I'm using Shorewall to protect a school network from a classroom network of Raspberry Pis, which are operated headless from school network PCs using VNC or PuTTy.
All was working fine, starting up successfully on boot until I did the following: Installed isc-dhcp-server to serve dhcp to guest Pis Installed Apache2 and a cgi script to report DHCP leases Added 8 more fixed IP addresses to the school NIC and 8 more DNAT rules (bringing it to 16) mapping them to classroom IP addresses Installed OpenSSH for firewall maintenance Added Shorewall ACCEPT rules with destination $FW for the above. Now Shorewall doesn't start on boot, and neither does sshd, but both start successfully if you log in and type shorewall start and service sshd start. (Apache and dhcp-server start up ok.) The problem seems to be that eth0 is still not up by the time the Shorewall and sshd init scripts get run. In shorewall-init.log there are messages "Can't determine the IP address of eth0" and in /var/log/auth.log there are sshd messages "Cannot bind any address". Shorewall is running under Linux Mint 16. It may be arguable whether the Shorewall (and sshd) init scripts are at fault or whether the fault lies with networking startup, but it must be an issue other people round here have hit. Is there a recognised fix, either to delay startup of Shorewall (and sshd), or to ensure networking runs to completion before dependant init scripts are run? Googling for the sshd half of the problem only seems to come up with sticking plaster solutions. Regards - Philip ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
