Hello, Is there any mechanism provided by Shorewall that would handle MASQ interfaces that are not up when Shorewall starts ? The documentation mentions - if I remember correctly - that the use of interfaces for such purpose is obsolete(d). But there are some situations in which an interface must be specified, such as using dynamic ppp links and dhcp configured links. It could be that Shorewall by itself provides no handling of such since it is not a daemon, but I''m asking before writing a daemon that would restart Shorewall when the specified interface comes up (using netlink), and would start Shorewall w/o that interface in configuration and wait for it to be up. Thanks for any suggestions/comments ! ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
On 02/14/2013 10:02 AM, Fred Maillou wrote:> Hello, > > Is there any mechanism provided by Shorewall that would handle > MASQ interfaces that are not up when Shorewall starts ? The > documentation mentions - if I remember correctly - that the use > of interfaces for such purpose is obsolete(d). But there are > some situations in which an interface must be specified, such as > using dynamic ppp links and dhcp configured links. > > It could be that Shorewall by itself provides no handling of > such since it is not a daemon, but I''m asking before writing a > daemon that would restart Shorewall when the specified interface > comes up (using netlink), and would start Shorewall w/o that > interface in configuration and wait for it to be up. > > Thanks for any suggestions/comments ! >Check out Shorewall-init with ''optional'' specified on the dynamic interface(s). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
> Check out Shorewall-init with ''optional'' specified on the > dynamic interface(s).Thanks, I''ll look it up. Sorry for the ''no subject'' subject ! ________________________________ De : Tom Eastep <teastep@shorewall.net> À : shorewall-users@lists.sourceforge.net Envoyé le : jeudi 14 février 2013 13h10 Objet : Re: [Shorewall-users] (no subject) On 02/14/2013 10:02 AM, Fred Maillou wrote:> Hello, > > Is there any mechanism provided by Shorewall that would handle > MASQ interfaces that are not up when Shorewall starts ? The > documentation mentions - if I remember correctly - that the use > of interfaces for such purpose is obsolete(d). But there are > some situations in which an interface must be specified, such as > using dynamic ppp links and dhcp configured links. > > It could be that Shorewall by itself provides no handling of > such since it is not a daemon, but I''m asking before writing a > daemon that would restart Shorewall when the specified interface > comes up (using netlink), and would start Shorewall w/o that > interface in configuration and wait for it to be up. > > Thanks for any suggestions/comments ! >Check out Shorewall-init with ''optional'' specified on the dynamic interface(s). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb