I've compiled and deployed to a remote instance
shorewall-lite version
4.6.3.1
my firewall config includes a number of @lib.private declared functions
they're seen @ the remote instance in the pushed fw script; for example,
cat /var/lib/shorewall-lite/firewall
...
load_ipsets4() {
SH="/bin/sh"
IPSET="/usr/sbin/ipset"
...
v4.6.3's new `shorewall run ...` support
(https://www.mail-archive.com/[email protected]/msg17241.html)
is quite useful. in a centrally-managed scheme, the runnable scripts need be
in the context of the remote instance. i.e,. using 'shorewall{,6}-lite' to
exec.
fyi, checking on the remote, there are duplicate/different usage docs @ `help`
shorewall-lite help
Usage: shorewall-lite [debug|trace] [nolock] [ -q ] [
-v[-1|{0-2}] ] [ -t ] <command>
where <command> is one of:
...
run <command> [ <parameter> ... ]
...
run <function> [ function ... ]
...
and if I try to exec it
shorewall-lite run load_ipsets4
I get an odd return
Usage: /var/lib/shorewall-lite/firewall [ options ] <command>
<command> is one of:
start
stop
clear
disable <interface>
down <interface>
enable <interface>
reset
refresh
restart
status
up <interface>
version
Options are:
-v and -q Standard Shorewall verbosity controls
-n Don't update routing configuration
-p Purge Conntrack Table
-t Timestamp progress Messages
-V <verbosity> Set verbosity explicitly
-R <file> Override RESTOREFILE setting
and the function, itself, is not executed
can correct usage be clarified further? or is it likely a bug?
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
