On 08/11/2017 10:31 AM, Vieri Di Paola via Shorewall-users wrote: > > ________________________________ > From: Tom Eastep <teas...@shorewall.net> >> >> So why don't you simply leave that route in place all of the time? Just > >> define it in your distribution's networking config. > > I'm used to using rtrules, routes, and providers with shorewall. I > share those files with other members of the IT staff, and sometimes we > need to change which provider provides a given subnet. Of course, all > the routing (tables and rules) could be done by the OS, but it is more > convenient for me to have it all within shorewall.
So long as the rtrules entries have a priority higher (numerically lower) than the main RT (1000), you would still have complete control in that way. >> The 'reload' command already supports the -n option. > > > If "reload -n" will NOT flush rules and tables previously created by > "start" or "restart" then I guess I could use that, and move out the > code I have in the files "stopped" and "started". > Yes -- the code in "stopped" and "started" isn't executed during 'reload' anyway. > >> 'reload' and 'start' are basically the same command. > > > ..."-n" meaning "leave the routing alone". > > In my case, I'd always use reload -n, except when making changes to > "rtrules", "routes", and "providers". > > Also, when shorewall "updates the routing tables/rules", it actually flushes > everything and creates anew, right? > > It doesn't really "update", or is it possible to do so? > It flushes and reloads, because it makes no assumptions about what the current configuration is. -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
