[flashproxy/master] Update facilitator-howto.txt for Debian 7. - tor-commits

21 Sep 2013

commit f73051bcb6659eb3a7d13f475b1e85fe89451b1a
Author: David Fifield david@bamsoftware.com
Date:   Fri Sep 20 21:51:55 2013 -0700
Update facilitator-howto.txt for Debian 7.
---
 doc/facilitator-howto.txt |   30 ++++++------------------------
 1 file changed, 6 insertions(+), 24 deletions(-)

diff --git a/doc/facilitator-howto.txt b/doc/facilitator-howto.txt
index a51d2b7..9c2b274 100644
--- a/doc/facilitator-howto.txt
+++ b/doc/facilitator-howto.txt
@@ -1,4 +1,4 @@
-This document describes how to run a flash proxy facilitator on Debian 6.
+This document describes how to run a flash proxy facilitator on Debian 7.
 We will use the domain name fp-facilitator.example.com.
== Overview
@@ -44,7 +44,7 @@ Install some essential packages and configure a firewall.
 APT::Install-Recommends "0";
 APT::Install-Suggests "0";
 EOF
-	# apt-get remove nfs-common portmap
+	# apt-get remove portmap
    # apt-get update
    # apt-get upgrade
    # apt-get install shorewall shorewall6
@@ -62,36 +62,18 @@ authentication:
 Configure the firewall to allow only SSH and HTTPS.
# cd /etc/shorewall
-	# cp /usr/share/doc/shorewall/default-config/{interfaces,policy,rules,zones} .
-	Edit /etc/shorewall/interfaces:
-net	eth0		-	tcpflags,norfc1918,routefilter,nosmurfs,logmartians
-	Edit /etc/shorewall/policy:
-$FW		all		ACCEPT
-net		$FW		DROP
-all		all		DROP
+	# cp /usr/share/doc/shorewall/examples/Universal/{interfaces,policy,rules,zones} .
    Edit /etc/shorewall/rules:
 SECTION NEW
-SSH/ACCEPT	all	$FW
-HTTPS/ACCEPT	all	$FW
-	Edit /etc/shorewall/zones:
-fw	firewall
-net	ipv4
+SSH(ACCEPT)	net	$FW
+HTTPS(ACCEPT)	net	$FW
# cd /etc/shorewall6
-	# cp /usr/share/doc/shorewall6/default-config/{interfaces,policy,rules,zones} .
-	Edit /etc/shorewall6/interfaces:
-net	eth0		-	tcpflags
-	Edit /etc/shorewall6/policy:
-$FW		all		ACCEPT
-net		$FW		DROP
-all		all		DROP
+	# cp /usr/share/doc/shorewall6/examples/Universal/{interfaces,policy,rules,zones} .
    Edit /etc/shorewall6/rules:
 SECTION NEW
 SSH/ACCEPT	all	$FW
 HTTPS/ACCEPT	all	$FW
-	Edit /etc/shorewall6/zones:
-fw	firewall
-net	ipv6
Edit /etc/default/shorewall and /etc/default/shorewall6 and set

    