> 1) Only the 'start' command initializes the switches; other commands > leave them as they are? > Yep, simply because switches, once initialised, are persistent regardless of the state of shorewall, so it would only make sense to initialise them: 1. within "init" inside 'if [ "$COMMAND" = start ]; then'; or 2. within "start" or "started" inside "if [ ! -f "/proc/net/nf_condition/switch_name" ]; then".
> 2) If the same switch is initialized to different values in different > rules, then an error message is to be generated? > Hmm, haven't thought of that - makes sense, not just for "rules", but for various other places where SWITCH column could be used (in the man page describing this functionality you could point out that the initial value could be set in "params", so that this sort of error could be avoided). ------------------------------------------------------------------------------ Keep yourself connected to Go Parallel: DESIGN Expert tips on starting your parallel project right. http://goparallel.sourceforge.net _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
