View Full Version : [ubuntu] shorewall not autostarting

July 8th, 2008, 11:40 AM
I have experienced this problem with Ubuntu before but Shorewall does not start on boot with Ubuntu.

Shorewall blocks everything until the service is officially started.

How do I make sure it auto starts?

July 9th, 2008, 08:47 AM
Edit /etc/default/shorewall and change startup=0 to startup=1

July 9th, 2008, 08:50 AM
maybe the location at /etc/shorewall/shorewall.conf

July 9th, 2008, 08:01 PM
Sorry neither of those help. Shorewall wouldn't even start manually if that configuration file wasn't set to 1.

I'm not sure what you mean exactly with the 2nd option but startup enabled is already specified.

July 10th, 2008, 08:19 AM
The second option means (I think) that in /etc/shorewall.conf you have STARTUP_ENABLED=Yes.

If you can start Shorewall manually what about either putting it in the autostarted applications or manually starting it and saving the session?

July 11th, 2008, 05:48 AM
Yes, that's what I mean, that flag is also set.

The problem is I don't know much about the autostart stuff and I'd really prefer that gnome has nothing to do with it.

I run shorewall on my debian servers which are GUI less and I have no trouble with shorewall starting.

In fact, I've only had trouble with shorewall autostarting since using the new version of Hardy.

It must be kind of starting since all the ports are blocked. It's only until I do a manual restart that the rules file starts working properly.

July 28th, 2008, 01:02 PM
I found my problem now.

It seems that somewhere down the line new versions of Ubuntu's start up have interferred with shorewalls start up scripts and now dynamic dns address can't be processed at boot time, most likely because the IP addresses haven't become registered in the system yet. That explains why the firewall will start when you manually kick it off once the desktop is loaded.

I contacted the makers of shorewall but they just don't give a ****. They told me that using DNS address was at my own risk and have no solution to this problem.

January 29th, 2010, 09:05 PM
There is something interesting in shorewall start up script : "WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup".
It seems that shorewall has designed to work using "ifupdown" network tools. And by default Ubuntu use "NetworkManager" to manage its network interfaces.

So, I have deactivated my NetworkManager and modify /etc/network/interfaces :

auto eth0
iface eth0 inet dhcp

And it works... :D

February 9th, 2010, 09:23 AM
To make sure managed interface already up before shorewall execute its script :

auto eth0
iface eth0 inet dhcp
up /etc/init.d/shorewall start
down /etc/init.d/shorewall stop

It much better now...but I miss Network Manager