On 12/16/2015 10:22 PM, Norman Henderson wrote:
> Hello friends,
>
> The multi-provider structure seems to work fine when it's really being
> used for links to multiple ISP's of relatively stable quality. It's
> problematic when the ISP's are unstable (I am in Africa) mostly because
> failures aren't directly detectable: usually there is a break, or a
> major slowdown somewhere upstream in the ISP's network.
>
> It has become very complicated because we also have several sites
> connected by links that aren't always reliable (OpenVPN tunnels over
> said unreliable ISP's; even our WiFi links go down sometimes).
>
> The cleanest solution seems to be to manually disable / enable providers
> as needed (or use a monitoring tool to do so). However the question:
>
> Is there a clean way to mark a provider so that it will NOT be enabled
> upon shorewall (re)start? I guess I could do it in an extension script
> but that is a bit of a hack.
>
> Input welcome!
Beginning with Shorewall 4.5.3.1:
- The 'disable' command stores a 1 in the interface's .status file.
- The .status file is ignored on 'enable' but not on 'start',
'restart', 'restore' and 'refresh'.
This means that a disabled interface can only be re-enabled using
the 'enable' command.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
