From: Mike Frysinger Date: Sat, 11 Nov 2006 08:25:00 +0000 (+0000) Subject: Set policy to ACCEPT before flushing chains in init.d stop() as proposed by Max Hacki... X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1c6362a6ba435433fc24a9b6611f02e79f46a4cf;p=gentoo.git Set policy to ACCEPT before flushing chains in init.d stop() as proposed by Max Hacking #154269. Package-Manager: portage-2.1.2_rc1-r5 --- diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog index 88983d86a663..c39444a1ff50 100644 --- a/net-firewall/iptables/ChangeLog +++ b/net-firewall/iptables/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-firewall/iptables # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.119 2006/10/21 21:37:22 tcort Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.120 2006/11/11 08:25:00 vapier Exp $ + + 11 Nov 2006; Mike Frysinger + files/ip6tables-1.3.2.confd, files/iptables-1.3.2.confd, + files/iptables-1.3.2.init: + Set policy to ACCEPT before flushing chains in init.d stop() as proposed by + Max Hacking #154269. 21 Oct 2006; Thomas Cort iptables-1.3.5-r4.ebuild: Stable on alpha wrt Bug #149643. diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index c4f58e614bed..eb3ad3f5c19f 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -61,10 +61,10 @@ AUX ip6tables-1.2.9-r1.init 1792 RMD160 e28e8c86026aac7aa49bd8e5fe84153516ebb28d MD5 f74f2424c062e1b2f4b22e4e11db909b files/ip6tables-1.2.9-r1.init 1792 RMD160 e28e8c86026aac7aa49bd8e5fe84153516ebb28d files/ip6tables-1.2.9-r1.init 1792 SHA256 e30d2daeb23958482f6655f63267779d1f029f19e1365dddda0febe015ddb8c0 files/ip6tables-1.2.9-r1.init 1792 -AUX ip6tables-1.3.2.confd 367 RMD160 13883a6edd49c844155858bccc7cf95e32dc4d14 SHA1 fc9e631e946b83bfbec23e3bfee1f7da84f56746 SHA256 748111ccd94007d5854f8d108c2b66241c4a763db9f5ba676b9ad79d69f3f2e2 -MD5 b55536f30c709d78987bf9666ff7b05a files/ip6tables-1.3.2.confd 367 -RMD160 13883a6edd49c844155858bccc7cf95e32dc4d14 files/ip6tables-1.3.2.confd 367 -SHA256 748111ccd94007d5854f8d108c2b66241c4a763db9f5ba676b9ad79d69f3f2e2 files/ip6tables-1.3.2.confd 367 +AUX ip6tables-1.3.2.confd 293 RMD160 2e5399355a930ab3c804c9cc46fe37763555a97e SHA1 0e82dbe8538f9168bb97939a03b73dd291e82760 SHA256 c93827ac2b8fdd83e2c36788053ee7567ceb13b3cbc5fcf40d186500e05c8104 +MD5 dbef6253ff7e347e7fa35a02652ab684 files/ip6tables-1.3.2.confd 293 +RMD160 2e5399355a930ab3c804c9cc46fe37763555a97e files/ip6tables-1.3.2.confd 293 +SHA256 c93827ac2b8fdd83e2c36788053ee7567ceb13b3cbc5fcf40d186500e05c8104 files/ip6tables-1.3.2.confd 293 AUX iptables-1.2.9-r1.confd 264 RMD160 9c78d094bbf5e3ee71e4f833f1bab0871bb767d4 SHA1 f44b21e8df73d2eb86f4c7a7277d2871d0c68abf SHA256 430d53a0c77cfd0b4d7760b68c36be0010c164cfa99aa0411775b6e88bbe7b74 MD5 4e055c59114fd6abc5a27bdaa97d2946 files/iptables-1.2.9-r1.confd 264 RMD160 9c78d094bbf5e3ee71e4f833f1bab0871bb767d4 files/iptables-1.2.9-r1.confd 264 @@ -73,14 +73,14 @@ AUX iptables-1.2.9-r1.init 1829 RMD160 82233608a26e8e19f7ac910350d80b90de24b1d3 