| 1 |
On 05/02/15 11:11, Oleg wrote: |
| 2 |
> On Tue, Feb 03, 2015 at 09:41:22PM +0000, thegeezer wrote: |
| 3 |
>> howdy, |
| 4 |
>> don't use postup for this. |
| 5 |
>> netifrc is much cleverer |
| 6 |
>> u can directly in /etc/conf.d/net do |
| 7 |
>> |
| 8 |
>> rules_eth0=( |
| 9 |
>> "from 77.247.233.224/30 lookup vsd_linknet pref 32001" |
| 10 |
>> "from all lookup customers pref 32050" |
| 11 |
>> ) |
| 12 |
> I know about this, but i need ip rules that doesn't depend on any interface. |
| 13 |
> This machine is a router with several downstreams and several upstreams; so i |
| 14 |
> can set eth0 interface down and all policy rules must continue to work. |
| 15 |
> |
| 16 |
|
| 17 |
If you need things to be in place from the beginning then i can |
| 18 |
understand but you should be looking at /etc/local.d/ |
| 19 |
postup on net.lo seems like an odd place to hook this kind of thing. |
| 20 |
I'd suggest you might want to even create a /etc/init.d/customerX and |
| 21 |
/etc/init.d/customerY which allows you to create start/stop and use |
| 22 |
rc-status to check rules are or are not in place, it's scarily simple to do. |
| 23 |
you can also have it so that script customerX depends on eth0 but i |
| 24 |
don't think you want that, but maybe you do want customerY depends on |
| 25 |
customerX whcih you can also do |
| 26 |
>> the advantage to doing this instead of in postup is that if you stop |
| 27 |
>> eth0 then the rules are removed and then added back when you start the |
| 28 |
>> interface again |
| 29 |
> As i've mentioned above this is the disadvantage for me. |
| 30 |
> |
| 31 |
> |
Archives