Hi Shorewall-devel, In the documentation at: http://www.shorewall.net/configuration_file_basics.htm it explains how to include files inside a rules.d/ directory with the SHELL command. This is great, and including directories is a great feature, however if the shell command returns false, then shorewall doesn''t start (this is good) and stderr is also printed out (also good.) For including rules most users probably want: SHELL cat /etc/shorewall/rules.d/*.rules 2> /dev/null || true So I thought perhaps we could add that to the docs if you see fit. HTH, James ------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
On 3/31/11 11:55 AM, James wrote:> Hi Shorewall-devel, > > In the documentation at: > http://www.shorewall.net/configuration_file_basics.htm it explains how > to include files inside a rules.d/ directory with the SHELL command. > > This is great, and including directories is a great feature, however if > the shell command returns false, then shorewall doesn''t start (this is > good) and stderr is also printed out (also good.) For including rules > most users probably want: > > SHELL cat /etc/shorewall/rules.d/*.rules 2> /dev/null || true > > So I thought perhaps we could add that to the docs if you see fit.Hi James, What exactly can go wrong with "cat /etc/shorewall/rules.d/*.rules" ? Only thing that I can see is if one of the directories doesn''t exist or there are no ''*.rules'' files. Seems to me that if either of those are the case then the user has just shot himself in the foot and ''start'' *should* fail. Am I missing something? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
On Thu, 2011-03-31 at 20:23 -0700, Tom Eastep wrote:> On 3/31/11 11:55 AM, James wrote: > > Hi Shorewall-devel, > > > > In the documentation at: > > http://www.shorewall.net/configuration_file_basics.htm it explains how > > to include files inside a rules.d/ directory with the SHELL command. > > > > This is great, and including directories is a great feature, however if > > the shell command returns false, then shorewall doesn''t start (this is > > good) and stderr is also printed out (also good.) For including rules > > most users probably want: > > > > SHELL cat /etc/shorewall/rules.d/*.rules 2> /dev/null || true > > > > So I thought perhaps we could add that to the docs if you see fit. > > Hi James, > > What exactly can go wrong with "cat /etc/shorewall/rules.d/*.rules" ? > > Only thing that I can see is if one of the directories doesn''t exist or > there are no ''*.rules'' files. Seems to me that if either of those are > the case then the user has just shot himself in the foot and ''start'' > *should* fail. > > Am I missing something?Hey there.. Nope, not missing a thing. I just guess my use case is different. It is: as new VM''s are created, new rules are added in there. Sometimes the directory is empty, and I didn''t want shorewall to not start, and I didn''t want to see the output of a cat error. I thought this behaviour was similar to other include.d style functions, and I didn''t have anything more brilliant to contribute at the moment. James> > -Tom > ------------------------------------------------------------------------------ > Create and publish websites with WebMatrix > Use the most popular FREE web apps or write code yourself; > WebMatrix provides all the features you need to develop and > publish your website. http://p.sf.net/sfu/ms-webmatrix-sf > _______________________________________________ > Shorewall-devel mailing list > Shorewall-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-devel------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
On 3/31/11 8:47 PM, James Shubin wrote:> On Thu, 2011-03-31 at 20:23 -0700, Tom Eastep wrote: >> Am I missing something? > > Hey there.. Nope, not missing a thing. I just guess my use case is > different. It is: as new VM''s are created, new rules are added in there. > Sometimes the directory is empty, and I didn''t want shorewall to not > start, and I didn''t want to see the output of a cat error. > > I thought this behaviour was similar to other include.d style functions, > and I didn''t have anything more brilliant to contribute at the moment.http://shorewall.git.sourceforge.net/git/gitweb.cgi?p=shorewall/shorewall;a=commitdiff;h=118851dcf905d078de32f82aabf4eedbe25650d5 Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
On Thu, 2011-03-31 at 21:07 -0700, Tom Eastep wrote:> On 3/31/11 8:47 PM, James Shubin wrote: > > On Thu, 2011-03-31 at 20:23 -0700, Tom Eastep wrote: > >> Am I missing something? > > > > Hey there.. Nope, not missing a thing. I just guess my use case is > > different. It is: as new VM''s are created, new rules are added in there. > > Sometimes the directory is empty, and I didn''t want shorewall to not > > start, and I didn''t want to see the output of a cat error. > > > > I thought this behaviour was similar to other include.d style functions, > > and I didn''t have anything more brilliant to contribute at the moment. > > http://shorewall.git.sourceforge.net/git/gitweb.cgi?p=shorewall/shorewall;a=commitdiff;h=118851dcf905d078de32f82aabf4eedbe25650d5Well put ;) I guess I''m that sort, James> > Thanks, > -Tom > ------------------------------------------------------------------------------ > Create and publish websites with WebMatrix > Use the most popular FREE web apps or write code yourself; > WebMatrix provides all the features you need to develop and > publish your website. http://p.sf.net/sfu/ms-webmatrix-sf > _______________________________________________ > Shorewall-devel mailing list > Shorewall-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-devel------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf