Tom Eastep wrote:
> Farkas Levente wrote:
>> Tom Eastep wrote:
>>> Compare the output of 'shorewall-lite dump' before and after the
>>> restart.
>>
>> it's rather huge and very different (because of packet number
>> differences it's not easy to compare). it'd be better to create some
>> kind of better dump which is easier to compare.
>> but i assume i find it (diff -u)!:
>>
>> - /proc/sys/net/ipv4/ip_forward = 0
>> + /proc/sys/net/ipv4/ip_forward = 1
>>
>> how can it be possible?
>
> I assume that some other init script is turning it off after
> Shorewall-lite turns it on. What do you have in /etc/sysctl.conf?
net.ipv4.ip_forward = 0
but this is for years and it was working until now:-(
and there are the scripts after shorewall it doesn't seem to be any of
them can be:
S25shorewall-lite
S26apmd
S26lm_sensors
S26ups
S44acpid
S50snmpd
S50yum-cron
S55arpwatch
S55sshd
S58ntpd
S61clamd
S78spamassassin
S79amavisd
S79postgrey
S80postfix
S81ulogd
S85gpm
S85httpd
S90crond
S93ntop
S95anacron
S95atd
S98haldaemon
S99local
S99smartd
what's more i modify the sysinit script like this:
case "$command" in
start)
cat /proc/sys/net/ipv4/ip_forward >>/tmp/out
#exec /sbin/shorewall-lite $OPTIONS $@
/sbin/shorewall-lite $OPTIONS $@
cat /proc/sys/net/ipv4/ip_forward >>/tmp/out
and i've got two 0 0 !!!
--
Levente "Si vis pacem para bellum!"
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
