On 9/28/2016 10:34 AM, Filippo Carletti wrote: > I can't find what I'm doing wrong, I can't observe the documented > behaviour of shorewall disable <provider>. > > # shorewall status -i | grep Interface > Interface enp2s0 is Enabled > Interface enp3s0 is Enabled > # shorewall disable enp3s0 > Provider adsl (1) stopped > # shorewall status -i | grep Interface > Interface enp2s0 is Enabled > Interface enp3s0 is Disabled > # shorewall restart > # shorewall status -i | grep Interface > Interface enp2s0 is Enabled > Interface enp3s0 is Enabled > > Log above using Shorewall-5.0.8.2, but I have the same problem with > Shorewall-4.6.4.3. > > The changelog says: > > Beginning with Shorewall 4.5.3.1: > > - The 'disable' command stores a 1 in the interface's .status file. > - The .status file is ignored on 'enable' but not on 'start', > 'restart', 'restore' and 'refresh'. > > This means that a disabled interface can only be re-enabled using > the 'enable' command. > > Some config details: > # tail -2 /etc/shorewall/providers > adsl 1 0x10000 - enp3s0 10.70.70.1 track,balance=100,persistent - > fibra 2 0x20000 - enp2s0 10.57.1.1 track,balance=1,persistent - > # grep RESTART /etc/shorewall/shorewall.conf > RESTART=reload > > > Any hint how to debug this?
Do any of your extension scripts manipulate /var/lib/shorewall/*.status? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
