Project

General

Profile

Actions
Copy link

Bug #364

closed

gru: shorewall needs to be restarted after reboot

Added by Christian Lohmaier about 10 years ago. Updated over 9 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Tags:
URL:

Description

when gru is rebooted, the DNAT rules to the VMs won't work until shorewall is restarted

Either shorewall needs to depend on the virtual network interfaces to exists (which then is a configuration bug, as that usually is not necessary), or some other tool is started at boot that locks down the firewall/undoes shorewall's rules.

EDIT: libvirt uses iptables when it creates virtual networking, so that's very likely the culprit.
https://bugzilla.redhat.com/show_bug.cgi?id=433484 doesn't look nice (edit every vm to use system setup bridge/virtual network interface and stuff) - so probably easiest to just add a systemd (or whatever is used) command that restarts shorewall after libvirt

Files

shorewall-restart.conf (358 Bytes) shorewall-restart.conf /etc/init/shorewall-restart.conf - untested upstart file that should do the trick Christian Lohmaier, 2014-04-09 21:02
Actions
Copy link
 #1

Updated by Christian Lohmaier about 10 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Florian Effenberger over 9 years ago

  • Status changed from New to Rejected

As gru will vanish soon, rejecting this one

Actions
Copy link

Also available in: Atom PDF