ln -svf ../run /var/run
+# Creating directories for new firewall.
+mkdir -p /var/ipfire/firewall
+mkdir -p /var/ipfire/fwhosts
+
#
#Extract files
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
rm -f /srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
# Generate chains for new firewall
-/sbin/iptables -N INPUTFW
-/sbin/iptables -N FORWARDFW
-/sbin/iptables -N POLICYFWD
-/sbin/iptables -N POLICYIN
-/sbin/iptables -N POLICYOUT
-/sbin/iptables -t nat -N NAT_SOURCE
-/sbin/iptables -t nat -N NAT_DESTINATION
+/sbin/iptables -N INPUTFW 2>/dev/null
+/sbin/iptables -N FORWARDFW 2>/dev/null
+/sbin/iptables -N POLICYFWD 2>/dev/null
+/sbin/iptables -N POLICYIN 2>/dev/null
+/sbin/iptables -N POLICYOUT 2>/dev/null
+/sbin/iptables -t nat -N NAT_SOURCE 2>/dev/null
+/sbin/iptables -t nat -N NAT_DESTINATION 2>/dev/null
+
+# Create config files for firewall and fix permissions.
+touch /var/ipfire/firewall/config
+touch /var/ipfire/firewall/input
+touch /var/ipfire/firewall/outgoing
+touch /var/ipfire/firewall/p2protocols
+touch /var/ipfire/firewall/settings
+touch /var/ipfire/fwhosts/customhosts
+touch /var/ipfire/fwhosts/customnetworks
+touch /var/ipfire/fwhosts/customgroups
+touch /var/ipfire/fwhosts/customservices
+touch /var/ipfire/fwhosts/customservicegrp
+
+# Fix ownership.
+chown -R nobody:nobody /var/ipfire/firewall
+chown -R nobody:nobody /var/ipfire/fwhosts
# Convert firewall configuration
/usr/sbin/convert-xtaccess
sed -i -e "s/^proc/#proc/g" /etc/fstab
sed -i -e "s/^sysfs/#sysfs/g" /etc/fstab
sed -i -e "s/^devpts/#devpts/g" /etc/fstab
-sed -i -e "s|^none\s/var/run|#none /var/run|/g" /etc/fstab
+sed -i -e "s|^none\s/var/run|#none /var/run|g" /etc/fstab
# Convert udev persistent network rules
sed -i -e "s/SYSFS{/ATTR{/g" /etc/udev/rules.d/30-persistent-network.rules