PGNd
2014-Sep-03 04:00 UTC
implementing lsm, per 'MultiISP' example, "device=" spec not propagating from lib.private to lsm config include
I'm setting up intfc monitoring using lsm in a 2-intfc MultiISP config.
Following
http://shorewall.net/MultiISP.html#lsm
I've created
cat /lib.private
...
start_lsm() {
killall lsm 2> /dev/null
cat <<EOF > /usr/local/etc/lsm/shorewall.conf
connection {
name=Prov1
checkip=XX.XX.XX.XX
device=$EXTIF
ttl=2
}
connection {
name=Prov1
checkip=YY.YY.YY.YY
device=$VPNIF
ttl=2
}
EOF
rm -f /usr/local/etc/shorewall/*.status
/usr/local/sbin/lsm \
-c /usr/local/etc/lsm/lsm.conf \
-p /var/run/lsm/lsm.pid >> /var/log/lsm.log
}
...
/started
if [ "$COMMAND" = start -o -z "$(ps ax | grep 'lsm ' |
grep -v 'grep ' )" ]; then
start_lsm
fi
/restored
if [ -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )"
]; then
start_lsm
fi
After compile/push,
/usr/local/etc/lsm/shorewall.conf
is created & populated on the remote.
But, the
"device="
is empty,
cat /usr/local/etc/lsm/shorewall.conf
connection {
name=Prov1
checkip=XX.XX.XX.XX
device ttl=2
}
connection {
name=Prov1
checkip=YY.YY.YY.YY
device ttl=2
}
$EXTIF & $VPNIF are used throughout the fw, elsewhere. It's not clear
why 'device=' is not getting populated ... bad config?
Poring over the multiISP wiki page some more ...
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/