On 10/4/20 10:18 AM, Matt Darfeuille wrote: > On 10/4/2020 6:58 PM, Simon Matter wrote: >> Hi, >> >> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to >> see that the rules haven't been updated: >> >> [root@abc ~]# shorewall reload >> Reloading Shorewall.... >> Initializing... >> Processing /etc/shorewall/init ... >> Setting net.netfilter.nf_conntrack_max = 1048576 >> Processing /etc/shorewall/tcclear ... >> Setting up Route Filtering... >> Setting up Martian Logging... >> Setting up Proxy ARP... >> Setting up Traffic Control... >> Preparing iptables-restore input... >> Running /sbin/iptables-restore ... >> IPv4 Forwarding Enabled >> Processing /etc/shorewall/start ... >> Processing /etc/shorewall/started ... >> done. >> [root@abc ~]# shorewall status >> Shorewall 5.2.8 Status at abc.bi.corp.invoca.ch - Sun Oct 4 18:50:45 CEST >> 2020 >> >> Shorewall is running >> State:Started Sun Oct 4 18:50:40 CEST 2020 from /etc/shorewall/ >> (/var/lib/shorewall/firewall compiled Sun Oct 4 18:45:29 CEST 2020 by >> Shorewall version 5.2.7) >> >> I thought this has always worked and I didn't change anything. >> >> Am I just too tired (lack of coffee) or was there a change I'm missing? >> I'm confused. >> > > Compilation will only happen when '/etc/shorewall' is modified. > So if I'm not mistaking, updating the firewall will not trigger a > recompilation. >
Recompilation should occur if ANY file in ANY directory in $CONFIG_PATH changes. Given that installing a new version updates /usr/share/shorewall/, 'reload' after an update should force re-compilation. I reproduced this problem using the tarball installers. Simon -- How did you upgrade? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
