On Tue, Nov 5, 2019 at 6:13 PM Tom Eastep <teas...@shorewall.net> wrote: > > No -- you can simply use 'ip route replace....'.
Oh, interesting. However, it's still not as versatile as "inserting" a new rule in whatever position (priority index) and then deleting it. I guess I might use some sort of placeholder here and there and replace it as in my previous example. Thanks for the hint. I'll need to study that. > Because you are complaining about how slow and disruptive 'shorewall > reload' is on this system. I would think that you would want to strip > out as much as possible from the Shorewall config and have it installed > once (at boot time). Unless I use shorewall-lite, I presume. In that case, reloading should be blazing fast... ;-) > Given that lookup in the main table occurs > very early in the routing rules, that table should be used wherever > possible. I will definitely go that route, or at least try to. Tom, you don't know how glad I am to see that you're still sticking around. Big thanks to the other users too who pitch in with their useful insights. Regards, Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
