* On 2012 21 Aug 18:46 -0500, [email protected] wrote: > From: Nate Bargmann <[email protected]> > Date: Tue, 21 Aug 2012 16:22:15 -0500 > > Each machine is defined for its own fw zone. I do not have a DMZ. The > > machines do sit behind a OpenWRT router with its firewall enabled. > > Once everything is working, does "shorewall restart" give > the delay?
No, it does not. I see in the /var/log/shorewall-init.log file that on each machine a 1 minute delay occurs: Aug 19 18:07:03 Creating iptables-restore input... Aug 19 18:07:03 Shorewall configuration compiled to /var/lib/shorewall/.start Aug 19 18:08:03 Starting Shorewall.... Aug 19 18:08:03 Initializing... Aug 19 18:08:03 Processing /etc/shorewall/init ... Aug 19 18:08:03 Processing /etc/shorewall/tcclear ... But running manually there is no such delay: Aug 21 17:29:07 Creating iptables-restore input... Aug 21 17:29:07 Shorewall configuration compiled to /var/lib/shorewall/.start Aug 21 17:29:07 Starting Shorewall.... Aug 21 17:29:07 Initializing... Aug 21 17:29:07 Processing /etc/shorewall/init ... Aug 21 17:29:07 Processing /etc/shorewall/tcclear ... > The router issues an address to each machine by DHCP? Yes, but I see this on the laptop no matter where I am, my network or not, as I recall. > One test is to temporarily connect the desktop machine directly > to the cable modem without the router. Another test is > to set a static address for the desktop machine. > > Try various configurations until a clue surfaces. Thanks for the ideas. I'll also try Bob's suggestion as well. - Nate >> -- "The optimist proclaims that we live in the best of all possible worlds. The pessimist fears this is true." Ham radio, Linux, bikes, and more: http://www.n0nb.us -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
