On 09/14/2018 04:17 PM, HL wrote: > Hi, > > I am facing a peculiar situation with a new 10G (HP) L3 switch + Cisco > catalyst , > > shorewall runs on a machine that has a few interfaces, > > in particular > > 2 bonded interfaces to to a cisco catalyst 1G > > and > > 2 bonded 10G interfaces to an hp 10G > > all bonds are 802.3ad mode > > When I boot the machine all bonded interfaces have a delay to respond > due to portfast being off but I prefer it for safety since the switches > change often configuration and links move from port to port. > > However even though after reboot it seems that the firewall is OK, zones > communication is not, and as such local zone is not able to ping dmz etc. > > I have to login into the fw and issue > > shorewall stop; shorewall clear; shorewall start; > > in order communications among the zones to function. > > Any ideas ? > > Would a stanza like "up /bin/sleep 30 ...." in the interfaces file solve > the issue ? >
Sounds like you need to set IP_FORWARDING=Yes in shorewall.conf. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
