On 9/29/10 4:52 PM, Mr Dash Four wrote:
>
>> Then is sounds like /etc/init.d/shorewall is generating '/sbin/shorewall
>> stop; /sbin/shorewall start' for the 'reload' command. So
>> /etc/shorewall/init will be invoked twice; once with $COMMAND=stop and
>> once with $COMMAND=start. That's the way it works and there is nothing
>> to 'fix'.
>>
> /etc/init.d/shorewall:
>
> restart() {
> # Note that we don't simply stop and start since shorewall has a built in
> # restart which stops the firewall if running and then starts it.
> echo -n $"Restarting Shorewall: "
> $shorewall $OPTIONS restart $config_file_dir 2>&1 | $logger
> retval=${PIPESTATUS[0]}
> if [[ $retval == 0 ]]; then
> touch $lockfile
> success
> else # Failed to start, clean up lock file if present
> rm -f $lockfile
> failure
> fi
> echo
> return $retval
> }
>
>
> ...
>
> restart|reload|force-reload)
> restart
> ;;
>
>
>> Note that to execute the sequence of ipset commands that you want to
>> execute, Shorewall must be in the stopped state. So the above sequence
>> is appropriate if you want to reload your ipsets.
>>
> Nope, you've lost me. I do NOT want the sequence in the init file to be
> executed when I am issuing 'reload' or 'restart' (in other words, 'stop'
> and then 'start' to be passed to my init file) as the ipsets are already
> loaded (and I have created new ones from the command line).I have no idea what's going on on your system. gateway:~# cat /etc/shorewall/init # # Shorewall version 4 - Init File # # /etc/shorewall/init # # Add commands below that you want to be executed at the beginning of # a "shorewall start" or "shorewall restart" command. # # For additional information, see # http://shorewall.net/shorewall_extension_scripts.htm # ############################################################################### echo "Here is init with \$COMMAND=$COMMAND" gateway:~# shorewall -qq restart Here is init with $COMMAND=restart gateway:~# -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
