On 06/21/2017 08:15 AM, Tom Eastep wrote: > On 06/20/2017 11:21 PM, Norman Henderson wrote: >> Thank you for this Tom. The "persistent" option is a good help, although >> it has the side effect that on reload etc. Shorewall will try to >> re-enable the provider, which is not desirable if it is flaky e.g. can >> be enabled but won't pass traffic. > > That isn't intentional. I'll take a look. >
I'm not seeing that behavior: root@gateway:~# shorewall disable eth0 Provider IPv6Beta (1) stopped root@gateway:~# shorewall reload Reloading Shorewall.... Initializing... Setting up ARP filtering... Setting up Route Filtering... Setting up Martian Logging... Setting up Accept Source Routing... Setting up log backend Setting up Proxy ARP... Adding Providers... Null Routing the RFC 1918 subnets WARNING: Interface eth0 is not usable -- Provider IPv6Beta (1) not Started WARNING: No Default route added (all 'balance' providers are down) Preparing iptables-restore input... Running /sbin/iptables-restore ... IPv4 Forwarding Enabled Processing /etc/shorewall/started ... done. root@gateway:~# shorewall enable eth0 Provider IPv6Beta (1) Started root@gateway:~# -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
