[tor-commits] [flashproxy/master] Update facilitator-howto.txt for Debian 7.
dcf at torproject.org
dcf at torproject.org
Sat Sep 21 04:52:28 UTC 2013
commit f73051bcb6659eb3a7d13f475b1e85fe89451b1a
Author: David Fifield <david at bamsoftware.com>
Date: Fri Sep 20 21:51:55 2013 -0700
Update facilitator-howto.txt for Debian 7.
---
doc/facilitator-howto.txt | 30 ++++++------------------------
1 file changed, 6 insertions(+), 24 deletions(-)
diff --git a/doc/facilitator-howto.txt b/doc/facilitator-howto.txt
index a51d2b7..9c2b274 100644
--- a/doc/facilitator-howto.txt
+++ b/doc/facilitator-howto.txt
@@ -1,4 +1,4 @@
-This document describes how to run a flash proxy facilitator on Debian 6.
+This document describes how to run a flash proxy facilitator on Debian 7.
We will use the domain name fp-facilitator.example.com.
== Overview
@@ -44,7 +44,7 @@ Install some essential packages and configure a firewall.
APT::Install-Recommends "0";
APT::Install-Suggests "0";
EOF
- # apt-get remove nfs-common portmap
+ # apt-get remove portmap
# apt-get update
# apt-get upgrade
# apt-get install shorewall shorewall6
@@ -62,36 +62,18 @@ authentication:
Configure the firewall to allow only SSH and HTTPS.
# cd /etc/shorewall
- # cp /usr/share/doc/shorewall/default-config/{interfaces,policy,rules,zones} .
- Edit /etc/shorewall/interfaces:
-net eth0 - tcpflags,norfc1918,routefilter,nosmurfs,logmartians
- Edit /etc/shorewall/policy:
-$FW all ACCEPT
-net $FW DROP
-all all DROP
+ # cp /usr/share/doc/shorewall/examples/Universal/{interfaces,policy,rules,zones} .
Edit /etc/shorewall/rules:
SECTION NEW
-SSH/ACCEPT all $FW
-HTTPS/ACCEPT all $FW
- Edit /etc/shorewall/zones:
-fw firewall
-net ipv4
+SSH(ACCEPT) net $FW
+HTTPS(ACCEPT) net $FW
# cd /etc/shorewall6
- # cp /usr/share/doc/shorewall6/default-config/{interfaces,policy,rules,zones} .
- Edit /etc/shorewall6/interfaces:
-net eth0 - tcpflags
- Edit /etc/shorewall6/policy:
-$FW all ACCEPT
-net $FW DROP
-all all DROP
+ # cp /usr/share/doc/shorewall6/examples/Universal/{interfaces,policy,rules,zones} .
Edit /etc/shorewall6/rules:
SECTION NEW
SSH/ACCEPT all $FW
HTTPS/ACCEPT all $FW
- Edit /etc/shorewall6/zones:
-fw firewall
-net ipv6
Edit /etc/default/shorewall and /etc/default/shorewall6 and set
More information about the tor-commits
mailing list