So, I have "SAVE_IPSETS=Yes" in /etc/shorewall.conf but my understanding is that that only saves the ipsets when shorewall is being shut down.
But that doesn't account for a router "reboot" (i.e. power outage, etc.)
and what changes were made to the ipset since the stop and the
unexpected router death. What would though would be periodically (even
after every ipset change if one was really paranoid) saving the ipsets
while shorewall is running.
Is there a manual "save ipsets" command in shorewall[-lite]? Something
along the lines of:
# shorewall[-lite] saveipsets
FWIW, I did notice
COMMAND="$1"
case "$COMMAND" in
...
savesets)
if [ $# -eq 2 ]; then
save_ipsets $2
else
usage 2
fi
;;
In the generated "firewall" script but could not work out how that could
get called. It seems like I ought need to specify where I want them
saved either. It should just save them in ${VARDIR}/ipsets.save like it
does in stop_firewall().
Cheers,
b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
