> I don't see any particular harm in 'replace' now that we have duplicate > destination detection. > It is another line of defence. It ensures that duplicate routes will *never* me allowed to be created. If shorewall duplicate-route detection is not perfect and fails (let's face it, no software is ever perfect), then "ip route add" will stop this from happening, while "ip route replace" won't. That is why I personally favour the 'add' approach.
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
