On 02/07/2015 07:59 PM, [email protected] wrote:
Hi
I recently inherited a few linuxes box with Shorewall on them.
They needs some clean up so I'm taking it one step at a time.
First I'm dealing with startup and shutdown.
I notice that when shorewall's installed and running on a local system (Opensuse 13.2),
if I do a package upgrade to a newer version of shorewall (using the distro's
"zypper dup" command), that the upgrade occurs OK, but the network drops and I
need to restart shorewall (always) and the network (sometimes).
Then everything's back to normal.
I don't have any problems with normal shorewall startup / shutdown, either on
boot or from the command line. Only when I do this package upgrade.
Not really an issue if the machine's local (THIS one is). BUt I can see this
could be a nasty problem if I'm remote.
I notice that there's some custom systemd startup scripts in here. I also see
there's been some discussion in the recent past on the list about systemd
startup issues and so on.
I don't know enough about what's going on DURING the pkg upgrade yet, but
thought I'd ask here to figure out where to poke 1st.
Is there a setting or procedure to prevent something like this in Shorewall? I
can't quite figure out what would be unique to the pkg upgrade procedure that's
not also done in a start/stop.
Cheers,
Hanlon
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Hello Hanlon,
I am new to Shorewall as I have been working with it for a few weeks
now. But this might answer your question or atleast give you some place
to look:
If you are connected to your firewall from the Internet, do not issue a
“*shorewall stop*” command unless you have either:
1.
Used ADMINISABSENTMINDED=Yes in |/etc/shorewall/shorewall.conf|; or
2.
added an entry for the IP address that you are connected from to
|/etc/shorewall/||routestopped|.
You might find good reading here:
http://shorewall.net/two-interface.htm
JD
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
