http://qa.mandrakesoft.com/show_bug.cgi?id=6129
Product: drakxtools Component: drakfirewall Summary: drakfirewall doesn't update iptables properly Product: drakxtools Version: 9.2-9mdk Platform: PC OS/Version: All Status: UNCONFIRMED Severity: major Priority: P2 Component: drakfirewall AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] When switching off iptables (accept all, no firewall) from drakfirewall, one would expect that ping would get through. This is not the case however, not even after a manual /sbin/service iptables restart but it does work as expected after I manually run /sbin/service iptables stop /sbin/service iptables start In other words, restart on iptables behaves differently from stop+start, which is not as it should be, AFAIK. Looking in the /etc/init.d/iptables script, it comments that # "restart" is really just "start" as this isn't a daemon, # and "start" clears any pre-defined rules anyway. It does not. The start function makes a second assumption in conflict with this one. # This is really only here to make those who expect it happy As explained above, running "start" then "stop" behaves better so this assumption must not hold anymore. And indeed, adding "stop" before the "start" line that follows makes the manual command work, /sbin/service iptables restart This leaves drakfirewall, which still doesn't work properly. It seems to rely on that same assumption (restart==start) but I did not find how precisely. -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.