On 05/05/2013 10:17 AM, Dash Four wrote:
> I've decided to make a clean break as the AUTOMAKE thread was getting a
> bit off-topic. These are my findings so far:
>
> 1. During boot, when the OS is bringing my loopback interface up I am
> getting the following messages:
>
> Bringing up loopback interface: SIOCADDRT: Network is unreachable
> SIOCADDRT: Network is unreachable
>
> This started happening since my shorewall-init installation. Looking at
> the logs, there isn't anything there, which points to something being
> wrong. I do have 3 separate lo:{1,2,3} "devices" though - don't know if
> that is causing the ifupdown to moan. The relevant messages I am getting
> are:
>
> 2013-05-05 17:05:45+01:00 /usr/sbin/ifup-local: Executing
> /var/lib//shorewall/firewall -V0 up lo
> Shorewall up triggered by lo
> Shorewall attempting start
> ERROR: Can't determine the IP address of eth0: Firewall state not changed
> /var/lib//shorewall/firewall: line 1079: kill: (748) - No such process
> ERROR: Required interface eth0 not available: Firewall state not changed
> /var/lib//shorewall/firewall: line 1079: kill: (748) - No such processWhy don't you simply specify 'ignore' on the lo devices? That is what 'ignore' was invented for. > > 2. during system-triggered 'up' event, I get this: > cp: `/var/lib/shorewall/firewall' and `/var/lib/shorewall/firewall' are > the same file > The attached pair of patches should correct that problem. > 3. /etc/shorewall changes not detected by shorewall when running > together with shorewall-init. That's intentional. If you want Shorewall-init to use updated files, then you must issue a 'shorewall compile' command. Imagine the chaos if you were in the middle of updating your config and suddenly Shorewall-init compiled whatever the current state of the config was and tried to run it. > > 4. shorewall-init sysv script errors and additions - see patch attached. > I've also added a few things which I found useful. I'll take a look - Thanks. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common
index e04d6bb..c3aa333 100644
--- a/Shorewall-core/lib.common
+++ b/Shorewall-core/lib.common
@@ -272,8 +272,11 @@ shorewall6_is_started() {
# Echos the fully-qualified name of the calling shell program
#
my_pathname() {
+ local pwd
+ pwd=$PWD
cd $(dirname $0)
echo $PWD/$(basename $0)
+ cd $pwd
}
#
diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index 7446147..112bfd9 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -534,7 +534,8 @@ EOF
run_start_exit
do_iptables -N shorewall
set_state Started $config_dir
- [ \$0 = \${VARDIR}/firewall ] || cp -f \$(my_pathname) \${VARDIR}/firewall
+ my_pathname=\$(my_pathname)
+ [ \$my_pathname = \${VARDIR}/firewall ] || cp -f \$my_pathname \${VARDIR}/firewall
run_started_exit
fi
EOF
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
