On 1/6/11 2:44 PM, Brian J. Murrell wrote: > I need to do a tiny bit of tables manipulation in started: > > $IPTABLES -A accounting -i eth0.1 -j LOG --log-prefix "Shorewall:acct:DROP:" > $IPTABLES -A accounting -o eth0.1 -j LOG --log-prefix "Shorewall:acct:DROP:" > > But I also want to define interfaces in params: > > CGCOIF=eth1 > > which allows me to just define what the interface name is for a given > brand of router that I drop in for my firewall in a params file and then > use all of the same configuration files for more than one brand of > router. > > The resulting code in firewall is however: > > $IPTABLES -A accounting -i $CGCOIF -j LOG --log-prefix "Shorewall:acct:DROP:" > $IPTABLES -A accounting -o $CGCOIF -j LOG --log-prefix "Shorewall:acct:DROP:" > > which means that params is not being evaluated in that context. > > Looking at firewall, I could simply source params in started but that > would wind up sourcing params in run_started_exit(), which I wouldn't > mind if all of the values in params became local to that function. But > they don't and it seems really bad that calling run_started_exit() > should have such an effect on the global namespace. > > Thots?
EXPORTPARAMS=Yes in shorewall.conf. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
