Package: fwsnort Version: 1.6.5-1 Severity: important Hi,
while working on the recent RC bug in fwsnort (#860164) I noticed that all the firewall rules created by fwsnort are not removed upon purging the package. But since the package does not create them automatically and they're only created if the program is actually used as intented, I think it's less severe than e.g. piuparts reporting leftover files after purge. On a first glance, simply calling "fwsnort --ipt-revert" in prerm suffices, but then again, /usr/sbin/fwsnort might be no more there, if the package was already removed, but not purged. Luckily, when looking what this option actually does, I noticed that it boils down to the very simple oneliner: grep -v FWSNORT /var/lib/fwsnort/fwsnort.save | iptables-restore So I'll add this to the postrm script before deleting the fwsnort.save file, calling it only if that file exists. -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (990, 'unstable'), (980, 'unstable-debug'), (600, 'testing'), (111, 'buildd-unstable'), (111, 'buildd-experimental'), (110, 'experimental'), (105, 'experimental-debug') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages fwsnort depends on: ii debconf [debconf-2.0] 1.5.60 ii iptables 1.6.0+snapshot20161117-6 ii libiptables-parse-perl 1.6-1 ii libnet-rawip-perl 0.25-2+b3 ii libnetaddr-ip-perl 4.079+dfsg-1+b1 pn perl:any <none> Versions of packages fwsnort recommends: pn snort-rules-default <none> fwsnort suggests no packages. -- debconf information: * fwsnort/download: true