Shorewall Lite 3.2.0 RC 3

Problems Corrected in 3.2.0 RC 2

1)  The /usr/share/shorewall-lite/configpath file has been corrected to
    correctly refer to /usr/share/shorewall-lite/.

2)  The /etc/shorewall-lite/Makefile has been corrected to refer to the
    proper directories.

3)  The /usr/share/shorewall-lite/shorecap program has been corrected
    to refer to the proper directories and to correct a typo that
    prevented the program for detecting any capabilities.

Other changes in 3.2.0 RC 3

1)  The controversial symbolic link /sbin/shorewall has been
    eliminated. The Shorewall Lite control program is now
    /sbin/shorewall-lite. Those users who only run Shorewall Lite and
    who prefer the name /sbin/shorewall may create a symbolic link as
    follows:

	ln -sf shorewall-lite /sbin/shorewall

New Features:

Shorewall Lite is a companion product to Shorewall and is designed to
allow you to maintain all Shorewall configuration information on a
single system within your network.

a) You install the full Shorewall release on one system within your
network. You need not configure Shorewall there and you may totally
disable startup of Shorewall in your init scripts. For ease of
reference, we call this system the 'administrative system'.

b) On each system where you wish to run a Shorewall-generated firewall,
you install Shorewall Lite. For ease of reference, we will call these
systems the 'firewall systems'.

c) On the administrative system you create a separete 'configuration
directory' for each firewall system. You copy the contents of
/usr/share/shorewall/configfiles into each configuration directory.

d) On each firewall system, you run:

   /usr/share/shorewall/shorecap > capabilities
   scp capabilities <admin system>:<this system's config dir>

e) On the administrative system, for each firewall system you:

   1) modify the files in the corresponding configuration
      directory appropriately.

   2) (this may be done as a non-root user)

      cd <configuration directory>
      /sbin/shorewall compile -e . firewall
      scp firewall root@<firewall system>:/usr/share/shorewall/

   3) On the firewall system, 'shorewall-lite start'.

It is possible to have both shorewall and Shorewall Lite
installed on the same system.

For more information, see:

    http://www.shorewall.net/CompiledProgram.html#Lite