>> Another suggestion: for all table IDs shorewall uses provider numbers.
>> Can you change that to provider names instead?
>>
>
> That would break if KEEP_RT_TABLES=Yes were set.
>
Could you adopt a more flexible approach then and use names when
KEEP_RT_TABLES=No and define numbers when that option is Yes?
>> What does ${VARDIR}/firewall <up|down> <iface> do exactly? I am
>> particularly interested to know whether any of the rules or
>> traffic-shaping rules are (re-)defined or reset?
>>
>
> It depends; see the tables in http://www.shorewall.net/Shorewall-init.html.
>
That doesn't really tell me much. If my interface goes down, then the
routes disappear and I also assume the traffic shaping policies
associated with that interface do the same. I am not 100% certain about
the rules though. So, when shorewall-init executes filrewall up <iface>
is this redefined to the state it was before the firewall started?
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
