I've cleaned up my variable naming in my external QoS tc-script.
It's defined in 'lib.private', and in process creates a new mangle table chain,
'SHAPER_EGRESS'.
/lib.private
qos_control() {
...
function define_rules_up() {
...
/usr/sbin/iptables -t mangle -N SHAPER_EGRESS
...
}
...
case "$1" in
...
start)
define_rules_up
;;
esac
}
and invoked in
/tcstart
qos_control start
Ater `firewall start`, the firewall's up, with no apparent errors
But when I check with
shorewall show mangle
I do NOT see the SHAPER_EGRESS mangle chain.
If I modify the 'qos+control()' script with an 'exit',
/lib.private
qos_control() {
...
function define_rules_up() {
...
/usr/sbin/iptables -t mangle -N SHAPER_EGRESS
...
}
...
case "$1" in
...
start)
define_rules_up
++ exit
;;
esac
}
and then check
shorewall show mangle
I *do* see the SHAPER_EGRESS chain, and all the rules I've added to it.
But, the firewall itself isn't up
Shorewall Lite isn't started
'Something' between the exec of /tcstart, and the complete firewall (re)load is
clearing that SHAPER_EGRESS mangle chain.
I'll single-step if I have to, but --
-- any ideas as to what step in the execution flow might be clearing that
chain, and where I configure to prevent it -- i.e., to preserve my
defined/populated chain through fw (re)start?
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
