Hi All,
I am configuring the Bering uClibc3.0.1 firewall for the first time and can't figure out where I should add definitions for the static routes on my internal network. If I manually add the routes and then restart shorewall then the routed subnets are added to the local zone and everything works the way I want it to but of course the routes do not persist through a reboot. I tried putting the route add commands in the shorewall init script which adds the routes OK but shorewall does not add the extra subnets to the local zone on boot up unless I manually do a shorewall restart. Is there another configuration file that I should be putting the route definitions in so that they are established before shorewall starts? It looks like I could mess with the shorewall zone and hosts files to get around this problem but having the routes in place before shorewall starts would seem to be a better way to go. Is there any documentation for more complex Bering configurations? Thanks for any help. Dave Shorewall zones file fw firewall net ipv4 loc ipv4 dmz ipv4 Shorewall interfaces file net eth0 detect tcpflags,routefilter,norfc1918,nosmurfs loc eth1 detect tcpflags,detectnets,dhcp,nosmurfs dmz eth2 detect Shorewall init file ip route add 192.168.52.0/24 via 172.22.255.231 ip route add 192.168.54.0/24 via 172.22.255.231 ip route add 192.168.55.0/24 via 172.22.255.231 ip route add 192.168.56.0/24 via 172.22.255.231 ip route add 192.168.57.0/24 via 172.22.255.231 ip route add 192.168.58.0/24 via 172.22.255.231 Shorewall hosts file is empty ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
