On 12/4/2013 8:09 AM, [email protected] wrote: > Hi > > On Tue, Dec 3, 2013, at 04:15 PM, Tom Eastep wrote: >> The only time that I would use Shorewall extension scripts would be if >> the init system didn't support the dependent application. > > Ok, thanks. > > When executing a local load/compile of a remote machine's firewall > config for export, is the remote's Shorewall-lite instance > reloaded/restarted by using "systemctl restart ...", or by directly > invoking the shorewall script?
You can simply use the 'shorewall reload <remote system>' on the admin system, or you must export then 'systemctl restart' on the remote firewall. > > Can the remote executable be changed? For example, to use > /etc/systemd/system/my-shorewall-script.service, instead? Instead of what? > > Also, what's the right place to persistently change the remote's upload > directory -- from /etc/shorewall to /some/other/path/shorewall? Change the shorewallrc VARLIB or VARDIR setting on the remote system and copy that file into the remote system's directory on the admin system. Note that VARLIB/VARDIR changes the place where the compiled script runs from. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
