Package: ipmasq
Version: 4.0.8-4
Followup-For: Bug #438580
With netfilter (IPTABLES) and with user created rules with new chains
the rule A03flush.def on /etc/ipmasq/rules and on
/etc/ipmasq/ipmasq-down don't work correctly.
I suggest the following implementation of the rule:
case $MASQMETHOD in
netfilter)
for table in $(
ls -1 /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_*.ko |
sed -n -e 's,^.*/iptable_\([^/]\+\)\.ko$,\1,p' )
do
unset userchain
for CP in $(iptables -t $table -nL |
sed -n '/^Chain \S\+ (/s/^Chain \(\S\+\) (\(\S\+\) .*/\1:\2/p')
do
chain="${CP%:*}"
if [ "${CP##*:}" == "policy" ];then
$IPTABLES -t $table -P $chain ACCEPT
$IPTABLES -t $table -F $chain
else
$IPTABLES -t $table -F $chain
userchain="$chain $userchain"
fi
done # chain (all)
for chain in $userchain ; do
$IPTABLES -t $table -X $chain 2>/dev/null ||
echo "Error: deleting user-defined chain $chain on table $table" >&2
done # chain (user-defined)
done # table
;;
esac
This script automagically obtain all chains on all tables. If the chain
is user-defined then remove it otherwise flush and set default policy.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (560, 'testing'), (545, 'testing-proposed-updates'), (540,
'testing'), (460, 'stable'), (445, 'proposed-updates'), (440, 'stable'), (50,
'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages ipmasq depends on:
ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy
ii iptables 1.3.8.0debian1-1 administration tools for packet fi
ipmasq recommends no packages.
-- debconf information excluded
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
