On 5/9/11 12:39 PM, Mr Dash Four wrote: > >> And given that restart (without compilation) is fast and >> non-disruptive, it seems like the right approach. >> > It isn't in my case - I have init script running which loads some 30k+ > subnets and addresses into ipsets (that runs on various machines ranging > from lo-end ppc 604e to Core2 Duo on 3.1MHz), not to mention the various > port ranges I am loading.
Aren't you only doing that if $COMMAND = start? > Besides, if there is traffic currently on the > other (unaffected) interfaces that would be disrupted if a > restart/reload of shorewall is initiated. Shouldn't be. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
