Robert,
/var/log/shorewall-init.log exist, tonight reboot system without log and
post before.
shorewall for EL7 o CentOS7 or similar use systemctl, maybe shorewall
start before other service. Somebody have experience with this?
Thx
El 2026-01-13 14:57, Robert K Coffman Jr. -Info From Data Corp.
escribió:
Logging is too deep for me to go into here - on my system, there is a
shorewall-init log in /var/log. I suspect your system has this in
logcontrol.
Here is the contents of the init.d job that starts shorewall on my
firewalls. For some changes to my configuration, I have to use this
script before shorewall start, or else the change doesn't work. I only
bring it up because perhaps the difference between
"/etc/init.d/shorewall start" and "shorewall start" could be used to
fix your problem. Strictly speculation however.
#!/bin/sh
RCDLINKS="2,S19 3,S19 4,S19 5,S19 0,K91 6,K91"
OPTIONS=""
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
# Use /etc/default shorewall to specify $OPTIONS and STARTOPTIONS to
# run at startup, however this this might prevent shorewall from
# starting. use at your own risk
if [ -f "/etc/default/shorewall" ] ; then
. /etc/default/shorewall
fi
# wait for an unconfigured interface
wait_for_pppd () {
if [ "$wait_interface" != "" ]
then
if [ -f $WAIT_FOR_IFUP ]
then
for i in $wait_interface
do
$WAIT_FOR_IFUP $i 60
done
else
echo "$WAIT_FOR_IFUP: File not found"
exit 2
fi
fi
}
start() {
echo "Starting IPv4 shorewall rules..."
wait_for_pppd
[ -x /usr/sbin/mount_modules ] && /usr/sbin/mount_modules
/sbin/shorewall $OPTIONS start $STARTOPTIONS
[ -x /usr/sbin/umount_modules ] && /usr/sbin/umount_modules
}
stop() {
echo "Stopping IPv4 shorewall rules..."
/sbin/shorewall stop
}
refresh() {
echo "Refreshing IPv4 shorewall rules..."
/sbin/shorewall refresh $REFRESHOPTIONS
}
reload() {
echo "Reloading IPv4 shorewall rules..."
/sbin/shorewall reload $RELOADOPTIONS
}
restart() {
echo "Restarting IPv4 shorewall rules..."
[ -x /usr/sbin/mount_modules ] && /usr/sbin/mount_modules
/sbin/shorewall restart $RESTARTOPTIONS
[ -x /usr/sbin/umount_modules ] && /usr/sbin/umount_modules
}
status() {
/sbin/shorewall status
}
case "$1" in
'start')
start
;;
'stop')
stop
;;
'refresh')
refresh
;;
'reload')
reload
;;
'restart')
restart
;;
'status')
status
;;
*)
echo "Usage: $0 start|stop|refresh|reload|restart|status"
;;
esac
exit 0
# All done
- Bob
On 1/13/2026 11:36:39 AM, [email protected] wrote:
Hi Robert,
Do you mean shorewall show log or other?
Thx
El 2026-01-13 13:11, Robert K Coffman Jr. -Info From Data Corp.
escribió:
Ok - what do the logs say after a reboot? One potential issue that
might cause this is the status of any interfaces that are required but
not ready when shorewall starts.
On 1/13/2026 9:52:47 AM, [email protected] wrote:
Hi Robert,
I'm using systemcl
systemctl enable shorewall after install package.
Thx.
El 2026-01-13 10:30, Robert K Coffman Jr. -Info From Data Corp.
escribió:
How are you starting Shorewall after a reboot?
On 1/13/2026 5:59:25 AM, rcortes--- via Shorewall-users wrote: Hi
Simon,
i use shorewall from shorewall site reference, in this case 5.1.12 from
https://shorewall.org/pub/shorewall/5.1/shorewall-5.1.12/
and 5.2.8 from
https://www.invoca.ch/pub/packages/shorewall/RPMS/ils-7/noarch/
5.1.12 or 5.1.10 start but dont work, need apply clear/start to work.
5.2.8-12 start but dont work nat/dnat/proxyarp
Thx
El 2026-01-13 04:56, Simon Matter escribió:
Hi,
Hello everyone!
Somebody know why or how to fix shorewall for not need clear and start
after reboot? i have EL7 and shorewall 5.1.12, previously working with
5.1.10 and try with 5.2.8-12 but shorewall start but nat/dnat/proxyarp
dont work.
Seems that your shorewall start is not working properly. Are you using
a
shorewall package from epel? If so you could check the changelog to see
who has packaged it and ask directly?
Regards,
Simon
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Robert K Coffman Jr.
Info From Data Corp.
3307249000
[email protected]
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Robert K Coffman Jr.
Info From Data Corp.
3307249000
[email protected]
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Robert K Coffman Jr.
Info From Data Corp.
3307249000
[email protected]
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
