Bug#438580: ipmasq: Whishlist A03flush.def witch user-defined chains

[reportbug]

Package: ipmasq
Version: 4.0.8-4
Followup-For: Bug #438580

Yesterday I sent a script that don't match the installed A03flush.def
policies rules to start and to stop correctly ipmasq.
I attach the correct rules for the netfilter section of the rules with
set the correct POLICY for starting and stopping ipmasq at boot time
or in a live system.

/etc/ipmasq/rules/A03flush.rul:

case $MASQMETHOD in
netfilter)
    for table in $(
        ls -1 /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_*.ko |
          sed -n -e 's,^.*/iptable_\([^/]\+\)\.ko$,\1,p' )
    do
      unset userchain
      for CP in $(iptables -t $table -nL |
          sed -n '/^Chain \S\+ (/s/^Chain \(\S\+\) (\(\S\+\) .*/\1:\2/p')
      do
        chain="${CP%:*}"
        if [ "${CP##*:}" == "policy" ];then
          if [ "$table" == filter -o -z "$table" ]
          then
            $IPTABLES -t $table -P $chain DROP
          else
            $IPTABLES -t $table -P $chain ACCEPT
          fi
          $IPTABLES -t $table -F $chain
        else
          $IPTABLES -t $table -F $chain
          userchain="$chain $userchain"
        fi
      done
      for chain in $userchain ; do
        $IPTABLES -t $table -X $chain
      done
    done
    ;;
esac

/etc/ipmasq/rules/A03flush.rul:

case $MASQMETHOD in
netfilter)
    for table in $(
        ls -1 /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/iptable_*.ko |
          sed -n -e 's,^.*/iptable_\([^/]\+\)\.ko$,\1,p' )
    do
      unset userchain
      for CP in $(iptables -t $table -nL |
          sed -n '/^Chain \S\+ (/s/^Chain \(\S\+\) (\(\S\+\) .*/\1:\2/p')
      do
        chain="${CP%:*}"
        if [ "${CP##*:}" == "policy" ];then
          if [ "$table" == filter -o -z "$table" ] &&
               [ $chain == FORWARD ]
          then
            $IPTABLES -t $table -P $chain DROP
          else
            $IPTABLES -t $table -P $chain ACCEPT
          fi
          $IPTABLES -t $table -F $chain
        else
          $IPTABLES -t $table -F $chain
          userchain="$chain $userchain"
        fi
      done
      for chain in $userchain ; do
        $IPTABLES -t $table -X $chain
      done
    done
    ;;
esac

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (560, 'testing'), (545, 'testing-proposed-updates'), (540, 
'testing'), (460, 'stable'), (445, 'proposed-updates'), (440, 'stable'), (50, 
'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages ipmasq depends on:
ii  debconf [debconf-2.0]   1.5.14           Debian configuration management sy
ii  iptables                1.3.8.0debian1-1 administration tools for packet fi

ipmasq recommends no packages.

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]