[flashproxy/master] Update facilitator-howto.txt for Debian 7.
commit f73051bcb6659eb3a7d13f475b1e85fe89451b1a Author: David Fifield <david@bamsoftware.com> Date: Fri Sep 20 21:51:55 2013 -0700 Update facilitator-howto.txt for Debian 7. --- doc/facilitator-howto.txt | 30 ++++++------------------------ 1 file changed, 6 insertions(+), 24 deletions(-) diff --git a/doc/facilitator-howto.txt b/doc/facilitator-howto.txt index a51d2b7..9c2b274 100644 --- a/doc/facilitator-howto.txt +++ b/doc/facilitator-howto.txt @@ -1,4 +1,4 @@ -This document describes how to run a flash proxy facilitator on Debian 6. +This document describes how to run a flash proxy facilitator on Debian 7. We will use the domain name fp-facilitator.example.com. == Overview @@ -44,7 +44,7 @@ Install some essential packages and configure a firewall. APT::Install-Recommends "0"; APT::Install-Suggests "0"; EOF - # apt-get remove nfs-common portmap + # apt-get remove portmap # apt-get update # apt-get upgrade # apt-get install shorewall shorewall6 @@ -62,36 +62,18 @@ authentication: Configure the firewall to allow only SSH and HTTPS. # cd /etc/shorewall - # cp /usr/share/doc/shorewall/default-config/{interfaces,policy,rules,zones} . - Edit /etc/shorewall/interfaces: -net eth0 - tcpflags,norfc1918,routefilter,nosmurfs,logmartians - Edit /etc/shorewall/policy: -$FW all ACCEPT -net $FW DROP -all all DROP + # cp /usr/share/doc/shorewall/examples/Universal/{interfaces,policy,rules,zones} . Edit /etc/shorewall/rules: SECTION NEW -SSH/ACCEPT all $FW -HTTPS/ACCEPT all $FW - Edit /etc/shorewall/zones: -fw firewall -net ipv4 +SSH(ACCEPT) net $FW +HTTPS(ACCEPT) net $FW # cd /etc/shorewall6 - # cp /usr/share/doc/shorewall6/default-config/{interfaces,policy,rules,zones} . - Edit /etc/shorewall6/interfaces: -net eth0 - tcpflags - Edit /etc/shorewall6/policy: -$FW all ACCEPT -net $FW DROP -all all DROP + # cp /usr/share/doc/shorewall6/examples/Universal/{interfaces,policy,rules,zones} . Edit /etc/shorewall6/rules: SECTION NEW SSH/ACCEPT all $FW HTTPS/ACCEPT all $FW - Edit /etc/shorewall6/zones: -fw firewall -net ipv6 Edit /etc/default/shorewall and /etc/default/shorewall6 and set
participants (1)
-
dcf@torproject.org