Thanks Tom - it sounds like adding something like "required,wait=5"
would at least be a viable work-around.
But reading between the lines, it seems you're saying that I could in
all likelihood sidestep the problem completely, just by specifying
"optional" instead (I presume "required" is the default - the man page
is silent on that.) Is there a discussion somewhere of what
configurations require "required"?
Regards - Philip
On 18/11/2014 16:47, Tom Eastep wrote:
> On 11/18/2014 1:12 AM, Philip Le Riche wrote:
>> I'm using Shorewall to protect a school network from a classroom network
>> of Raspberry Pis, which are operated headless from school network PCs using
>> VNC or PuTTy.
>>
>> All was working fine, starting up successfully on boot until I did the
>> following:
>> Installed isc-dhcp-server to serve dhcp to guest Pis
>> Installed Apache2 and a cgi script to report DHCP leases
>> Added 8 more fixed IP addresses to the school NIC and 8 more DNAT rules
>> (bringing it to 16) mapping them to classroom IP addresses
>> Installed OpenSSH for firewall maintenance
>> Added Shorewall ACCEPT rules with destination $FW for the above.
>>
>> Now Shorewall doesn't start on boot, and neither does sshd, but both
>> start successfully if you log in and type shorewall start and service
>> sshd start. (Apache and dhcp-server start up ok.)
>>
>> The problem seems to be that eth0 is still not up by the time the
>> Shorewall and sshd init scripts get run. In shorewall-init.log there are
>> messages "Can't determine the IP address of eth0"
> You have configured Shorewall so that eth0 *must* be up before Shorewall
> can start. If that is really necessary (which I rather doubt), then:
>
> a) Specify 'required' on the eth0 entry in /etc/shorewall/interfaces
> b) Additionally, specify 'wait=N' where N is the number of seconds that
> you are willing to wait for eth0 to come up.
>
> -Tom
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
>
>
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
