rpms/iptables/devel iptables.init, 1.17, 1.18 iptables.spec, 1.55, 1.56
Thomas Woerner (twoerner)
fedora-extras-commits at redhat.com
Tue Oct 16 15:30:33 UTC 2007
Author: twoerner
Update of /cvs/pkgs/rpms/iptables/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22231
Modified Files:
iptables.init iptables.spec
Log Message:
- fixed error code for stopping a already stopped firewall (rhbz#321751)
- moved blacklist test into start
Index: iptables.init
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/iptables.init,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- iptables.init 26 Sep 2007 15:59:58 -0000 1.17
+++ iptables.init 16 Oct 2007 15:30:01 -0000 1.18
@@ -32,12 +32,6 @@
exit 5
fi
-if [ "${IPV}" = "ip6" ] \
- && grep -qIs "^blacklist\W${_IPV}" /etc/modprobe.conf /etc/modprobe.d/* ; then
- echo $"$0: ${_IPV} is blacklisted."
- exit 0
-fi
-
# Old or new modutils
/sbin/modprobe --version 2>&1 | grep -q module-init-tools \
&& NEW_MODUTILS=1 \
@@ -94,7 +88,7 @@
flush_n_delete() {
# Flush firewall rules and delete chains.
- [ -e "$PROC_IPTABLES_NAMES" ] || return 1
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0
# Check if firewall is configured (has tables)
[ -z "$NF_TABLES" ] && return 1
@@ -126,7 +120,7 @@
policy=$1
# Check if iptable module is loaded
- [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0
# Check if firewall is configured (has tables)
tables=$(cat "$PROC_IPTABLES_NAMES" 2>/dev/null)
@@ -175,7 +169,13 @@
start() {
# Do not start if there is no config file.
- [ -f "$IPTABLES_DATA" ] || return 1
+ [ ! -f "$IPTABLES_DATA" ] && return 6
+
+ if [ "${IPV}" = "ip6" ] \
+ && grep -qIs "^blacklist\W*${_IPV}" /etc/modprobe.conf /etc/modprobe.d/* ; then
+ echo $"${0##*/}: ${_IPV} is blacklisted."
+ return 6
+ fi
echo -n $"Applying $IPTABLES firewall rules: "
@@ -208,7 +208,7 @@
stop() {
# Do not stop if iptables module is not loaded.
- [ -e "$PROC_IPTABLES_NAMES" ] || return 1
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0
flush_n_delete
set_policy ACCEPT
@@ -235,10 +235,10 @@
save() {
# Check if iptable module is loaded
- [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0
# Check if firewall is configured (has tables)
- [ -z "$NF_TABLES" ] && return 1
+ [ -z "$NF_TABLES" ] && return 6
echo -n $"Saving firewall rules to $IPTABLES_DATA: "
@@ -271,7 +271,7 @@
status() {
if [ ! -f "$VAR_SUBSYS_IPTABLES" -a -z "$NF_TABLES" ]; then
- echo $"Firewall is not running."
+ echo $"${0##*/}: Firewall is not running."
return 3
fi
@@ -279,13 +279,13 @@
# loaded.
# Check if iptable modules are loaded
if [ ! -e "$PROC_IPTABLES_NAMES" ]; then
- echo $"Firewall modules not loaded."
+ echo $"${0##*/}: Firewall modules are not loaded."
return 3
fi
# Check if firewall is configured (has tables)
if [ -z "$NF_TABLES" ]; then
- echo $"Firewall is not configured. "
+ echo $"${0##*/}: Firewall is not configured. "
return 3
fi
@@ -345,7 +345,7 @@
RETVAL=$?
;;
*)
- echo $"Usage: $0 {start|stop|restart|condrestart|status|panic|save}"
+ echo $"Usage: ${0##*/} {start|stop|restart|condrestart|status|panic|save}"
RETVAL=2
;;
esac
Index: iptables.spec
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/iptables.spec,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- iptables.spec 26 Sep 2007 16:00:58 -0000 1.55
+++ iptables.spec 16 Oct 2007 15:30:01 -0000 1.56
@@ -3,7 +3,7 @@
Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities
Version: 1.3.8
-Release: 4.1%{?dist}
+Release: 5%{?dist}
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
Source1: iptables.init
Source2: iptables-config
@@ -153,6 +153,10 @@
%endif
%changelog
+* Tue Oct 16 2007 Thomas Woerner <twoerner at redhat.com> 1.3.8-5
+- fixed error code for stopping a already stopped firewall (rhbz#321751)
+- moved blacklist test into start
+
* Wed Sep 26 2007 Thomas Woerner <twoerner at redhat.com> 1.3.8-4.1
- do not start ip6tables if ipv6 is blacklisted (rhbz#236888)
- use simpler fix for (rhbz#295611)
More information about the fedora-extras-commits
mailing list