As a note, I'm a photographer who likes to run their own server for web
sites / email server, but I am no sys-admin person. I have though been
using Shorewall for a number of years now.
I've been building a new server to replace my aging server. Centos 7 /
VirtualMin install for software / admin. BUT I have had to use Kernel
4.x so that the Ryzen processor was recognized correctly.
I copied all the shorewall files across, checked configuration and
shorewall started up OK. But I could never get shorewall to start at
boot. Tried all hints I could find on internet to no avail.
Loaded Shorewall-init, set up the conf file. But now every-time I tried
to start it would fail with an error about the ipset "f2b" (- from
fail2ban). I took all references out of the conf files for Shorewall,
did a "shorewall compile". This seems to have solved the error messages
I was getting.
Questions.
1/ When using shorewall-init does shorewall itself have to be running,
or is the compiled shorewall rules loaded directly into iptables?
2/ When using fail2ban should I still be trying to push the banned ip's
into shorewall, or should I change the settings to push directly into
iptables?
3/ Anything I might have missed ( )?
Kind Regards - Nigel Aves.
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users