Hi, I am trying to have LSM working but I cant.
I cant get my .status files change after I disconnect the UTP cable
Shorewall 4.6.7 / centos 6
I followed ths doc in http://shorewall.net/MultiISP.html#lsm but doesnt work
(I have change a line that I think is wrong in the doc:
/usr/sbin/lsm /etc/lsm/lsm.conf >> /var/log/lsm
for this
/usr/sbin/lsm *-c* /etc/lsm/lsm.conf >> /var/log/lsm
Well, here is my conf:
eth0=LAN
eth1=ISP1 (Static IP)
eth2=ISP2 (dynamic IP)
*/etc/shorewall/params*
ANTEL=eth1
ADSL=ppp0
*/etc/shorewall/isusable*
local status=0
#
# Read the status file (if any) created by /etc/lsm/script
#
[ -f ${VARDIR}/${1}.status ] && status=$(cat ${VARDIR}/${1}.status)
return $status
*/etc/shorewall/lib.private*
start_lsm() {
#
# Kill any existing lsm process(es)
#
killall lsm 2> /dev/null
#
# Create the Shorewall-specific part of the LSM configuration. This file
is
# included by /etc/lsm/lsm.conf
#
# Avvanta has a static gateway while Comcast's is dynamic
#
cat <<EOF > /etc/lsm/shorewall.conf
connection {
name=ANTEL
checkip=201.217.149.169
device=$ANTEL
ttl=2
}
EOF
#
# Since LSM assumes that interfaces start in the 'up' state, remove any
# existing status files that might have an interface in the down state
#
rm -f /var/lib/shorewall/*.status
#
# Run LSM -- by default, it forks into the background
#
/usr/sbin/lsm -c /etc/lsm/lsm.conf >> /var/log/lsm
}
*/etc/shorewall/started*
if [ "$COMMAND" = start -o -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )"
]; then
start_lsm
fi
*/etc/shorewall/restored*
if [ -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )" ]; then
start_lsm
fi
*/etc/lsm/lsm.conf*
debug=9
#
# Defaults for the connection entries
#
#
# Defaults for the connection entries
#
defaults {
name=defaults
checkip=127.0.0.1
eventscript=/etc/lsm/script
max_packet_loss=20
max_successive_pkts_lost=7
min_packet_loss=5
min_successive_pkts_rcvd=10
interval_ms=2000
timeout_ms=2000
[email protected]
check_arp=0
sourceip=
ttl=0
}
include /etc/lsm/shorewall.conf
*/etc/lsm/script*
STATE=${1}
NAME=${2}
CHECKIP=${3}
DEVICE=${4}
WARN_EMAIL=${5}
REPLIED=${6}
WAITING=${7}
TIMEOUT=${8}
REPLY_LATE=${9}
CONS_RCVD=${10}
CONS_WAIT=${11}
CONS_MISS=${12}
AVG_RTT=${13}
if [ -f /usr/share/shorewall-lite/lib.base ]; then
VARDIR=/var/lib/shorewall-lite
STATEDIR=/etc/shorewall-lite
TOOL=/sbin/shorewall-lite
else
VARDIR=/var/lib/shorewall
STATEDIR=/etc/shorewall
TOOL=/usr/sbin/shorewall
fi
[ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir
cat <<EOM | mail -s "${NAME} ${STATE}, DEV ${DEVICE}" ${WARN_EMAIL}
Hi,
Connection ${NAME} is now ${STATE}.
Following parameters were passed:
newstate = ${STATE}
name = ${NAME}
checkip = ${CHECKIP}
device = ${DEVICE}
warn_email = ${WARN_EMAIL}
Packet counters:
replied = ${REPLIED} packets replied
waiting = ${WAITING} packets waiting for reply
timeout = ${TIMEOUT} packets that have timed out (= packet loss)
reply_late = ${REPLY_LATE} packets that received a reply after timeout
cons_rcvd = ${CONS_RCVD} consecutively received replies in sequence
cons_wait = ${CONS_WAIT} consecutive packets waiting for reply
cons_miss = ${CONS_MISS} consecutive packets that have timed out
avg_rtt = ${AVG_RTT} average rtt, notice that waiting and timed out
packets have rtt = 0 when calculating this
Your LSM Daemon
EOM
# Uncomment the next two lines if you are running Shorewall 4.4.x or earlier
# [ ${STATE} = up ] && state=0 || state=1
# echo $state > ${VARDIR}/${DEVICE}.status
$TOOL restart -f >> /var/log/lsm 2>&1
$TOOL show routing >> /var/log/lsm
exit 0
#EOF
*/etc/shorewall/providers*
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS COPY
ANTEL 1 1 - eth1 201.217.149.169
track,loose,balance=100
ADSL 2 2 - ppp0 detect
track,loose,balance=1
*WHEN SHOREWAL STOPPED*
*ll /var/lib/shorewall/*
total 120
-rw-------. 1 root root 4 Mar 26 13:55 eth1_weight
-rwx------. 1 root root 87764 Mar 26 13:55 firewall
-rw-r--r--. 1 root root 88 Mar 25 11:48 lsm.conf
-rw-------. 1 root root 162 Mar 26 13:55 marks
-rw-------. 1 root root 226 Mar 26 13:55 policies
-rw-------. 1 root root 2 Mar 26 13:55 ppp0_weight
-rw-------. 1 root root 29 Mar 26 13:55 restarted
-rw-------. 1 root root 39 Mar 26 14:27 state
-rw-------. 1 root root 75 Mar 26 13:55 zones
*ps ax | grep lsm*
5122 pts/0 S+ 0:00 grep lsm
*service shorewall start*
ps ax | grep lsm
5499 ? Rs 0:03 /usr/sbin/lsm -c /etc/lsm/lsm.conf
5506 pts/0 S+ 0:00 grep lsm
ll /var/lib/shorewall/
-rw-------. 1 root root 38 Mar 26 14:31 default_route
-rw-------. 1 root root 2 Mar 26 14:31 eth1.status
-rw-------. 1 root root 4 Mar 26 14:31 eth1_weight
-rwx------. 1 root root 87764 Mar 26 14:31 firewall
-rw-r--r--. 1 root root 88 Mar 25 11:48 lsm.conf
-rw-------. 1 root root 162 Mar 26 14:31 marks
-rw-------. 1 root root 0 Mar 26 14:31 nat
-rw-------. 1 root root 226 Mar 26 14:31 policies
-rw-------. 1 root root 2 Mar 26 14:31 ppp0.status
-rw-------. 1 root root 2 Mar 26 14:31 ppp0_weight
-rw-------. 1 root root 0 Mar 26 14:31 proxyarp
-rw-------. 1 root root 29 Mar 26 14:31 restarted
-rw-------. 1 root root 60 Mar 26 14:31 state
-rw-------. 1 root root 271 Mar 26 14:31 undo_ADSL_routing
-rw-------. 1 root root 271 Mar 26 14:31 undo_ANTEL_routing
-rw-------. 1 root root 68 Mar 26 14:31 undo_balance_routing
-rw-------. 1 root root 0 Mar 26 14:31 undo_default_routing
-rw-------. 1 root root 134 Mar 26 14:31 undo_main_routing
-rw-------. 1 root root 75 Mar 26 14:31 zones
The ISP1 cable is disconnected but when I do
cat /var/lib/shorewall/eth1.status
0
Is this correct?
Thomas can you give me a hand on this?
Thanks ;)
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
