Does using a firewall break network interfaces on Linux?

A

Albert2018-12-18 07:31:49

Debian

Albert, 2018-12-18 07:31:49

Good afternoon!
I have Debian GNU/Linux 8.11 (jessie) where using a firewall at system startup breaks network interfaces. But, if the firewall is not used at system startup, but after, then everything is fine. Has anyone experienced this?
Those. the system starts, the firewall script autorun immediately works, and if you look through the ifconfig command, then instead of the ip address eth0, there is the ip address eth0:1, while the subinterfaces are not raised.
If you remove the autostart of the firewall and run it separately after the system starts, then everything is normally applied and everything works correctly.
Can you please tell me what I'm doing wrong or what could be causing this problem?
In /etc/network/interfaces

auto eth0
iface eth0 inet static
        address xxx.xxx.xxx.xxx
        netmask ********
        network ******
        broadcast ********
        gateway ********
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 8.8.8.8
        dns-search domain.ru
auto eth0:1
iface eth0:1 inet static
        address yyy.yyy.yyy.yyy
        netmask *******
**** тут еще 15 субинтерфейсов****
auto eth1
iface eth1 inet static
        address 172.24.20.3
        netmask ******
        network *****
        broadcast *****

The firewall is applied in this way. In the file /etc/network/if-up.d/00-fw

#!/bin/sh
/etc/fw/firewall.fw

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

B

Boris Syomov, 2018-12-18
@Bert

Does the application of the rules really take place completely?
Doesn't this script crash with an error blocking the initialization of interfaces?
Are not interfaces indicated in it, which are not present at the time of its launch, for example?
Maybe you need to run it from post_up, or generally separately from the initialization of interfaces?