On 03/19/2012 08:47 AM, Don Tucker wrote: > On 3/19/2012 10:30 AM, Tom Eastep wrote: >> On 03/19/2012 07:34 AM, Don Tucker wrote: >>> On 3/13/2012 12:29 PM, Tom Eastep wrote: >>>>> and restarting Shorewall, I repeated >>>>> the above test. This time ppp0 appeared in the IP Configuration >>>>> section >>>>> of the dump. I've attached that file as well, in case it is more >>>>> relevant that the previous one. >>>> The problem here is that bringing up ppp0 is plopping a default route >>>> into the main routing table. You need to restart shorewall once ppp0 is >>>> up and running. >>>> >>>> -Tom >>> I'm wondering what the effect will be of restarting shorewall after >>> bringing up a new interface if I have a data stream going out of an >>> existing interface. Will this cause the data stream to be interrupted? >> There is that possibility. 'restart' deletes all routing table changes >> then reapplies a new set, based on the current state of the interfaces. >> So it is theoretically possible to get 'no route to host' conditions >> during the restart if a route cache entry expires at exactly the right >> time. >> >> -Tom > Would the v4.5 shorewall, that does not require a restart when a new > interface is brought up, preserve the pre-existing data stream, or could > the same situation arise in that case as well?
The 'enable' command does not have that vulnerability. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
