From 8ea96098bf28cba340255772cbfd3c5663a4fabf Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Wed, 11 Oct 2017 14:11:20 -0700
Subject: [PATCH] Warning when 'persistent' used with RESTORE_DEFAULT_ROUTE=Yes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Providers.pm      |  1 +
 Shorewall/manpages/shorewall-providers.xml | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm
index 71f0e4dba..d7932cebf 100644
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@@ -602,6 +602,7 @@ sub process_a_provider( $ ) {
 	    } elsif ( $option eq 'nohostroute' ) {
 		$hostroute = 0;
 	    } elsif ( $option eq 'persistent' ) {
+		warning_message "When RESTORE_DEFAULT_ROUTE=Yes, the 'persistent' option may not work as expected" if $config{RESTORE_DEFAULT_ROUTE};
 		$persistent = 1;
 	    } else {
 		fatal_error "Invalid option ($option)";
diff --git a/Shorewall/manpages/shorewall-providers.xml b/Shorewall/manpages/shorewall-providers.xml
index 7b2da0553..d6fc26c92 100644
--- a/Shorewall/manpages/shorewall-providers.xml
+++ b/Shorewall/manpages/shorewall-providers.xml
@@ -220,7 +220,7 @@
                   <para>In IPV6, the <option>balance</option> option does not
                   cause balanced default routes to be created; it rather
                   causes a sequence of default routes with different metrics
-                  to be created. </para>
+                  to be created.</para>
                 </caution>
               </listitem>
             </varlistentry>
@@ -438,6 +438,14 @@
                   <command>enable</command> and <command>reenable</command>
                   commands can reenable the provider.</para>
                 </note>
+
+                <important>
+                  <para>RESTORE_DEFAULT_OPTION=Yes in shorewall[6].conf is not
+                  recommended when the <option>persistent</option> option is
+                  used, as restoring default routes to the main routing table
+                  can prevent link status monitors such as foolsm from
+                  correctly detecting non-working providers.</para>
+                </important>
               </listitem>
             </varlistentry>
           </variablelist>