I am probably looking straight through somewhere where the documentation says this and I think the answer is "yes" ... but I thought I should check: do I have to restart shorewall to generate new iptables if I add an address to the blacklist? TIA, Chris -- Chris Evans <chris@psyctc.org> Consultant Psychiatrist in Psychotherapy, Rampton Hospital; Associate R&D Director, Tavistock & Portman NHS Trust; Hon. SL Institute of Psychiatry *** My views are my own and not representative of those institutions ***
> -----Original Message----- > From: Chris Evans [mailto:chris@psyctc.org] > Sent: Wednesday, October 02, 2002 2:25 AM > To: shorewall-users@shorewall.net > Subject: [Shorewall-users] restart after changing blacklist > > > I am probably looking straight through somewhere where the > documentation says this and I think the answer is "yes" ... but I > thought I should check: > > do I have to restart shorewall to generate new iptables if I add an > address to the blacklist? >The correct procedure is to issue a "shorewall refresh" after adding an ip address to the blacklist file. You can also add blacklist entries dynamically. See: http://www.shorewall.net/blacklisting_support.htm http://www.shorewall.net/starting_and_stopping_shorewall.htm Steve Cowles
Chris Evans wrote:> I am probably looking straight through somewhere where the > documentation says this and I think the answer is "yes" ... but I > thought I should check: > > do I have to restart shorewall to generate new iptables if I add an > address to the blacklist? >From the Shorewall home page: Documentation->Blacklisting->Static Blacklisting->last bullet -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net