[Shorewall-newbies] A few shorewall questions

Alex Martin alex at rettc.com
Mon Feb 23 18:50:17 PST 2004


 From a table in the file:

http://shorewall.net/starting_and_stopping_shorewall.htm

shorewall restart 	firewall restart 	Logically equivalent to “firewall 
stop;firewall start”


Thus a restart does a stop. Then:

shorewall stop 	firewall stop 	Only traffic to/from hosts listed in 
/etc/shorewall/hosts is passed to/from/through the firewall. For 
Shorewall versions beginning with 1.4.7, if ADMINISABSENTMINDED=Yes in 
/etc/shorewall/shorewall.conf then in addition, all existing connections 
are retained and all connection requests from the firewall are accepted.


This is where the information mentioned below came from.

-Alex



Tom Eastep wrote:

>On Mon, 23 Feb 2004, Alex Martin wrote:
>
>  
>
>>About 'shorewall restart':
>>"For Shorewall versions beginning with 1.4.7, if ADMINISABSENTMINDED=Yes
>>in /etc/shorewall/shorewall.conf then in addition, all existing
>>connections are retained and all connection requests from the firewall
>>are accepted."
>>
>> From http://shorewall.net/starting_and_stopping_shorewall.htm
>>
>>    
>>
>
>I've looked at that page a couple of times and I don't see how you
>associate the above text with "restart". Since Julian Church also had that
>misconception, I must be missing something -- please educate me.
>
>In truth, ADMINISABSENTMINDED only effects the behavior of the firewall
>after "shorewall stop".
>
>-Tom
>--
>Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
>Shoreline,     \ http://shorewall.net
>Washington USA  \ teastep at shorewall.net
>  
>



More information about the Shorewall-newbies mailing list