[Shorewall-users] multiisp providers' routing tables vanish after pkg-manager version upgrade?

Wed, 17 Jun 2015 08:04:22 -0700 

I finally found an intermittent 'culprit' that's been causing some grief -- the 
process of pkg-upgrading shorewall* in a MultiISP setup.

With any given version of Shorewall

  shorewall6-lite v4.6.9
  shorewall-core  v4.6.9
  shorewall-init  v4.6.9
  shorewall-lite  v4.6.9

installed on Opensuse 13.2,

on a multiISP install, before an upgrade, a running shorewall returns routing

        shorewall-lite show routing
                Routing Rules
                        ...

                Table default:
                        ...

                Table local:
                        ...

                Table main:
                        ...

                Table Prov1: <============
                        ...

                Table Prov2: <============
                        ...

that includes route tables for the defined Providers.

On upgrade via package manager

        zypper -v up shorewall-lite shorewall6-lite shorewall-init 
shorewall-core
                The following 4 packages are going to be upgraded:
                  shorewall6-lite       4.6.9-183.1 -> 4.6.10.1-185.1           
                          
                  shorewall-core        4.6.9-183.1 -> 4.6.10.1-185.1           
                          
                  shorewall-init        4.6.9-183.1 -> 4.6.10.1-185.1           
                          
                  shorewall-lite        4.6.9-183.1 -> 4.6.10.1-185.1           
                          

immediately after the upgrade, routing's dropped the Providers' route tables

        shorewall-lite show routing

                Routing Rules
                        ...

                Table default:
                        ...

                Table local:
                        ...

                Table main:
                        ...

This is trivially remedied by a firewall restart

        shorewall-lite restart
        shorewall-lite show routing

                Routing Rules
                        ...

                Table default:
                        ...

                Table local:
                        ...

                Table main:
                        ...

                Table Prov1:
                        ...

                Table Prov2:
                        ...

and all's back to normal.


Is it the _intended_ 'responsibility' of

        (1) shorewall* (config) ?
        (2) opensuse's packaging scripts
        (3) opensuse's shorewall/systemd startup scripts
        (4) the user

to get shorewall (specifically, the provider routing tables) back into an 
operating state after a version upgrade?


------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to