Wow, pretty comprehensive user interface. Beats manually editing config
files. So I'm guessing that I will want to use the "pass EXT->local" choice
to configure forwarding traffic on a particular port number on to a specific
internal host.
Thanks,
David
On Mon, Jan 19, 2009 at 12:12 PM, Lonnie Abelbeck <[email protected]
> wrote:
> David,
>
> Does this work for you?
> http://lonnie.abelbeck.com/astlinux/screenshots/firewall.jpg
>
> The Arno variables are automatically created for you, be it arno version
> 1.88 or 1.9.x.
>
> Lonnie
>
>
> On Jan 19, 2009, at 10:33 AM, David Kerr wrote:
>
> Darrick,
>> All this talk of moving from astfw to arnofw is making me nervous... just
>> what will be involved in moving from one to the other. I'm hoping that
>> someone will write an idiot's guide to migrating their config.
>>
>> I have a really simple config to forward certain ports to certain internal
>> IP addresses. What is involved in moving to arno?
>>
>> DMZSRC="192.168.1.0/255.255.255.0"
>> EXTPORTMAP="t631:192.168.1.9:631 t88:192.168.1.11:88 t3389:
>> 192.168.1.2:3389 t21:192.168.1.2:21"
>> EXTOPEN="t22 u4569 t443 t5060 u5060 t8088 u10000:20000"
>>
>> Thanks,
>> David
>>
>>
>> On Mon, Jan 19, 2009 at 8:05 AM, Darrick Hartman <
>> [email protected]> wrote:
>> Tom Chadwin wrote:
>> >>>> Currently [using version] 0.6.1. Is a remote upgrade possible, and
>> >>>> if so, what's the process?
>> >
>> >>>> I followed the directions here:
>> >>>>
>> >>>> http://www.astlinux.org/node/38
>> >>>>
>> >>>> With the boxes which have upgraded from 0.6.1 to 0.6.2, is copying
>> >>>> the new files to /oldroot/cdrom/os really all one must do? Is rc.conf
>> >>>> identical in both versions?
>> >
>> >>> rc.conf has changed, as has /etc/arno-iptables-firewall/ ... and no
>> >>> doubt others.
>> >>>
>> >>> What I do is this.
>> >>>
>> >>> I copy up the new image.
>> >>>
>> >>> The I do:
>> >>>
>> >>> mkdir /tmp/new
>> >>> mount -o loop,ro /oldroot/cdrom/os.new/astlinux-trunk-XXXX.run
>> >>> /tmp/new diff -ur /stat /tmp/new/stat
>> >>>
>> >>> and make note of the changes... Files that I've not modified, I can
>> >>> just copy over... files that I have modified, I get diffs of, and try
>> >>> to apply a patch... otherwise, the rejected patch hunks I end up
>> >>> editing by hand.
>> >
>> >> The changes in the 0.6 branch have been such that there should not have
>> >> been breakage. It's more likely that what Tom is seeing is due to a
>> missing
>> >> filesystem label on one of his partitions (either ASTURW or ASTKD).
>> >
>> >> Without seeing the console, we can only speculate. If the original
>> install
>> >> on that box was prior to 0.6.1, the filesystem labels may be missing.
>> >
>> > OK, forgetting about the failed upgrade for a second, are we saying
>> > that simply copying the new version files to /oldroot/cdrom/os is
>> > sufficient for an upgrade, or not? In this case, I am asking about
>> > 0.6.1 to 0.6.2, but how about future version upgrades - what process
>> > should I follow? Philip's manual diffing seems pretty involved to me.
>>
>> Tom,
>>
>> Going from 0.6.1(beta-beta-never released officially) to 0.6.2 should
>> just involve copying the files. Using a 'ver' file can control which
>> version gets booted. There were no changes in the rc.conf variables
>> which would affect general operation.
>>
>> However, going from 0.6.2 to 0.6.3 WILL require some adjustment of some
>> variables in rc.conf. There is no easy way to do this. It is going to
>> be a manual process. I would NOT do a diff for the purposes of creating
>> a patch. You will want to read the rc.conf values or re-create settings
>> using the gui. There were a few minor bugs which were fixed between
>> 0.6.2 and 0.6.3 which involved clarification of the variables.
>>
>> Basically, in 0.6.2 and earlier several variables would enable functions
>> if they were set to ANYTHING. So for example, if you had FOO="yes" then
>> changed that to FOO="no" and the service the depended on FOO would still
>> operate because the variable check was just looking if FOO was defined
>> at all.
>>
>> We are also phasing out astfw in favor of Arno's IPtables firewall.
>> Lonnie and Philip have been working together with Arno to make the last
>> missing piece complete (the DMZIP setting). It is very likely that
>> 0.7.0, when it ships, will ship with arnofw as the only firewall option.
>> I've used it since late 2002 and have found it to do just about
>> everything that I've ever dreamed up.
>>
>> Darrick
>>
>>
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by:
>> SourcForge Community
>> SourceForge wants to tell your story.
>> http://p.sf.net/sfu/sf-spreadtheword
>> _______________________________________________
>> Astlinux-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> [email protected].
>>
>>
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by:
>> SourcForge Community
>> SourceForge wants to tell your story.
>>
>> http://p.sf.net/sfu/sf-spreadtheword_______________________________________________
>> Astlinux-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> [email protected].
>>
>
>
>
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
