Hi all, I''m trying to use ip route/ip rule commands in my started extension script. As expected, those commands are not saved and, after a boot, I have to manually issue a ''shorewall restart'' to get all my rules and routes running. My first attempt was to prefix the ip route/rule commands in my started script with ''run_and_save_command ip route/rule etc''. Although shorewall creates a shorewall.SMTHNK file in /var/lib/shorewall with the commands I want it to run in a restore, this file is never run and my ip route/rules commands are not executed upon restore. Is there any better method in shorewall to do this? I didn''t want to mess with sysconfig or network-scripts, just shorewall. any help will be great! cheers, -- Eduardo Ferreira Icatu Holding S.A.
Eduardo Ferreira wrote:> > Hi all, > > I''m trying to use ip route/ip rule commands in my started extension > script. As expected, those commands are not saved and, after a boot, I > have to manually issue a ''shorewall restart'' to get all my rules and > routes running. > > My first attempt was to prefix the ip route/rule commands in my started > script with ''run_and_save_command ip route/rule etc''. Although > shorewall creates a shorewall.SMTHNK file in /var/lib/shorewall with the > commands I want it to run in a restore, this file is never run and my ip > route/rules commands are not executed upon restore. > > Is there any better method in shorewall to do this? I didn''t want to > mess with sysconfig or network-scripts, just shorewall. > > any help will be great! >You''ll have to pick up the current CVS code in the SHOREWALL_2_4 branch in order to make this work correctly -- OR put your "run_and_save_command ..." in /etc/shorewall/start. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote on 15/08/2005 18:22:30:> Eduardo Ferreira wrote: > > > > Hi all, > > > > You''ll have to pick up the current CVS code in the SHOREWALL_2_4 branchin> order to make this work correctly -- OR put your "run_and_save_command..."> in /etc/shorewall/start. >The second option worked fine - but this is a testing box, do you want me to validate your patch in the 2_4 branch? thanks a lot -- Eduardo Ferreira
Eduardo Ferreira wrote:>> > The second option worked fine - but this is a testing box, do you want > me to validate your patch in the 2_4 branch? >Tuomo Soini has already validated it, thanks. (He''s the one that originally reported the problem). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key