MD5 8ac77b3fbebfb5ceb9c6166823afe21d files/iptables-1.2.9-r1.init 1829 RMD160 82233608a26e8e19f7ac910350d80b90de24b1d3 files/iptables-1.2.9-r1.init 1829 SHA256 489caca55376fe49c613c87ec8e8577b654cf281a96ee94b9eedfafd0f310b22 files/iptables-1.2.9-r1.init 1829 -AUX iptables-1.3.2.confd 364 RMD160 882ab7a777fa9892085561b633952da468fe3365 SHA1 0d297fd36eadee2c630871427ee2cc1fca949ff1 SHA256 d6f6594de108e9252b8fd8d940c60a19a82c101e292878beca00ac73f77ae2da -MD5 e609f404a78a9ee2cb7e443214da4fff files/iptables-1.3.2.confd 364 -RMD160 882ab7a777fa9892085561b633952da468fe3365 files/iptables-1.3.2.confd 364 -SHA256 d6f6594de108e9252b8fd8d940c60a19a82c101e292878beca00ac73f77ae2da files/iptables-1.3.2.confd 364 -AUX iptables-1.3.2.init 2593 RMD160 36e2f9d47de23d0259f726d0f199524009cd65d2 SHA1 9b9e669f47548b567c77ef938253d08e97646387 SHA256 0198648e69c78c7703c02732458d2e6c6af7051e1ffe49556930bf8fbb812346 -MD5 49989419807df230e222886a5a70f305 files/iptables-1.3.2.init 2593 -RMD160 36e2f9d47de23d0259f726d0f199524009cd65d2 files/iptables-1.3.2.init 2593 -SHA256 0198648e69c78c7703c02732458d2e6c6af7051e1ffe49556930bf8fbb812346 files/iptables-1.3.2.init 2593 +AUX iptables-1.3.2.confd 290 RMD160 cb180068f86a608b16d850635ae909ea7b9cc059 SHA1 cb56dba4799eb3998b28e492c61265574c37d522 SHA256 351e123ba9e0ec7db2bcff42849aa627d29a3b2e77a47b82386f5e3a7e21bd30 +MD5 956ebf5ab69e5a1e1d3983541eab643b files/iptables-1.3.2.confd 290 +RMD160 cb180068f86a608b16d850635ae909ea7b9cc059 files/iptables-1.3.2.confd 290 +SHA256 351e123ba9e0ec7db2bcff42849aa627d29a3b2e77a47b82386f5e3a7e21bd30 files/iptables-1.3.2.confd 290 +AUX iptables-1.3.2.init 2548 RMD160 0f45a7dd2f1215d46b6e7d42d27da0d10c932c54 SHA1 693a6352917e80d23204939ca8d17b6aa2a151f1 SHA256 072857516e98886c151a69e8d384688308b72962aacef2bfdab4e502815c5a55 +MD5 f3deaed443d73190338f759c82ab9fd0 files/iptables-1.3.2.init 2548 +RMD160 0f45a7dd2f1215d46b6e7d42d27da0d10c932c54 files/iptables-1.3.2.init 2548 +SHA256 072857516e98886c151a69e8d384688308b72962aacef2bfdab4e502815c5a55 files/iptables-1.3.2.init 2548 DIST iptables-1.2.11.tar.bz2 156988 RMD160 66e0fa391444a1e169feaf2fc67b5f8622ec1d89 SHA1 1a2236e2705b02834aaa506632c08cf8a647efa2 SHA256 be7bd67232fddbe3ce81f40f5b79123380a2e67cd166ec06e650842f8acb373d DIST iptables-1.3.0-imq1.diff 5369 RMD160 8ca1fa3bfea02d27232d8d8cb0a12586dd4537b5 SHA1 bdf665cacc985fceaadf119ae7a756caca1589ad SHA256 0f9d36e48b3f1e83ef9e1d39c19e7271a889a31c65c396c416200eb143f1795b DIST iptables-1.3.5.tar.bz2 191820 RMD160 3364e0f37f67ba4aa9ac9caa6f11adb67887e528 SHA1 6dbeeee13517fa02852960b6f6e51115c7548a09 SHA256 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c @@ -117,10 +117,10 @@ EBUILD iptables-1.3.6.ebuild 5727 RMD160 3942518924aa00b35b57572814cc691b64586d5 MD5 bda128f763227c8cb2c899f8f5bf014b iptables-1.3.6.ebuild 5727 RMD160 3942518924aa00b35b57572814cc691b64586d5a iptables-1.3.6.ebuild 5727 SHA256 c5719408d68a0b487239b5b171f6e19f0e1b00857c0c1185ecf65e051dcbdd47 