On 01/24/2018 07:52 AM, Matt Darfeuille wrote: > On 1/24/2018 1:32 PM, Matt Darfeuille wrote: >> Hi, >> >> I'm remotely connecting to a server in the dmz zone with the following >> configuration: >> >> /etc/network/interfaces: >> >> allow-hotplug enp1s0 >> iface enp1s0 inet dhcp >> >> /etc/shorewall/zones: >> >> net ipv4 >> >> /etc/shorewall/interfaces: >> >> net enp1s0 dhcp,optional >> >> /etc/shorewall/rules: >> >> ACCEPT net $FW:&enp1s0 tcp 22 >> >> >> This configuration works fine and after rebooting that server I can >> access it remotely. >> >> But if I configure that same interface using systemd, after reboot, I >> can no longer access that server remotely. >> >> /etc/systemd/network/enp1s0.network: >> >> [Match] >> Name=enp1s0 >> >> [Network] >> DHCP=ipv4 >> >> The wait option in /etc/shorewall/interfaces doesn't seem to help. >> I'm not sure how to fix that and I would rather keep using systemd! :) >> > > After some more testing I can confirm that the same behavior is also > happening when /etc/network/interfaces is used. > Is it expected (it works fine if I use $FW:ip)? >
It is not expected, and I am unable to reproduce the problem on Debian 9.3. What is the output of 'shorewall show net-fw' after reboot? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
