.</para> <para>Following in alphabetical order are the supported commands. Except
as noted, <filename>/sbin/shorewall-lite</filename> supports the same
commands as <filename>/sbin/shorewall</filename>.</para>
<variablelist> <variablelist>
<varlistentry> <varlistentry>