[email protected] wrote: > Before I start down that road with what appears to be a redundant process, is > there a convenient way to get that ddlcient-tracked IP into shorewall > 'params', or wherever it'd NEED to be to get picked up early enough to be > (re)used ina shorewall (re)start?
http://shorewall.net/manpages/shorewall-params.html > The file is always processed by /bin/sh or by the shell specified through > SHOREWALL_SHELL in shorewall.conf (5) so the full range of shell capabilities > may be used. So it should be fairly easy to put a command in there that's going to read your IP in from another file and set a variable you can use in the rules file. Not done it myself, but it should work. Otherwise there's the less elegant way where you have a params-base file, and you script basically does : echo ${something} > params cat params-base >> params shorewall restart That last line might want to be : shorewall check && shorewall restart || <alert the admin there's a problem> Lots of things you can play around with there. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
