Brian J. Murrell wrote:
So, now that I think about it, this usability issue has morphed from that of the default gateways getting lost when an interface goes down (because that is solvable but for ...) into one of not being able to define parameters that are evaluated at policy installation time.
>A capability for 'run-time variables' is something that I've thought about but haven't gotten around to implementing yet.
There seems to be some indication that the "init" script is a kind of params that is run exclusively on the shorewall-lite system but having looked at the firewall script and how the whole gateway detection and addition code works, I cannot see how setting a variable in the init file is going to propagate into that code in the firewall script on the -lite machine. Am I wrong?
No. In 4.1.7, you will be able to set a variable <interface>_GATEWAY in your init script where <interface> is the interface name in upper case and with those characters not allowed in shell variable names replaced by "_". So, for example, the gateway variable for eth0.1 is ETH0_1_GATEWAY.
If that variable is non-empty then the generated default-route logic will use its contents -- otherwise, an attempt will be made to detect the gateway using the contents of the main routing table as is done today.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
