After a fresh install, I noticed that shorewall 2.4.0 wasn''t starting automatically under FC4. The startup script installs properly from the rpm: /etc/rc.d/init.d/shorewall ... but the post install "/sbin/chkconfig --add shorewall" produces this in the runlevel symlink directories: /etc/rc.d/rc5.d/S-1shorewall /etc/rc.d/rc0.d/K-1shorewall /etc/rc.d/rc6.d/K-1shorewall /etc/rc.d/rc1.d/K-1shorewall /etc/rc.d/rc2.d/S-1shorewall /etc/rc.d/rc4.d/K-1shorewall /etc/rc.d/rc3.d/S-1shorewall As a result of the dash, shorewall doesn''t show up in a chkconfig --list Doing a manual "mv S-1shorewall S25shorewall" corrects the problem. I''d like to fix this so Shorewall will come up automatically after a fresh build. Has anyone else seen this behavior from chkconfig with FC4? -Tom
> After a fresh install, I noticed that shorewall 2.4.0 wasn''t starting > automatically under FC4. The startup script installs properly from the > rpm:When you go to the download page at http://www.shorewall.net/, you0ll find a link to my rpms tailored for RedHat/Fedora, at http://www.invoca.ch/pub/packages/shorewall/ At least they work out of the box on FC-4. Simon> > /etc/rc.d/init.d/shorewall > > ... but the post install "/sbin/chkconfig --add shorewall" produces > this in the runlevel symlink directories: > > /etc/rc.d/rc5.d/S-1shorewall > /etc/rc.d/rc0.d/K-1shorewall > /etc/rc.d/rc6.d/K-1shorewall > /etc/rc.d/rc1.d/K-1shorewall > /etc/rc.d/rc2.d/S-1shorewall > /etc/rc.d/rc4.d/K-1shorewall > /etc/rc.d/rc3.d/S-1shorewall > > As a result of the dash, shorewall doesn''t show up in a chkconfig --list > > Doing a manual "mv S-1shorewall S25shorewall" corrects the problem. > > I''d like to fix this so Shorewall will come up automatically after a > fresh build. Has anyone else seen this behavior from chkconfig with > FC4? > > -Tom > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm > >
On 7/4/05, Simon Matter <simon.matter@ch.sauter-bc.com> wrote:> > After a fresh install, I noticed that shorewall 2.4.0 wasn''t starting > > automatically under FC4. The startup script installs properly from the > > rpm: > > When you go to the download page at http://www.shorewall.net/, you0ll find > a link to my rpms tailored for RedHat/Fedora, at > http://www.invoca.ch/pub/packages/shorewall/ > At least they work out of the box on FC-4.Your package worked perfectly with FC4... I will use them from now on. Many thanks! -Tom
Simon Matter wrote:>>After a fresh install, I noticed that shorewall 2.4.0 wasn''t starting >>automatically under FC4. The startup script installs properly from the >>rpm: > > > When you go to the download page at http://www.shorewall.net/, you0ll find > a link to my rpms tailored for RedHat/Fedora, at > http://www.invoca.ch/pub/packages/shorewall/ > At least they work out of the box on FC-4.Simon, what''s the difference between your RPMS and the ones Tom has built? -- Paul Gear, Manager IT Operations, Redlands College 38 Anson Road, Wellington Point 4160, Australia (Please send attachments in portable formats such as PDF, HTML, or OpenOffice.) -- The information contained in this message is copyright by Redlands College. Any use for direct sales or marketing purposes is expressly forbidden. This message does not represent the views of Redlands College.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tom Lisjac wrote:> After a fresh install, I noticed that shorewall 2.4.0 wasn''t starting > automatically under FC4. The startup script installs properly from the > rpm: > > /etc/rc.d/init.d/shorewall > > ... but the post install "/sbin/chkconfig --add shorewall" produces > this in the runlevel symlink directories: > > /etc/rc.d/rc5.d/S-1shorewall > /etc/rc.d/rc0.d/K-1shorewall > /etc/rc.d/rc6.d/K-1shorewall > /etc/rc.d/rc1.d/K-1shorewall > /etc/rc.d/rc2.d/S-1shorewall > /etc/rc.d/rc4.d/K-1shorewall > /etc/rc.d/rc3.d/S-1shorewallYou are hitting bug in shorwall default initscript. Because of that bug chkconfig doesn''t figure out current runlevels and guesses ''-1'' as runlevel. And because chkconfig can''t handle -1 as runlevel, it can''t show that shorewall links are actually installed.> Doing a manual "mv S-1shorewall S25shorewall" corrects the problem.Right.> I''d like to fix this so Shorewall will come up automatically after a > fresh build. Has anyone else seen this behavior from chkconfig with > FC4?Same problem happens with RHEL-3 chkconfig, I don''t know about other versions. Shorewall initscript has other non-LSB modifications too. Like /etc/init.d/shorewall status should return "Shorewall is stopped" or "Shorewall is running" but not full firewall status. But to first problem with chkconfig. I''ll attach patch to fix problems with chkconfig. Bug is really that there is one ''#'' mark too much in BEGIN INIT INFO line which confuses chkconfig totally. And other problem (with older versions of chkconfig) is that chkconfig info need to be before INIT INFO. - -- Tuomo Soini <tis@foobar.fi> Linux and network services +358 40 5240030 Foobar Oy <http://foobar.fi/> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFCyiWBTlrZKzwul1ERAsmBAKCIGwkYAqXs5OhXCic1qE1PPZ20XQCfZLr2 c8nf9rGdRPvjSodZrAE/9zo=NBMb -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Gear wrote:> Simon Matter wrote:> Simon, what''s the difference between your RPMS and the ones Tom has built?They have different init-script. Exactly same solution I use for my own packages. - -- Tuomo Soini <tis@foobar.fi> Linux and network services +358 40 5240030 Foobar Oy <http://foobar.fi/> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFCyi7ZTlrZKzwul1ERAvg/AJ441oNh6r6lrU9BZcMlqcIy2/1FiwCfYHEt Z6Jrl2c8gy3Sl19sPj+enuk=WFfm -----END PGP SIGNATURE-----