Tom Eastep wrote:
Farkas Levente wrote:what's more i modify the sysinit script like this: case "$command" in start) cat /proc/sys/net/ipv4/ip_forward >>/tmp/out #exec /sbin/shorewall-lite $OPTIONS $@ /sbin/shorewall-lite $OPTIONS $@ cat /proc/sys/net/ipv4/ip_forward >>/tmp/out and i've got two 0 0 !!!So what do you want me to do? I personally run Shorewall-lite and I don't have this problem. So you have all the information that is needed to solve the problem; I don't.
My apologies -- you actually gave me all the clues I needed to solve the problemThe bug has nothing to do with Shorewall-lite but rather is a result of the change that I made in 4.0.11 to defer setting up ip forwarding until after the rules are in place. I missed the case where the command is 'restore' (which is what occurs when -f is specified to 'start' and there is a saved config).
Patch attached. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Index: Shorewall/Compiler.pm
===================================================================
--- Shorewall/Compiler.pm (revision 8500)
+++ Shorewall/Compiler.pm (working copy)
@@ -657,6 +657,11 @@
else
fatal_error "$iptables_save_file does not exist"
fi
+EOF
+ pop_indent;
+ setup_forwarding;
+ push_indent;
+ emit<<'EOF';
set_state "Started"
else
if [ $COMMAND = refresh ]; then
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
