Hi,
I'm in the process of building a custom liveCD that will be used as a
firewall/multi-ISP gateway (read-only media).
The idea is that the liveCD should boot any x86 system. This implies that the
motherboard and NICs may vary (hardware replacement because of system failure).
Linux displays ethernet interfaces with the eth* nomenclature and the shorewall
interfaces file also uses it. However, I've noticed that sometimes, when
hardware is changed, the ethernet interfaces don't show up in the same order.
For example, recently I had to change a 4-port D-link NIC with a newer but
identical card, on the same machine. On this machine I also have 3 3Com cards.
Before replacing the card, "ifconfig -a" displayed the cards in this order:
eth0,1,2,4,5,6,7 (a total of 7 interfaces). After the replacement, I had this
order: eth0,1,2,3,4,5,6.
I don't know how eth devices are assigned in Linux and how udev actually works.
On a writable operating system I can (and I have) simply modified the udev
"persistent net rules" which associate eth* devices to MAC addresses. That
allows me to leave my Shorewall interface configuration untouched.
However, how can I handle this on a read-only system? How can I be sure that
the "eth sequence" will always be in the "right order"? In other words, if my
read-only Shorewall configuration says that eth0 is my net1 zone, how can I be
sure that eth0 will always be the "first" port on my system (physically)?
I know that perl code can be executed within shorewall configuration files and
this may help.
However, I'd like to know if someone already handled this situation or if
anyone can give me a hint as to what I can do (or if I'm simply overdoing it).
Thanks,
Vieri
------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises
looking to deploy the next generation of Solaris that includes the latest
innovations from Sun and the OpenSource community. Download a copy and
enjoy capabilities such as Networking, Storage and Virtualization.
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
