Hebbar, I'm copying the Shorewall Development list on my reply so other's may comment on your request.
Srinivasa Hebbar wrote: > I am using shorewall extensively for last 2 years and I like it. > I was using iptables commands directly before I come to know about shorewall. > But now, I forgot all the iptables commands!. > Amazingly good product. Thanks. > > I am requesting you to provide the following feature additions > to shorewall 3.4.4 The current stable release is 4.0 and that is the only series that I will consider adding any features to. Furthermore, I'm pretty much restricting new development to Shorewall-perl. > > 1) lib.providers/verify_provider() > Skip the route_rules entry if the specified PROVIDER is not in providers > file. > We can have a "optional" field in PROVIDER entry of route_rules. Why do you believe that it necessary? What is the point of having entries in route_rules that have no corresponding entry in the providers file. > > 2) I am running Ubuntu dapper with /etc read-only. lib.providers fails to > write > /etc/iproute2/rt_table. > Is it possible to add a variable in shorewall.conf to disable writing > rt_tables. > I want to manually write rt_tables. This doesn't halt the 'shorewall [re]start' command does it? Are you just concerned about the error messages that it generates? > > 3) shorewall/providers: > when "optional" field is set, is it possible to call a plugin so that > the plugin decides the interface is available or not? > > is_interface_usable should call a plugin. If the plugin returns non-zero > value > the interface should be consider not available. If the plugin returns 0, > the > is_interface_usable can continue with the existing checks to decide > whether interface is available or not. > > The plugin name can be configured in shorewall.conf > plugin requires atleast one command line parameter with interface name. > I would be interested to hear what you would do in your plugin -- it might be useful to extend is_interface_usable() rather than providing a plugin. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
