Hi, Which "services" are required to start before shorewall at boot time? Can/should shorewall start before the NICs are brought up? The init script examples in the shorewall package vary: init.sh: $local_fs $remote_fs $syslog init.debian.sh: $network Thanks for your help, Vieri ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
Vieri Di Paola wrote:> Hi, > > Which "services" are required to start before shorewall at boot time?It depends...> > Can/should shorewall start before the NICs are brought up?It can be, if you don''t use any Shorewall constructs that require networking to be started. In general, you cannot require the generated script to detect anything about your configuration. If Shorewall starts before named, you cannot use DNS names in your configuration. If your iptables binary isn''t on the root fileset, then you need the local filesystems mounted. ...> > The init script examples in the shorewall package vary: > > init.sh: $local_fs $remote_fs $syslog > > init.debian.sh: $network >That''s why each distribution''s Shorewall maintainer is responsible for modifying the samples to fit that particular distribution. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
--- On Sun, 11/22/09, Tom Eastep <teastep@shorewall.net> wrote:> > Can/should shorewall start before the NICs are brought > up? > > It can be, if you don''t use any Shorewall constructs that > require > networking to be started.> If Shorewall starts before named, you cannot use DNS names > in your > configuration. >> That''s why each distribution''s Shorewall maintainer is > responsible for > modifying the samples to fit that particular distribution.Thanks. Well, in the above two examples, I understand that shorewall should start at a user-defined point in init. The maintainer of a distribution should choose "safe" settings, ie. boot shorewall after "anything that shorewall **could** require" has started. If the user wants to start shorewall before the NICs are up then it''s up to him/her. Thanks again, Vieri ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what''s new with Crystal Reports now. http://p.sf.net/sfu/bobj-july