Bug#493805: Please append $network in LSB Required-Start and Required-Stop
Hi Michael, I've already merged it upstream, although I'm not sure whether there will be an officially updated 1.8.8 version, as I'm retiring 1.8 ASAP But at least the next 1.9 will have the patch included... cheers, Arno Michael Hanke wrote: Hi, [ CC'ing upstream (Hi Arno!). Full quote below. ] Thanks a lot for the patch, I will add it to the package as soon as I'm back at work (next week). Cheers, Michael On Tue, Aug 05, 2008 at 01:27:14AM +0100, Chris Lamb wrote: Package: arno-iptables-firewall Version: 1.8.8.o-2 Tags: patch Hi, Please append $network to arno-iptables-firewall's LSB Required-Start and Required-Stop lines. When using a concurrent boot method, I have experienced race conditions whereby the interface is not fully configured before arno-iptables-firewall starts (for example, due to a slow-responding DHCP server or by having a number of interfaces to configure). This does not affect arno-iptables-firewall in its default shipped state as /sbin/iptables will happily add rules to unconfigured interfaces. However, plugins that use commands such as /sbin/ip and friends (including the shipped multiroute plugin) and anything that relies on an IP address being assigned will race with the ifup calls. (I encountered this with a custom plugin of mine, not with multiroute, however.) Patch attached. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 diff -urNad arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall arno-iptables-firewall-1.8.8.o/arno-iptables-firewall --- arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall 2008-08-05 01:01:52.0 +0100 +++ arno-iptables-firewall-1.8.8.o/arno-iptables-firewall 2008-08-05 01:02:05.0 +0100 @@ -5,8 +5,8 @@ ### BEGIN INIT INFO # Provides: arno-iptables-firewall -# Required-Start:$syslog $local_fs -# Required-Stop: $syslog $local_fs +# Required-Start:$syslog $local_fs $network +# Required-Stop: $syslog $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Setup iptables firewall configuration
Bug#493805: Please append $network in LSB Required-Start and Required-Stop
Hi, [ CC'ing upstream (Hi Arno!). Full quote below. ] Thanks a lot for the patch, I will add it to the package as soon as I'm back at work (next week). Cheers, Michael On Tue, Aug 05, 2008 at 01:27:14AM +0100, Chris Lamb wrote: Package: arno-iptables-firewall Version: 1.8.8.o-2 Tags: patch Hi, Please append $network to arno-iptables-firewall's LSB Required-Start and Required-Stop lines. When using a concurrent boot method, I have experienced race conditions whereby the interface is not fully configured before arno-iptables-firewall starts (for example, due to a slow-responding DHCP server or by having a number of interfaces to configure). This does not affect arno-iptables-firewall in its default shipped state as /sbin/iptables will happily add rules to unconfigured interfaces. However, plugins that use commands such as /sbin/ip and friends (including the shipped multiroute plugin) and anything that relies on an IP address being assigned will race with the ifup calls. (I encountered this with a custom plugin of mine, not with multiroute, however.) Patch attached. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 diff -urNad arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall arno-iptables-firewall-1.8.8.o/arno-iptables-firewall --- arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall 2008-08-05 01:01:52.0 +0100 +++ arno-iptables-firewall-1.8.8.o/arno-iptables-firewall 2008-08-05 01:02:05.0 +0100 @@ -5,8 +5,8 @@ ### BEGIN INIT INFO # Provides: arno-iptables-firewall -# Required-Start:$syslog $local_fs -# Required-Stop: $syslog $local_fs +# Required-Start:$syslog $local_fs $network +# Required-Stop: $syslog $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Setup iptables firewall configuration -- GPG key: 1024D/3144BE0F Michael Hanke http://apsy.gse.uni-magdeburg.de/hanke ICQ: 48230050 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#493805: Please append $network in LSB Required-Start and Required-Stop
Package: arno-iptables-firewall Version: 1.8.8.o-2 Tags: patch Hi, Please append $network to arno-iptables-firewall's LSB Required-Start and Required-Stop lines. When using a concurrent boot method, I have experienced race conditions whereby the interface is not fully configured before arno-iptables-firewall starts (for example, due to a slow-responding DHCP server or by having a number of interfaces to configure). This does not affect arno-iptables-firewall in its default shipped state as /sbin/iptables will happily add rules to unconfigured interfaces. However, plugins that use commands such as /sbin/ip and friends (including the shipped multiroute plugin) and anything that relies on an IP address being assigned will race with the ifup calls. (I encountered this with a custom plugin of mine, not with multiroute, however.) Patch attached. Regards, -- Chris Lamb, UK [EMAIL PROTECTED] GPG: 0x634F9A20 diff -urNad arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall arno-iptables-firewall-1.8.8.o/arno-iptables-firewall --- arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall 2008-08-05 01:01:52.0 +0100 +++ arno-iptables-firewall-1.8.8.o/arno-iptables-firewall 2008-08-05 01:02:05.0 +0100 @@ -5,8 +5,8 @@ ### BEGIN INIT INFO # Provides: arno-iptables-firewall -# Required-Start:$syslog $local_fs -# Required-Stop: $syslog $local_fs +# Required-Start:$syslog $local_fs $network +# Required-Stop: $syslog $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Setup iptables firewall configuration signature.asc Description: PGP signature
