Hi Tom
If I set /etc/shorewall/init to something like "echo $COMMAND", then I
notice that starting (or restarting) shorewall with "-f" doesn't run
init (nor refresh)
This doesn't seem deliberate according to the docs here:
http://shorewall.net/shorewall_extension_scripts.htm
I notice that run_init_exit() is defined as per the init file in
/var/lib/shorewall/firewall, however, it's not defined in
/var/lib/shorewall/restore
So if I never run shorewall save, then "-f start" runs the firewall
script. However, if I run save, then "-f start" seems to then use the
restore script? Expected?
However, I don't see the restore script ever get recreated other than by
forcing it to be (shorewall save)? Touching some file in rules and then
running "-f start" causes a recompile and the "firewall" script is run.
Subsequently stopping and restarting causes the command to be "restore",
which reads the (older) "restore" file and not the "firewall" file
I think this isn't intended, but I'm not quite sure how we want to
define the various files? In this case I suspect my error is to use the
-f flag, since setting AUTOMAKE=true appears to do mostly the same thing
only it then uses the firewall file to restore. Question is what we are
gaining by -f referencing the restore file which isn't maintained during
a restart?
Should we default the RESTOREFILE= option to be "firewall"? Should the
-f flag not become a command line way to specify AUTOMAKE=true for this
one run? Is there still a bug in that the "init" and "refresh" script
isn't run when restoring from the "restore" script? Is it expected that
"restore" will ever be different to "firewall"?
Thanks for any thoughts?
Ed W
------------------------------------------------------------------------------
5 Ways to Improve & Secure Unified Communications
Unified Communications promises greater efficiencies for business. UC can
improve internal communications as well as offer faster, more efficient ways
to interact with customers and streamline customer service. Learn more!
http://www.accelacomm.com/jaw/sfnl/114/51426253/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
