On Wed, Nov 12, 2008 at 08:37:06PM -0800, JC Janos wrote: > In the docs at http://www.shorewall.net/Shorewall-perl.html, > > "Your ipsets must be loaded before Shorewall starts. You are free to > try to do that with the following code in /etc/shorewall/start" > > implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts. > > In the default /etc/shorewall/start > > # /etc/shorewall/start > # > # Add commands below that you want to be executed after shorewall has > # been started or restarted. > > implies that code in /etc/shorewall/start is loaded AFTER Shorewall starts. > > Which is correct -- /etc/shorewall/start executes BEFORE or AFTER > shorewall starts? >
Have a look here: http://shorewall.net/shorewall_extension_scripts.htm start -- invoked after the firewall has been started or restarted. started -- invoked after the firewall has been marked as 'running'. Also, if you look at /etc/shorewall/started, it says this: # /etc/shorewall/started # # Add commands below that you want to be executed after shorewall has # been completely started or restarted. The difference between this # extension script and /etc/shorewall/start is that this one is invoked # after delayed loading of the blacklist (DELAYBLACKLISTLOAD=Yes) and # after the 'shorewall' chain has been created (thus signaling that the # firewall is completely up. # # This script should not change the firewall configuration directly but # may do so indirectly by running /sbin/shorewall with the 'nolock' # option. # # See http://shorewall.net/shorewall_extension_scripts.htm for additional # information. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
