http://qa.mandrakesoft.com/show_bug.cgi?id=6129
Product: drakxtools
Component: drakfirewall
Summary: drakfirewall doesn't update iptables properly
Product: drakxtools
Version: 9.2-9mdk
Platform: PC
OS/Version: All
Status: UNCONFIRMED
Severity: major
Priority: P2
Component: drakfirewall
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
When switching off iptables (accept all, no firewall) from drakfirewall, one
would expect that ping would get through. This is not the case however, not
even after a manual
/sbin/service iptables restart
but it does work as expected after I manually run
/sbin/service iptables stop
/sbin/service iptables start
In other words, restart on iptables behaves differently from stop+start, which
is not as it should be, AFAIK.
Looking in the /etc/init.d/iptables script, it comments that
# "restart" is really just "start" as this isn't a daemon,
# and "start" clears any pre-defined rules anyway.
It does not. The start function makes a second assumption in conflict with this
one.
# This is really only here to make those who expect it happy
As explained above, running "start" then "stop" behaves better so this
assumption must not hold anymore. And indeed, adding "stop" before the "start"
line that follows makes the manual command work,
/sbin/service iptables restart
This leaves drakfirewall, which still doesn't work properly. It seems to rely
on that same assumption (restart==start) but I did not find how precisely.
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
