On 5/9/11 10:46 AM, Mr Dash Four wrote: > > > I take it the bottom line is that everything is reloaded/restarted.
Yes. > It would have been better if it was possible to just reload the > changes which truly affect the running of the firewall if that > particular device goes up/down (you pointed out what these are in > previous posts) and not just "reload everything". If that was > possible I would have probably gone that way and use shorewall-init > without bothering with rc.sysinit scripts and the like. > > I guess this must be complicated as there may be some > interdependencies between various devices - can't comment on that > further as I am not really an expert in this and judge everything > purely from a (selfish) user perspective. There are certainly dependencies among multiple interfaces in policy routing. And testing a 'just-enough' implementation would be a lot of work. And given that restart (without compilation) is fast and non-disruptive, it seems like the right approach. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
