On 11/18/2014 1:12 AM, Philip Le Riche wrote: > I'm using Shorewall to protect a school network from a classroom network > of Raspberry Pis, which are operated headless from school network PCs using > VNC or PuTTy. > > All was working fine, starting up successfully on boot until I did the > following: > Installed isc-dhcp-server to serve dhcp to guest Pis > Installed Apache2 and a cgi script to report DHCP leases > Added 8 more fixed IP addresses to the school NIC and 8 more DNAT rules > (bringing it to 16) mapping them to classroom IP addresses > Installed OpenSSH for firewall maintenance > Added Shorewall ACCEPT rules with destination $FW for the above. > > Now Shorewall doesn't start on boot, and neither does sshd, but both > start successfully if you log in and type shorewall start and service > sshd start. (Apache and dhcp-server start up ok.) > > The problem seems to be that eth0 is still not up by the time the > Shorewall and sshd init scripts get run. In shorewall-init.log there are > messages "Can't determine the IP address of eth0"
You have configured Shorewall so that eth0 *must* be up before Shorewall can start. If that is really necessary (which I rather doubt), then: a) Specify 'required' on the eth0 entry in /etc/shorewall/interfaces b) Additionally, specify 'wait=N' where N is the number of seconds that you are willing to wait for eth0 to come up. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
