>________________________________ > From: Tom Eastep <teas...@shorewall.net> >To: shorewall-users@lists.sourceforge.net >Sent: Thursday, May 24, 2012 9:08 PM >Subject: Re: [Shorewall-users] Absent-minded admin + multi isp > >A couple of things: > >a) Before making a configuration change, execute 'shorewall save'. This > will save the currently running configuration which can then be > restored if a 'restart' fails. > >b) Use 'shorewall restart' rather than 'shorewall stop; shorewall > start'. 'shorewall stop' restores the default route(s) that were in > place before the last 'start' command. 'shorewall restart' replaces, > adds or deletes default routes based on the state of the links. And > if the 'restart' fails, the firewall will be restored to its prior > state. > >c) After you are satisfied that the change works correctly, do another > 'shorewall save'. >
Thanks Tom for the information. I should change my behaviour of restarting shorewall. >Note: As someone noted in another response to your post, the >'safe-restart' command combines 'save' and 'restart' in a single command. > >-Tom >-- ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
