Merge branch 'openssl-update' into fifteen

[people/teissler/ipfire-2.x.git] / config / rootfiles / core / fifteen / update.sh

diff --git a/config/rootfiles/core/fifteen/update.sh b/config/rootfiles/core/fifteen/update.sh
index 3ea5ec596b32e3c251c1512367c22fecf3b26002..34cc9137e843310083c4a5f071c5bd120f5e0144 100644 (file)
--- a/config/rootfiles/core/fifteen/update.sh
+++ b/config/rootfiles/core/fifteen/update.sh
@@ -49,14 +49,29 @@ rm -f /etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
 rm -f /etc/rc.d/init.d/networking/red.up/25-portfw
 rm -f /etc/rc.d/init.d/networking/red.up/26-xtaccess
 
+# Remove old firewallscripts
+rm -f /usr/local/bin/setportfw
+rm -f /usr/local/bin/setdmzholes
+rm -f /usr/local/bin/setxtaccess
+rm -f /usr/local/bin/outgoingfwctrl
+
 # Remove old CGI files
 rm -f /srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
 
+# Generate chains for new firewall
+/sbin/iptables -N INPUTFW
+/sbin/iptables -N FORWARDFW
+/sbin/iptables -N POLICYFWD
+/sbin/iptables -N POLICYIN
+/sbin/iptables -N POLICYOUT
+/sbin/iptables -t nat -N NAT_SOURCE
+/sbin/iptables -t nat -N NAT_DESTINATION
+
 # Convert firewall configuration
-/usr/bin/convert-xtaccess
-/usr/bin/convert-outgoingfw
-/usr/bin/convert-portfw
-/usr/bin/convert-dmz
+/usr/sbin/convert-xtaccess
+/usr/sbin/convert-outgoingfw
+/usr/sbin/convert-portfw
+/usr/sbin/convert-dmz
 
 # Remove old firewall configuration files
 rm -rf /var/ipfire/{dmzholes,portfw,outgoing,xtaccess}