1 |
On 05/02/15 11:11, Oleg wrote: |
2 |
> On Tue, Feb 03, 2015 at 09:41:22PM +0000, thegeezer wrote: |
3 |
>> howdy, |
4 |
>> don't use postup for this. |
5 |
>> netifrc is much cleverer |
6 |
>> u can directly in /etc/conf.d/net do |
7 |
>> |
8 |
>> rules_eth0=( |
9 |
>> "from 77.247.233.224/30 lookup vsd_linknet pref 32001" |
10 |
>> "from all lookup customers pref 32050" |
11 |
>> ) |
12 |
> I know about this, but i need ip rules that doesn't depend on any interface. |
13 |
> This machine is a router with several downstreams and several upstreams; so i |
14 |
> can set eth0 interface down and all policy rules must continue to work. |
15 |
> |
16 |
|
17 |
If you need things to be in place from the beginning then i can |
18 |
understand but you should be looking at /etc/local.d/ |
19 |
postup on net.lo seems like an odd place to hook this kind of thing. |
20 |
I'd suggest you might want to even create a /etc/init.d/customerX and |
21 |
/etc/init.d/customerY which allows you to create start/stop and use |
22 |
rc-status to check rules are or are not in place, it's scarily simple to do. |
23 |
you can also have it so that script customerX depends on eth0 but i |
24 |
don't think you want that, but maybe you do want customerY depends on |
25 |
customerX whcih you can also do |
26 |
>> the advantage to doing this instead of in postup is that if you stop |
27 |
>> eth0 then the rules are removed and then added back when you start the |
28 |
>> interface again |
29 |
> As i've mentioned above this is the disadvantage for me. |
30 |
> |
31 |
> |