Tom Eastep <[email protected]> wrote: >> So clearly a transient error, but any ideas what could have caused >> it ? I know manglement will be asking for more than "sh*t happens" >> ! > > The details about the failure would have been written to STDERR prior > to logging those messages.
That'll be lost then, there's nothing in syslog or messages other than that. I can see logging from PPP saying the script is starting, and then finished, nothing in between so I guess it'll have gone in the bit bucket. >> Also, what does "shorewall enable ..." do ? >> > > It runs the part of 'start' that deals with that particular provider; > you can see the code in the function 'start_provider_<provider name>' > in the compiled script. That makes sense, I'll take a look - always like to know what's going on "under the hood". >> I assume it's running a subset of "shorewall [re]start" to build >> the routing tables - is it normal for a failure like this to result >> in a stopped state ? >> > > When an essential command like adding an iptables rule or adding a > route fail, the firewall is placed in the 'stopped' state. I could > take a look at changing that behavior in the case of 'enable'. Tricky one that. In the case of a failed enable, perhaps it might be safer to roll-back in much the same way as a safe-restart does ? Better to leave what was working still working, even if it means not having this provider working. But right now I'm inclined to just leave it. They're wanting me to take redundancy*, and I know that this will be on their priority list of things to rip out and replace as the guy effectively in charge has a "doesn't come from Redmond, I won't learn anything about it" approach to systems. * Makes sense of some of the business decisions lately. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
