[tor-commits] [flashproxy/master] Update facilitator-howto.txt for Debian 7.

dcf at torproject.org dcf at torproject.org
Sat Sep 21 04:52:28 UTC 2013


commit f73051bcb6659eb3a7d13f475b1e85fe89451b1a
Author: David Fifield <david at bamsoftware.com>
Date:   Fri Sep 20 21:51:55 2013 -0700

    Update facilitator-howto.txt for Debian 7.
---
 doc/facilitator-howto.txt |   30 ++++++------------------------
 1 file changed, 6 insertions(+), 24 deletions(-)

diff --git a/doc/facilitator-howto.txt b/doc/facilitator-howto.txt
index a51d2b7..9c2b274 100644
--- a/doc/facilitator-howto.txt
+++ b/doc/facilitator-howto.txt
@@ -1,4 +1,4 @@
-This document describes how to run a flash proxy facilitator on Debian 6.
+This document describes how to run a flash proxy facilitator on Debian 7.
 We will use the domain name fp-facilitator.example.com.
 
 == Overview
@@ -44,7 +44,7 @@ Install some essential packages and configure a firewall.
 APT::Install-Recommends "0";
 APT::Install-Suggests "0";
 EOF
-	# apt-get remove nfs-common portmap
+	# apt-get remove portmap
 	# apt-get update
 	# apt-get upgrade
 	# apt-get install shorewall shorewall6
@@ -62,36 +62,18 @@ authentication:
 Configure the firewall to allow only SSH and HTTPS.
 
 	# cd /etc/shorewall
-	# cp /usr/share/doc/shorewall/default-config/{interfaces,policy,rules,zones} .
-	Edit /etc/shorewall/interfaces:
-net	eth0		-	tcpflags,norfc1918,routefilter,nosmurfs,logmartians
-	Edit /etc/shorewall/policy:
-$FW		all		ACCEPT
-net		$FW		DROP
-all		all		DROP
+	# cp /usr/share/doc/shorewall/examples/Universal/{interfaces,policy,rules,zones} .
 	Edit /etc/shorewall/rules:
 SECTION NEW
-SSH/ACCEPT	all	$FW
-HTTPS/ACCEPT	all	$FW
-	Edit /etc/shorewall/zones:
-fw	firewall
-net	ipv4
+SSH(ACCEPT)	net	$FW
+HTTPS(ACCEPT)	net	$FW
 
 	# cd /etc/shorewall6
-	# cp /usr/share/doc/shorewall6/default-config/{interfaces,policy,rules,zones} .
-	Edit /etc/shorewall6/interfaces:
-net	eth0		-	tcpflags
-	Edit /etc/shorewall6/policy:
-$FW		all		ACCEPT
-net		$FW		DROP
-all		all		DROP
+	# cp /usr/share/doc/shorewall6/examples/Universal/{interfaces,policy,rules,zones} .
 	Edit /etc/shorewall6/rules:
 SECTION NEW
 SSH/ACCEPT	all	$FW
 HTTPS/ACCEPT	all	$FW
-	Edit /etc/shorewall6/zones:
-fw	firewall
-net	ipv6
 
 Edit /etc/default/shorewall and /etc/default/shorewall6 and set
 



More information about the tor-commits mailing list