Srinivasa Hebbar wrote: > >> Why do you believe that it necessary? What is the point of having entries >> in route_rules that have no corresponding entry in the providers file. >> > I agree, but if I have a dynamic interface such as PPP with optional field set > in providers file, shorewall will not create a routing table entries for the > failed/non existing link. But, route rules adds a policy route entry which is > pointing to an empty table which is confusing. I would not like to see the > the policy routing entry in the kernel to a failed optional empty provider > table.
Okay -- so what you really want is that the route_rules for a provider should be omitted if the provider is not available. That makes sense (although it is not what you originally asked for). > This doesn't halt the shorewall. But, I am manually adding more table > entries in the rt_table, which will be erased by shorewall in case if I > start/restart shorewall when /etc in mounted read-write. Okay -- In Shorewall 4.0.3, Shorewall-perl will support a KEEP_RT_TABLES option. > > I have dual link to a particular location with static IP addresses > configured. I am detecting link failures by some custom method. I will be > starting/restarting shorewall when ever I detect link failures. The plugin > will provide information whether a particular link is up or down. > I know that LARTC dead gateway detection will help here but this feature in > shorewall simplifies complexity without recompiling the kernel. Then please simply define your own version of is_interface_usable() in your /etc/shorewall/init file. We don't need to hack up Shorewall to accommodate this requirement. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
