diff options
Diffstat (limited to 'sys-apps')
-rw-r--r-- | sys-apps/iptables/ChangeLog | 11 | ||||
-rw-r--r-- | sys-apps/iptables/files/iptables.init | 26 |
2 files changed, 32 insertions, 5 deletions
diff --git a/sys-apps/iptables/ChangeLog b/sys-apps/iptables/ChangeLog index 88b83c96ce35..ab1c8fa41d81 100644 --- a/sys-apps/iptables/ChangeLog +++ b/sys-apps/iptables/ChangeLog @@ -1,6 +1,6 @@ # ChangeLog for sys-apps/iptables # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/ChangeLog,v 1.7 2002/08/29 22:11:12 drobbins Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/ChangeLog,v 1.8 2002/09/02 07:54:59 aliz Exp $ *iptables-1.2.6a-r2 (29 Aug 2002) @@ -9,7 +9,14 @@ http://luxik.cdi.cz/~patrick/imq/ for more information. *iptables-1.2.7a (27 Aug 2002) - + + 01 Sep 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild : + Added better handling of stopping iptables as described in #6949. + Suggested and submitted by Frederic Jolliton <fred@jolliton.com>. + + 30 Aug 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild : + Added the IMQ patch to 1.2.7a. + 27 Aug 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild : New upstream version to fix the bugs introduced in 1.2.7. diff --git a/sys-apps/iptables/files/iptables.init b/sys-apps/iptables/files/iptables.init index db5ac1bd2ac1..1ba459439280 100644 --- a/sys-apps/iptables/files/iptables.init +++ b/sys-apps/iptables/files/iptables.init @@ -2,7 +2,7 @@ # Copyright 1999-2002 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License, v2 or # later -# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/files/iptables.init,v 1.1 2002/05/26 17:05:50 lamer Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/files/iptables.init,v 1.2 2002/09/02 07:54:59 aliz Exp $ depend() { need logger net @@ -26,7 +26,27 @@ start() { stop() { ebegin "Stopping firewall and saving iptables state" # This way we don't forget to save changes - iptables-save > ${IPTABLES_SAVE} - iptables -F + /sbin/iptables-save > ${IPTABLES_SAVE} + + for a in `cat /proc/net/ip_tables_names`; do + iptables -F -t $a + iptables -X -t $a + + if [ $a == nat ]; then + iptables -t nat -P PREROUTING ACCEPT + iptables -t nat -P POSTROUTING ACCEPT + iptables -t nat -P OUTPUT ACCEPT + elif [ $a == mangle ]; then + iptables -t mangle -P PREROUTING ACCEPT + iptables -t mangle -P INPUT ACCEPT + iptables -t mangle -P FORWARD ACCEPT + iptables -t mangle -P OUTPUT ACCEPT + iptables -t mangle -P POSTROUTING ACCEPT + elif [ $a == filter ]; then + iptables -t filter -P INPUT ACCEPT + iptables -t filter -P FORWARD ACCEPT + iptables -t filter -P OUTPUT ACCEPT + fi + done eend $? } |