Hi! I am looking for suggestions how I can add rules (or change the configuration otherwise) without interrupting of services. Right now, when I need to do a ''shorewall restart'' all services are not available during this time. I tried playing with the ''routestopped'' parameter but without success. How do you get around this? Thanks in advance, Christian P.S. We are using 1.4.8 My routestopped looks like this: eth3 - and the ''interfaces'' - eth3 192.168.10.31,192.168.10.127,192.168.10.159.192.168.10.223
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Christian Lox wrote: | I am looking for suggestions how I can add rules (or change the | configuration otherwise) without interrupting of services. | Right now, when I need to do a ''shorewall restart'' all services are not | available during this time. | I tried playing with the ''routestopped'' parameter but without success. | How do you get around this? You don''t, unless you modify your running configuration "By hand" using iptables directly. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBMzE7O/MAbZfjDLIRAiIrAKCmTigPgjh4oZt33RlqEtQLNpKXnwCcCjCR 3UAlL/IP/cuzzLsVnIunOcY=2MgG -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tom Eastep wrote: | Christian Lox wrote: | | | I am looking for suggestions how I can add rules (or change the | | configuration otherwise) without interrupting of services. | | Right now, when I need to do a ''shorewall restart'' all services are not | | available during this time. | | I tried playing with the ''routestopped'' parameter but without success. | | How do you get around this? | | You don''t, unless you modify your running configuration "By hand" using | iptables directly. | Note however that use of a light-weight shell such as ''ash'' can speed up ''shorewall restart'' considerably. Also note that the ''routestopped'' file is not consulted during ''shorewall restart'' processing. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBMzo8O/MAbZfjDLIRAuv3AJ92AorIq2vG5aa8v+eVYUTMSPK1KACeOoZq UItTBEyAZPpRc+nwTRYvToE=K+ZJ -----END PGP SIGNATURE-----