On Sunday 29 April 2007 05:36, Tom Eastep wrote: > Steven Jan Springl wrote: > > Tom > > > > The following test was conducted with: > > > > ADD_IP_ALIASES=Yes > > ADD_SNAT_ALIASES=Yes > > RETAIN_ALIASES= both Yes and No, the result was the same > > > > The following rule was added to nat: > > > > 10.1.1.1 eth0 192.168.1.1 yes yes > > > > A 'shorewall start' was issued. > > An 'ip addr show' showed that 10.1.1.1 had been added to eth0 > > /var/lib/shorewall/nat contained: > > 10.1.1.1 eth0 > > > > The EXTERNAL IP address in nat was then changed to 10.1.1.2: > > > > 10.1.1.2 eth0 192.168.1.1 yes yes > > > > A 'shorewall restart' was then issued. > > An 'ip addr show' showed that both 10.1.1.1 and 10.1.1.2 have been > > added to eth0. > > /var/lib/shorewall/nat contained: > > 10.1.1.2 eth0 > > > > A 'shorewall stop' was then issued. > > An 'ip addr show' showed eth0 still had alias 10.1.1.1 > > This is fixed in revision 6148. With RETAIN_ALIASES=Yes, the stale > address (10.1.1.1) will remain configured until "shorewall stop" at > which time it will be deleted. > > -Tom Tom
It works now, The shorewall.conf man page for RETAIN_ALIASES states: Regardless of the setting of RETAIN_ALIASES, addresses added during shorewall start are still deleted at a subsequent shorewall stop or shorewall restart. Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
