On Wednesday 22 March 2006 07:40, Eric Spakman wrote: > There is a very big problem with seperating the configs from the packages > itself. You loose the consistency between the two. For example, if you > update shorewall from version 2.x to 3.x (where the format of config files > change), shorewall won't work anymore.
This is a popular mis-conception which just isn't true. Shorewall 2.x configs will work with Shorewall 3.0. People get in trouble with this upgrade when they try to use some new config files (most notably shorewall.conf) together with some old files (notably the zones and ipsec files). The RPM and DPKG versions of Shorewall don't automatically update/merge the config files. The new files are made available to the user, however (RPM places them in /etc/shorewall with a ".rpmnew" name while DPKG installs them in /usr/share/shorewall/<something which I forget at the moment>). That approach would also work for a LEAF distribution that wasn't constrained by 1.68MB media capacity. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
pgpg8rLNBEaPQ.pgp
Description: PGP signature
