Package: firehol Version: 1.231-0.hs.2 Severity: wishlist Tags: patch I'm running the firewall on my PC connected to the router to the internet. So shutting down my firewall I want all network traffic to an from the internet blocked.
Current situation is, that shutting done the firewall nothing is blocked. The firehol script itself can do this if you're starting the firewall with a different script. So I think doing what I want is possible by changing the /etc/init.d/firehol script in following manner: Index: debian/init.d/firehol =================================================================== --- 3256bbfc992f28cd6bb45a4b6da88fd4b86db78f/debian/init.d/firehol (mode:100644) +++ 3ba75d236e914b19ce2bfcd41a53ea8a8329bad2/debian/init.d/firehol (mode:100644) @@ -4,6 +4,13 @@ test -x /sbin/firehol || exit 0 +# default +STOP_ACTION="stop" + +[ -r /etc/default/firehol ] && . /etc/default/firehol + +[ "$START_FIREHOL" = "NO" ] && exit 0 + set -e COMMAND="$1" @@ -19,7 +26,7 @@ ;; stop) echo -n "Stopping iptables firewall: FireHOL ..." - /sbin/firehol stop "$@" + /sbin/firehol $STOP_ACTION "$@" if [ $? = 0 ]; then echo "done." fi; For defining the special action, I defined a /etc/default/firehol script: Index: debian/firehol.default =================================================================== --- /dev/null (tree:3256bbfc992f28cd6bb45a4b6da88fd4b86db78f) +++ 3ba75d236e914b19ce2bfcd41a53ea8a8329bad2/debian/firehol.default (mode:100644) @@ -0,0 +1,7 @@ +# starting firewall? YES or NO +START_FIREHOL=NO + +# action if stopping +# STOP_ACTION="panic" +STOP_ACTION="/etc/firehol/firehol-stop.conf start" + Additionally the /etc/default/firehol should be defined in the debian/rules script. Whith these additions it is possible to configure the firewall in my way, without disturbing other usages. Perhaps it's possible to extend the current of firehol. Thanks, Stefan -- System Information: Debian Release: 3.0 APT prefers testing APT policy: (400, 'testing'), (300, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8) Versions of packages firehol depends on: ii bash 2.05b-26 The GNU Bourne Again SHell ii bc 1.06-8 The GNU bc arbitrary precision cal ii iproute 20041019-3 Professional tools to control the ii iptables 1.2.11-8 Linux kernel 2.4+ iptables adminis ii net-tools 1.60-4 The NET-3 networking toolkit -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]