auto-import iptables-1.2.6a-2 from iptables-1.2.6a-2.src.rpm
This commit is contained in:
cvsdist
parent
e77aacd352
commit
362a1d88ed
@ -51,22 +51,36 @@ start() {
|
|||||||
if [ -f $IPTABLES_CONFIG ]; then
|
if [ -f $IPTABLES_CONFIG ]; then
|
||||||
# If we don't clear these first, we might be adding to
|
# If we don't clear these first, we might be adding to
|
||||||
# pre-existing rules.
|
# pre-existing rules.
|
||||||
action $"Flushing all current rules and user defined chains:" iptables -F
|
|
||||||
action $"Clearing all current rules and user defined chains:" iptables -X
|
|
||||||
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
|
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
|
||||||
for i in $chains; do iptables -t $i -F; done && \
|
echo -n $"Flushing all current rules and user defined chains:"
|
||||||
success $"Flushing all current rules and user defined chains:" || \
|
let ret=0
|
||||||
failure $"Flushing all current rules and user defined chains:"
|
for i in $chains; do iptables -t $i -F; let ret+=$?; done
|
||||||
for i in $chains; do iptables -t $i -X; done && \
|
iptables -F
|
||||||
success $"Clearing all current rules and user defined chains:" || \
|
let ret+=$?
|
||||||
failure $"Clearing all current rules and user defined chains:"
|
if [ $ret -eq 0 ]; then
|
||||||
|
success
|
||||||
|
else
|
||||||
|
failure
|
||||||
|
fi
|
||||||
|
echo
|
||||||
|
echo -n $"Clearing all current rules and user defined chains:"
|
||||||
|
let ret=0
|
||||||
|
for i in $chains; do iptables -t $i -X; let ret+=$?; done
|
||||||
|
iptables -X
|
||||||
|
let ret+=$?
|
||||||
|
if [ $ret -eq 0 ]; then
|
||||||
|
success
|
||||||
|
else
|
||||||
|
failure
|
||||||
|
fi
|
||||||
|
echo
|
||||||
|
|
||||||
for i in $chains; do iptables -t $i -Z; done
|
for i in $chains; do iptables -t $i -Z; done
|
||||||
|
|
||||||
echo $"Applying iptables firewall rules: "
|
echo -n $"Applying iptables firewall rules: "
|
||||||
grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c && \
|
grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c && \
|
||||||
success $"Applying iptables firewall rules" || \
|
success || \
|
||||||
failure $"Applying iptables firewall rules"
|
failure
|
||||||
echo
|
echo
|
||||||
touch /var/lock/subsys/iptables
|
touch /var/lock/subsys/iptables
|
||||||
fi
|
fi
|
||||||
@ -74,12 +88,27 @@ start() {
|
|||||||
|
|
||||||
stop() {
|
stop() {
|
||||||
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
|
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
|
||||||
for i in $chains; do iptables -t $i -F; done && \
|
echo -n $"Flushing all chains:"
|
||||||
success $"Flushing all chains:" || \
|
let ret=0
|
||||||
failure $"Flushing all chains:"
|
for i in $chains; do iptables -t $i -F; let ret+=$?; done
|
||||||
for i in $chains; do iptables -t $i -X; done && \
|
iptables -F; let ret+=$?
|
||||||
success $"Removing user defined chains:" || \
|
if [ $ret -eq 0 ]; then
|
||||||
failure $"Removing user defined chains:"
|
success
|
||||||
|
else
|
||||||
|
failure
|
||||||
|
fi
|
||||||
|
echo
|
||||||
|
|
||||||
|
echo -n $"Removing user defined chains:"
|
||||||
|
let ret=0
|
||||||
|
for i in $chains; do iptables -t $i -X; let ret+=$?; done
|
||||||
|
iptables -X; let ret+=$?
|
||||||
|
if [ $ret -eq 0 ]; then
|
||||||
|
success
|
||||||
|
else
|
||||||
|
failure
|
||||||
|
fi
|
||||||
|
echo
|
||||||
echo -n $"Resetting built-in chains to the default ACCEPT policy:"
|
echo -n $"Resetting built-in chains to the default ACCEPT policy:"
|
||||||
iftable filter -P INPUT ACCEPT && \
|
iftable filter -P INPUT ACCEPT && \
|
||||||
iftable filter -P OUTPUT ACCEPT && \
|
iftable filter -P OUTPUT ACCEPT && \
|
||||||
@ -89,8 +118,8 @@ stop() {
|
|||||||
iftable nat -P OUTPUT ACCEPT && \
|
iftable nat -P OUTPUT ACCEPT && \
|
||||||
iftable mangle -P PREROUTING ACCEPT && \
|
iftable mangle -P PREROUTING ACCEPT && \
|
||||||
iftable mangle -P OUTPUT ACCEPT && \
|
iftable mangle -P OUTPUT ACCEPT && \
|
||||||
success $"Resetting built-in chains to the default ACCEPT policy" || \
|
success || \
|
||||||
failure $"Resetting built-in chains to the default ACCEPT policy"
|
failure
|
||||||
echo
|
echo
|
||||||
rm -f /var/lock/subsys/iptables
|
rm -f /var/lock/subsys/iptables
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
Name: iptables
|
Name: iptables
|
||||||
Summary: Tools for managing Linux kernel packet filtering capabilities.
|
Summary: Tools for managing Linux kernel packet filtering capabilities.
|
||||||
Version: 1.2.6a
|
Version: 1.2.6a
|
||||||
Release: 1
|
Release: 2
|
||||||
Source: http://netfilter.kernelnotes.org/%{name}-%{version}.tar.bz2
|
Source: http://netfilter.kernelnotes.org/%{name}-%{version}.tar.bz2
|
||||||
Source1: iptables.init
|
Source1: iptables.init
|
||||||
Source2: ip6tables.init
|
Source2: ip6tables.init
|
||||||
@ -96,6 +96,11 @@ fi
|
|||||||
%{_mandir}/*/ip6tables*
|
%{_mandir}/*/ip6tables*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 07 2002 Karsten Hopp <karsten@redhat.de>
|
||||||
|
- fixed iptables and ip6tables initscript output, based on #70511
|
||||||
|
- check return status of all iptables calls, not just the last one
|
||||||
|
in a 'for' loop.
|
||||||
|
|
||||||
* Mon Jul 29 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.6a-1
|
* Mon Jul 29 2002 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.6a-1
|
||||||
- 1.2.6a (bugfix release, #69747)
|
- 1.2.6a (bugfix release, #69747)
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user