Package: ipmasq Version: 4.0.8-4 Followup-For: Bug #438580 With netfilter (IPTABLES) and with user created rules with new chains the rule A03flush.def on /etc/ipmasq/rules and on /etc/ipmasq/ipmasq-down don't work correctly. I suggest the following implementation of the rule:
case $MASQMETHOD in netfilter) for table in $( ls -1 /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_*.ko | sed -n -e 's,^.*/iptable_\([^/]\+\)\.ko$,\1,p' ) do unset userchain for CP in $(iptables -t $table -nL | sed -n '/^Chain \S\+ (/s/^Chain \(\S\+\) (\(\S\+\) .*/\1:\2/p') do chain="${CP%:*}" if [ "${CP##*:}" == "policy" ];then $IPTABLES -t $table -P $chain ACCEPT $IPTABLES -t $table -F $chain else $IPTABLES -t $table -F $chain userchain="$chain $userchain" fi done # chain (all) for chain in $userchain ; do $IPTABLES -t $table -X $chain 2>/dev/null || echo "Error: deleting user-defined chain $chain on table $table" >&2 done # chain (user-defined) done # table ;; esac This script automagically obtain all chains on all tables. If the chain is user-defined then remove it otherwise flush and set default policy. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (560, 'testing'), (545, 'testing-proposed-updates'), (540, 'testing'), (460, 'stable'), (445, 'proposed-updates'), (440, 'stable'), (50, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core) Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages ipmasq depends on: ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy ii iptables 1.3.8.0debian1-1 administration tools for packet fi ipmasq recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]