I well, my ISP just worked with me to switch in my new gateway. After the switch and bringing up the ppp interface, the new gateway was access the Internet just fine, but none of systems behind it were. Scratched my head, and after some fumbling, I discovered that it seems like I have to restart shorewall after ppp interface is brought up. So. How do I ensure that shorewall is restarted whenever the ppp interface is restarted (can happen for any number of reasons). What is the proper command. shorewall restart recompiles all the files and that seems more than is needed. ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08
> > How do I ensure that shorewall is restarted whenever the ppp interface > is restarted (can happen for any number of reasons).Add a file containing ''/sbin/shorewall restart'' to /etc/ppp/ip-up.d (or add ''/sbin/shorewall restart'' to /etc/ppp/ip-up.local if your version of ppp had that file).> > What is the proper command. shorewall restart recompiles all the files > and that seems more than is needed. >That''s one of the reasons that I run Shorewall Lite. ''/sbin/shorewall-lite restart'' just runs the existing compiled script. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Tom Eastep wrote:> That''s one of the reasons that I run Shorewall Lite. > ''/sbin/shorewall-lite restart'' just runs the existing compiled script.But the same approach is easily applied to Shorewall. From the upcoming 4.2.0 Beta3 release notes: 3) The ''shorewall restart'' command now supports an -f option. When this option is specified, no compilation occurs; rather, the script which last started or restarted Shorewall is used. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Reasonably Related Threads
- Re: Shorewall-users Digest, Vol 26, Issue 9
- IPSEC tunnel up, but no traffic coming through
- Using tcpdump to sniff telnet password
- [GERMAN - ENGLISH] Wine can not started the Game (Dragonica)
- [LLVMdev] LLVM pre-built libraries download? (OBJ_ROOT structure)