it seems that the problems disappeared when I removed "required" from /etc/shorewall/interfaces. I had set: net eth0 dhcp,required loc eth1 dhcp,required As soon as I removed "required" all is well.
Jim > I have a two-interface solution, almost exactly as described in the examples. > On boot shorewall starts before eth0 (net) comes up, so fails to complete. To > get things going I have to unplug, then replug eth0, then issue "shoreline > start". Now all works as it is supposed to. I'm running dnsmasq as well as > shorewall. If I simply start shorewall without unplugging/replugging, > shorewall doesn't use eth0 at all. > > I tried putting "wait_interface="eth0 eth1" in /etc/default/shorewall, but > this just causes shorewall to hang the boot forever. > > I don't even see how shorewall is started. Debian is using runlevel 5 and > shorewall doesn't appear in rc5.d, although it's in init.d. Maybe someone can > give me a clue on how to either delay shorewall's init, or have shorewall > wait for eth0 to fully configure. Or something else that will make this work. > > Debian Jessie, kernel 3.16.8-4 > shorewall 4.6.4.3 > eth0 (net) is connected to my DSL modem using DHCP. It normally gets an > address of 192.168.1.65. I modified /etc/shorewall/masq to exclude this > subnet. My modem translates this to my external network static address. > eth1 (loc) has a static IP and is connected to a switch. Its address is > 192.168.0.1. Jim Ham -- Porcine Associates LLC 244 O'Connor St. Menlo Park, CA 94025 USA +1(650)326-2669 fax +1(650)326-1071 ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
