On 3/31/2015 3:08 PM, Lennart Sorensen wrote: > On Tue, Mar 31, 2015 at 03:01:14PM -0700, Tom Eastep wrote: >> On 3/31/2015 2:33 PM, Lennart Sorensen wrote: >>> It seems that specifying an alternate config directory works for >>> everything except shorewall.conf >>> >>> Given that some of the global settings in tehre might be things you >>> would want to try changes to, it seems very inconvinient to not be able >>> to try an alternate shorewall.conf file as part of a new config. >>> >>> At least I haven't found any commandline argument or environment variable >>> or anything else that I can use to convince shorewall that I really >>> really realy do NOT want it to look at /etc/shorewall/shorewall.conf >>> >>> Did I miss something? >>> >>> If this isn't supported, would you accept a patch to fix this >>> inconsistency? >>> >> >> You must be running an old Shorewall version -- that was corrected some >> time ago: >> >> root@gateway:/etc# cp -a shorewall shorewall.test >> root@gateway:/etc# shorewall -v restart shorewall.test >> Compiling... >> Processing /etc/shorewall.test/params ... >> Processing /etc/shorewall.test/shorewall.conf... <==================== >> Loading Modules... >> Running /etc/shorewall.test/compile... >> Compiling /etc/shorewall.test/zones... > > Hmm, I didn't think 4.5.5.3 was _that_ old. > > And of course all the documentation tells me that > /etc/shorewall/shorewall.conf absolutely under all circumstances must > exist even if using an alternate directory so it seemed consistent with > the behaviour I was seeing. > > Well if 4.6.7 has that behaviour changed, then it is probably time for > an upgrade. > > I was just playing with shorewall show config and having no luck > convincing it too look elsewhere. >
Note that /sbin/shorewall still reads /etc/shorewall/shorewall.conf *before* reading the shorewall.conf in the alternate config directory. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
