On Fri, 9 Jul 2021 15:46:03 +0100 Norman and Audrey Henderson <norm.aud...@gmail.com> wrote:
> Thank you both. First Tuomo, it's not really Net 0/8, I just removed > the front digits to hide our real IP addresses, for security reasons. > Matt, yes with optional on interface eth0 then shorewall starts but > still gives a warning that interface eth0 is not usable. > > That does allow the important openvpn tunnels to start (even though > they are running on top of eth0!) and it looks like the proper rules > and routes for eth0 are being applied, because our Email is flowing > again. > > However, why does SW think that eth0 is unusable? What could I check? Check code in /var/lib/shorewall/firewall, search for interface_is_usable. You can also try to enable interface with: /var/lib/shorewall/firewall enable eth0 Do you have /etc/shorewall/isusable script? That's what is used if you have it. If you have that script you should check what's in /var/lib/shorewall/eth0.status file... -- Tuomo Soini <t...@foobar.fi> Foobar Linux services +358 40 5240030 Foobar Oy <https://foobar.fi/> _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
