if I disconnect the NETGATE ISP the status in /var/log/messages works great
but not in eth2.status
Mar 30 11:42:33 fw2 lsm[8481]: name = NETGATE, replied = 91, waiting = 9,
timeout = 8, late reply = 0, cons rcvd = 0, cons wait = 8, cons miss = 8,
avg_rtt = 0.339, seq = 4571, status = down
On Mon, Mar 30, 2015 at 9:11 AM, Nico Pagliaro <[email protected]> wrote:
> Hi Tom, Yes, its executable and this is the script content:
>
> start_lsm() {
> #
> # Kill any existing lsm process(es)
> #
> killall lsm 2> /dev/null
> #
> # Create the Shorewall-specific part of the LSM configuration. This
> file is
> # included by /etc/lsm/lsm.conf
> #
> # Avvanta has a static gateway while Comcast's is dynamic
> #
> cat <<EOF > /etc/lsm/shorewall.conf
> connection {
> name=ANTEL
> checkip=201.217.149.169
> device=$ANTEL
> ttl=2
> }
>
> connection {
> name=NETGATE
> checkip=200.40.139.49
> device=eth2
> ttl=2
> }
>
>
> EOF
> #
> # Since LSM assumes that interfaces start in the 'up' state, remove any
> # existing status files that might have an interface in the down state
> #
> rm -f /var/lib/shorewall/*.status
> #
> # Run LSM -- by default, it forks into the background
> #
> /usr/sbin/lsm -c /etc/lsm/lsm.conf >> /var/log/lsm
>
> }
> [root@fw2 shorewall]# cat scfilter ^C
> [root@fw2 shorewall]# cat /etc/lsm/script
> #!/bin/sh
> #
> # (C) 2009 Mika Ilmaranta <[email protected]>
> # (C) 2009 Tom Eastep <[email protected]>
> #
> # License: GPLv2
> #
>
> STATE=${1}
> NAME=${2}
> CHECKIP=${3}
> DEVICE=${4}
> WARN_EMAIL=${5}
> REPLIED=${6}
> WAITING=${7}
> TIMEOUT=${8}
> REPLY_LATE=${9}
> CONS_RCVD=${10}
> CONS_WAIT=${11}
> CONS_MISS=${12}
> AVG_RTT=${13}
>
> if [ -f /usr/share/shorewall-lite/lib.base ]; then
> VARDIR=/var/lib/shorewall-lite
> STATEDIR=/etc/shorewall-lite
> TOOL=/sbin/shorewall-lite
> else
> VARDIR=/var/lib/shorewall
> STATEDIR=/etc/shorewall
> TOOL=/usr/sbin/shorewall
> fi
>
> [ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir
>
> cat <<EOM | mail -s "${NAME} ${STATE}, DEV ${DEVICE}" ${WARN_EMAIL}
>
> Hi,
>
> Connection ${NAME} is now ${STATE}.
>
> Following parameters were passed:
> newstate = ${STATE}
> name = ${NAME}
> checkip = ${CHECKIP}
> device = ${DEVICE}
> warn_email = ${WARN_EMAIL}
>
> Packet counters:
> replied = ${REPLIED} packets replied
> waiting = ${WAITING} packets waiting for reply
> timeout = ${TIMEOUT} packets that have timed out (= packet loss)
> reply_late = ${REPLY_LATE} packets that received a reply after timeout
> cons_rcvd = ${CONS_RCVD} consecutively received replies in sequence
> cons_wait = ${CONS_WAIT} consecutive packets waiting for reply
> cons_miss = ${CONS_MISS} consecutive packets that have timed out
> avg_rtt = ${AVG_RTT} average rtt, notice that waiting and timed out
> packets have rtt = 0 when calculating this
>
> Your LSM Daemon
>
> EOM
>
> # Uncomment the next two lines if you are running Shorewall 4.4.x or
> earlier
>
> # [ ${STATE} = up ] && state=0 || state=1
> # echo $state > ${VARDIR}/${DEVICE}.status
>
> $TOOL restart -f >> /var/log/lsm 2>&1
>
> $TOOL show routing >> /var/log/lsm
>
> exit 0
>
> #EOF
>
>
> On Fri, Mar 27, 2015 at 6:30 PM, Tom Eastep <[email protected]> wrote:
>
>> On 3/27/2015 2:11 PM, Tom Eastep wrote:
>> > On 3/27/2015 1:12 PM, Nico Pagliaro wrote:
>> >> Well now is working. If I disconnect a cable LSM reports down in the
>> status.
>> >> But, in shorewall /var/lib/shorewall/eth2.status always is 0
>> >> is this correct?
>> >>
>> >
>> > No. What does your lsm script look like?
>> >
>>
>> And is it executable?
>>
>> -Tom
>> --
>> Tom Eastep \ When I die, I want to go like my Grandfather who
>> Shoreline, \ died peacefully in his sleep. Not screaming like
>> Washington, USA \ all of the passengers in his car
>> http://shorewall.net \________________________________________________
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Dive into the World of Parallel Programming The Go Parallel Website,
>> sponsored
>> by Intel and developed in partnership with Slashdot Media, is your hub
>> for all
>> things parallel software development, from weekly thought leadership
>> blogs to
>> news, videos, case studies, tutorials and more. Take a look and join the
>> conversation now. http://goparallel.sourceforge.net/
>> _______________________________________________
>> Shorewall-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>
>>
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
