Hi, Ludovic Courtès <l...@gnu.org> writes:
> Hi! > > Alexey Abramov <leven...@mmer.org> skribis: > > [...] > [...] > > I would do that by having ‘networking’ depend on ‘firewall’ (say). > > Does that make sense? > > It’d be interesting to see whether we need something beyond this. But what if I just want to stop a firewall? Won't that trigger network to restart in that case? >> Applications have to be able to gracefully shutdown their network >> connections. Is it the case right now, I don't know? > > What do you mean? If you run a simple VM with openssh, login there via ssh client and run 'herd power-off root' from the QEMU serial console, the VM will be shutdown, but your ssh connection won't know anything about it and the socket will be left in a ESTABLISHED state! By typing there system will keep trying to send data over there wire (Send-Q). --8<---------------cut here---------------start------------->8--- root@delta ~# ss -ta -A all '( dport = :ssh )' dst 192.168.10.100/24 Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process tcp ESTAB 0 288 192.168.10.1:48106 192.168.10.100:ssh --8<---------------cut here---------------end--------------->8--- There is no such a problem with shutdown command by the way. >> I am checking (shepherd services) where `shutdown-services' defined, and >> seems like it just walks across %services hash table. Am I missing >> something? > > Correct, there’s nothing fancy going on there. > > Thanks, > Ludo’. -- Alexey