On 10/29/19 9:54 AM, Tom Eastep wrote: >> Questions. >> >> 1/ When using shorewall-init does shorewall itself have to be running, >> or is the compiled shorewall rules loaded directly into iptables? > If you are relying on Shorewall-init to load the ipset during boot, then: > > a) shorewall-init must be enabled in your init system (systemd or Sys5 > init). > > b) The shorewall-init config file must have the SAVE_IPSETS option set > to the name of a file where the ipsets are to be saved. > > b) The PRODUCTS option must at least include 'shorewall'. > > c) The ipset must exist each time that Shorewall-init is stopped. >
Shorewall-init should always start before Shorewall starts and Shorewall should always stop before Shorewall-init stops. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
