From adba868b0ac7cb751084b767e0c65cddc34f441c Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Fri, 18 Nov 2005 12:34:33 +0000 Subject: [PATCH] [tw] - dropped new status patch - integration directly in the config file and init script --- iptables-config | 10 ++++++++++ iptables.init | 11 ++++++++--- iptables.spec | 2 -- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/iptables-config b/iptables-config index 52c4e89..d906dd5 100644 --- a/iptables-config +++ b/iptables-config @@ -36,3 +36,13 @@ IPTABLES_SAVE_COUNTER="no" # Print IP addresses and port numbers in numeric format in the status output. IPTABLES_STATUS_NUMERIC="yes" +# Verbose status output +# Value: yes|no, default: yes +# Print info about the number of packets and bytes plus the "input-" and +# "outputdevice" in the status output. +IPTABLES_STATUS_VERBOSE="no" + +# Status output with numbered lines +# Value: yes|no, default: yes +# Print a counter/number for every rule in the status output. +IPTABLES_STATUS_LINENUMBERS="yes" diff --git a/iptables.init b/iptables.init index 79b1f42..463eac1 100755 --- a/iptables.init +++ b/iptables.init @@ -244,10 +244,12 @@ save() { } status() { + tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null` + # Do not print status if lockfile is missing and iptables modules are not # loaded. # Check if iptable module is loaded - if [ ! -f "$VAR_SUBSYS_IPTABLES" ]; then + if [ ! -f "$VAR_SUBSYS_IPTABLES" -a -z "$tables" ]; then echo $"Firewall is stopped." return 1 fi @@ -257,7 +259,6 @@ status() { echo $"Firewall is not configured. " return 1 fi - tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null` if [ -z "$tables" ]; then echo $"Firewall is not configured. " return 1 @@ -265,10 +266,14 @@ status() { NUM= [ "x$IPTABLES_STATUS_NUMERIC" = "xyes" ] && NUM="-n" + VERBOSE= + [ "x$IPTABLES_STATUS_VERBOSE" = "xyes" ] && VERBOSE="--verbose" + COUNT= + [ "x$IPTABLES_STATUS_LINENUMBERS" = "xyes" ] && COUNT="--line-numbers" for table in $tables; do echo $"Table: $table" - $IPTABLES -t $table --list $NUM && echo + $IPTABLES -t $table --list $NUM $VERBOSE $COUNT && echo done return 0 diff --git a/iptables.spec b/iptables.spec index ecd0267..4d5170c 100644 --- a/iptables.spec +++ b/iptables.spec @@ -14,7 +14,6 @@ Patch6: iptables-1.2.10-counters.patch Patch8: iptables-1.3.0-cleanup.patch Patch9: iptables-1.3.0-autoload.patch Patch10: iptables-1.3.0-no_root.patch -Patch11: iptables-1.3.4-status.patch Group: System Environment/Base URL: http://www.netfilter.org/ BuildRoot: %{_tmppath}/%{name}-buildroot @@ -68,7 +67,6 @@ rm -rf %{buildroot} %patch8 -p1 -b .cleanup %patch9 -p1 -b .autoload %patch10 -p1 -b .no_root -%patch11 -p1 -b .status # Put it to a reasonable place find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \;