summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'sys-apps')
-rw-r--r--sys-apps/iptables/ChangeLog11
-rw-r--r--sys-apps/iptables/files/iptables.init26
2 files changed, 32 insertions, 5 deletions
diff --git a/sys-apps/iptables/ChangeLog b/sys-apps/iptables/ChangeLog
index 88b83c96ce35..ab1c8fa41d81 100644
--- a/sys-apps/iptables/ChangeLog
+++ b/sys-apps/iptables/ChangeLog
@@ -1,6 +1,6 @@
# ChangeLog for sys-apps/iptables
# Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/ChangeLog,v 1.7 2002/08/29 22:11:12 drobbins Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/ChangeLog,v 1.8 2002/09/02 07:54:59 aliz Exp $
*iptables-1.2.6a-r2 (29 Aug 2002)
@@ -9,7 +9,14 @@
http://luxik.cdi.cz/~patrick/imq/ for more information.
*iptables-1.2.7a (27 Aug 2002)
-
+
+ 01 Sep 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild :
+ Added better handling of stopping iptables as described in #6949.
+ Suggested and submitted by Frederic Jolliton <fred@jolliton.com>.
+
+ 30 Aug 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild :
+ Added the IMQ patch to 1.2.7a.
+
27 Aug 2002; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a.ebuild : New
upstream version to fix the bugs introduced in 1.2.7.
diff --git a/sys-apps/iptables/files/iptables.init b/sys-apps/iptables/files/iptables.init
index db5ac1bd2ac1..1ba459439280 100644
--- a/sys-apps/iptables/files/iptables.init
+++ b/sys-apps/iptables/files/iptables.init
@@ -2,7 +2,7 @@
# Copyright 1999-2002 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or
# later
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/files/iptables.init,v 1.1 2002/05/26 17:05:50 lamer Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/iptables/files/iptables.init,v 1.2 2002/09/02 07:54:59 aliz Exp $
depend() {
need logger net
@@ -26,7 +26,27 @@ start() {
stop() {
ebegin "Stopping firewall and saving iptables state"
# This way we don't forget to save changes
- iptables-save > ${IPTABLES_SAVE}
- iptables -F
+ /sbin/iptables-save > ${IPTABLES_SAVE}
+
+ for a in `cat /proc/net/ip_tables_names`; do
+ iptables -F -t $a
+ iptables -X -t $a
+
+ if [ $a == nat ]; then
+ iptables -t nat -P PREROUTING ACCEPT
+ iptables -t nat -P POSTROUTING ACCEPT
+ iptables -t nat -P OUTPUT ACCEPT
+ elif [ $a == mangle ]; then
+ iptables -t mangle -P PREROUTING ACCEPT
+ iptables -t mangle -P INPUT ACCEPT
+ iptables -t mangle -P FORWARD ACCEPT
+ iptables -t mangle -P OUTPUT ACCEPT
+ iptables -t mangle -P POSTROUTING ACCEPT
+ elif [ $a == filter ]; then
+ iptables -t filter -P INPUT ACCEPT
+ iptables -t filter -P FORWARD ACCEPT
+ iptables -t filter -P OUTPUT ACCEPT
+ fi
+ done
eend $?
}