iptables-1.3.6.ebuild 5727 -MISC ChangeLog 24560 RMD160 0bc4784b24926bc5e2957368f67215db73190574 SHA1 bfd9811893c10cd675e3581328504e4d85e001f8 SHA256 92e4108cfa446b8d4dd014b23bab23521329bc41242d8da62fd3853fd23cfc04 -MD5 d7f0a9d857cc504789773a936fb4bea9 ChangeLog 24560 -RMD160 0bc4784b24926bc5e2957368f67215db73190574 ChangeLog 24560 -SHA256 92e4108cfa446b8d4dd014b23bab23521329bc41242d8da62fd3853fd23cfc04 ChangeLog 24560 +MISC ChangeLog 24801 RMD160 46bd0e8bdbd001943cec276c7f9d8c445ac11416 SHA1 9af853ab5f98caee272d15525f53f2bf5b28b561 SHA256 3c8542cfb6b52adf17dc35bb18bbad6fb026ddd3e978f06289ea9056e7ec4658 +MD5 1291760c8789e8049ee661b06e957648 ChangeLog 24801 +RMD160 46bd0e8bdbd001943cec276c7f9d8c445ac11416 ChangeLog 24801 +SHA256 3c8542cfb6b52adf17dc35bb18bbad6fb026ddd3e978f06289ea9056e7ec4658 ChangeLog 24801 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164 @@ -149,7 +149,7 @@ SHA256 b6cdf0da6f3681548aea7cd05500b00660b64d95f4d6d6196267c2535dc190d0 files/di -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) -iD8DBQFFT5rbamhnQswr0vIRArTUAJ9qAdmlUkspUew+pKg6xXavNZdmtgCbB76y -lms5/dKQ+TXDAHmJNH2CakQ= -=XYue +iD8DBQFFVYjlamhnQswr0vIRArNOAKCTjJ2KthvppYrbASABPmKrsQES5wCfWffy +tWPfHUwPcf7QsG4s7dt/X58= +=t9QR -----END PGP SIGNATURE----- diff --git a/net-firewall/iptables/files/ip6tables-1.3.2.confd b/net-firewall/iptables/files/ip6tables-1.3.2.confd index 7cd37285a209..93c0bc89b38a 100644 --- a/net-firewall/iptables/files/ip6tables-1.3.2.confd +++ b/net-firewall/iptables/files/ip6tables-1.3.2.confd @@ -9,6 +9,3 @@ SAVE_RESTORE_OPTIONS="-c" # Save state on stopping iptables SAVE_ON_STOP="yes" - -# Flush all rules and delete all chains on shutdown? -CLEAR_ON_STOP="yes" diff --git a/net-firewall/iptables/files/iptables-1.3.2.confd b/net-firewall/iptables/files/iptables-1.3.2.confd index 83dd4c4fc2d6..91287debdbcf 100644 --- a/net-firewall/iptables/files/iptables-1.3.2.confd +++ b/net-firewall/iptables/files/iptables-1.3.2.confd @@ -9,6 +9,3 @@ SAVE_RESTORE_OPTIONS="-c" # Save state on stopping iptables SAVE_ON_STOP="yes" - -# Flush all rules and delete all chains on shutdown? -CLEAR_ON_STOP="yes" diff --git a/net-firewall/iptables/files/iptables-1.3.2.init b/net-firewall/iptables/files/iptables-1.3.2.init index a21072f41454..94f8338dc9d3 100755 --- a/net-firewall/iptables/files/iptables-1.3.2.init +++ b/net-firewall/iptables/files/iptables-1.3.2.init @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.3.2.init,v 1.3 2006/11/06 20:27:33 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.3.2.init,v 1.4 2006/11/11 08:25:00 vapier Exp $ opts="save reload panic" @@ -65,14 +65,13 @@ stop() { if [[ ${SAVE_ON_STOP} == "yes" ]] ; then save || return 1 fi - [[ ${CLEAR_ON_STOP} != "yes" ]] && return 0 checkkernel || return 1 ebegin "Stopping firewall" for a in $(<${iptables_proc}) ; do + set_table_policy $a ACCEPT + ${iptables_bin} -F -t $a ${iptables_bin} -X -t $a - - set_table_policy $a ACCEPT done eend $? }