On 22/01/2015 17:43, Tom Eastep wrote:
> On 1/21/2015 9:04 AM, Ed W wrote:
>
>> Hi, forgive please that I'm only looking at my older 4.5 version,
>> possibly 4.6 is changed. However, can you please check your patch as I
>> need to also add the mutex to "start"? It's not enough to add the mutex
>> ONLY to "enable"? My test patch looks as yours, only I also wrap the
>> "start" path
> Do you ever run the generated script directly specifying the 'start'
> command? Because the CLI programs (shorewall, shorewall6, shorewall-lite
> and shorewall6-lite) all take mutex prior to invoking the 'start' command.
>
OK, so this was not working for me. I traced the problem:
- I have the lockfile location customised in /etc/shorewall.conf (so it
goes into a tmpfs)
LOCKFILE=/var/lock/shorewall.lock
- This is presumably parsed when called via /sbin/shorewall utils
- Directly calling /var/lib/shorewall/firewall script doesn't set
LOCKFILE in initialise(), so it defaults instead to ${VARDIR}/lock
So calling the script different ways uses different lock files
Can I recommend that we also pass LOCKFILE into the generated firewall
script (seems to be via function Compiler.pm / generate_script_2() )
I can provide the patch if required?
Thanks Tom
Ed W
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
