Robert Moskowitz wrote: > I have Shorewall installed on a Centos 5 box, managed via Webmin. > > The shorewall web site notes that Shorewall is NOT a deamon. But I see > a shorewall service running?
Firewall's under Linux use SysV init for activation during boot. Hence, they act like a service even though there is no firewall process that runs in the system. > > I see all of shorewall's files in /etc/shorewall, but by my reading, > these are processed then something is 'outputted' that the system is > using realtime. It is not /etc/sysconfig/iptables, that is unchanged > from when I built the system (is this still being used and impacting > what is allowed, packet-wise). The 'shorewall start' command (which is invoked by /etc/init.d/shorewall) compiles your configuration into a shell script named /var/lib/shorewall/.start. That script is then executed to configure Netfilter, /proc, etc. to match your configuration. > > Please point me to information on this. Assuming that you are using Shorewall 4.0, the articles I would suggest are: - http://www1.shorewall.net/Introduction.html - http://www1.shorewall.net/Anatomy.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
