On 03/23/2013 05:54 PM, Mr Dash Four wrote:
>>> What does ${VARDIR}/firewall <up|down> <iface> do exactly? I am
>>> particularly interested to know whether any of the rules or
>>> traffic-shaping rules are (re-)defined or reset?
>>>
>>
>> It depends; see the tables in http://www.shorewall.net/Shorewall-init.html.
>>
> That doesn't really tell me much. If my interface goes down, then the
> routes disappear and I also assume the traffic shaping policies
> associated with that interface do the same. I am not 100% certain about
> the rules though. So, when shorewall-init executes filrewall up <iface>
> is this redefined to the state it was before the firewall started?
As shown in the table, an 'enable' operation is performed on the interface.
From shorewall(8):
enable
... The command sets /proc entries for the interface, adds any
route specified in shorewall-routes(5) and installs the
interface's traffic shaping configuration, if any.
For each provider, the compiler generates a 'start' function. That
function is called during 'shorewall start' and during 'shorewall enable'.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
