Hi Tom, Yes, its executable and this is the script content:
start_lsm() {
#
# Kill any existing lsm process(es)
#
killall lsm 2> /dev/null
#
# Create the Shorewall-specific part of the LSM configuration. This file
is
# included by /etc/lsm/lsm.conf
#
# Avvanta has a static gateway while Comcast's is dynamic
#
cat <<EOF > /etc/lsm/shorewall.conf
connection {
name=ANTEL
checkip=201.217.149.169
device=$ANTEL
ttl=2
}
connection {
name=NETGATE
checkip=200.40.139.49
device=eth2
ttl=2
}
EOF
#
# Since LSM assumes that interfaces start in the 'up' state, remove any
# existing status files that might have an interface in the down state
#
rm -f /var/lib/shorewall/*.status
#
# Run LSM -- by default, it forks into the background
#
/usr/sbin/lsm -c /etc/lsm/lsm.conf >> /var/log/lsm
}
[root@fw2 shorewall]# cat scfilter ^C
[root@fw2 shorewall]# cat /etc/lsm/script
#!/bin/sh
#
# (C) 2009 Mika Ilmaranta <[email protected]>
# (C) 2009 Tom Eastep <[email protected]>
#
# License: GPLv2
#
STATE=${1}
NAME=${2}
CHECKIP=${3}
DEVICE=${4}
WARN_EMAIL=${5}
REPLIED=${6}
WAITING=${7}
TIMEOUT=${8}
REPLY_LATE=${9}
CONS_RCVD=${10}
CONS_WAIT=${11}
CONS_MISS=${12}
AVG_RTT=${13}
if [ -f /usr/share/shorewall-lite/lib.base ]; then
VARDIR=/var/lib/shorewall-lite
STATEDIR=/etc/shorewall-lite
TOOL=/sbin/shorewall-lite
else
VARDIR=/var/lib/shorewall
STATEDIR=/etc/shorewall
TOOL=/usr/sbin/shorewall
fi
[ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir
cat <<EOM | mail -s "${NAME} ${STATE}, DEV ${DEVICE}" ${WARN_EMAIL}
Hi,
Connection ${NAME} is now ${STATE}.
Following parameters were passed:
newstate = ${STATE}
name = ${NAME}
checkip = ${CHECKIP}
device = ${DEVICE}
warn_email = ${WARN_EMAIL}
Packet counters:
replied = ${REPLIED} packets replied
waiting = ${WAITING} packets waiting for reply
timeout = ${TIMEOUT} packets that have timed out (= packet loss)
reply_late = ${REPLY_LATE} packets that received a reply after timeout
cons_rcvd = ${CONS_RCVD} consecutively received replies in sequence
cons_wait = ${CONS_WAIT} consecutive packets waiting for reply
cons_miss = ${CONS_MISS} consecutive packets that have timed out
avg_rtt = ${AVG_RTT} average rtt, notice that waiting and timed out
packets have rtt = 0 when calculating this
Your LSM Daemon
EOM
# Uncomment the next two lines if you are running Shorewall 4.4.x or earlier
# [ ${STATE} = up ] && state=0 || state=1
# echo $state > ${VARDIR}/${DEVICE}.status
$TOOL restart -f >> /var/log/lsm 2>&1
$TOOL show routing >> /var/log/lsm
exit 0
#EOF
On Fri, Mar 27, 2015 at 6:30 PM, Tom Eastep <[email protected]> wrote:
> On 3/27/2015 2:11 PM, Tom Eastep wrote:
> > On 3/27/2015 1:12 PM, Nico Pagliaro wrote:
> >> Well now is working. If I disconnect a cable LSM reports down in the
> status.
> >> But, in shorewall /var/lib/shorewall/eth2.status always is 0
> >> is this correct?
> >>
> >
> > No. What does your lsm script look like?
> >
>
> And is it executable?
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
