]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a10733a)
red.up: add script to cleanup conntrack-table if red ip has changed.
authorArne Fitzenreiter <Arne_F@ipfire.org>
Thu, 3 Jan 2013 15:28:21 +0000 (16:28 +0100)
committerArne Fitzenreiter <Arne_F@ipfire.org>
Thu, 3 Jan 2013 15:28:21 +0000 (16:28 +0100)
config/rootfiles/common/armv5tel/initscripts patch | blob | blame | history
config/rootfiles/common/i586/initscripts patch | blob | blame | history
config/rootfiles/core/66/filelists/files patch | blob | blame | history
src/initscripts/init.d/networking/red.up/01-conntrack-cleanup [new file with mode: 0644] patch | blob

diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index 90f9be161a03e3cfcdebe4180555d312ba022e4b..1a613ac34a447999c44b81d6583d1d2544fd4d4a 100644 (file)
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -73,6 +73,7 @@ etc/rc.d/init.d/networking/red.down/10-ovpn
 etc/rc.d/init.d/networking/red.down/20-RL-firewall
 etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
 #etc/rc.d/init.d/networking/red.up
+etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
 etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
 etc/rc.d/init.d/networking/red.up/10-miniupnpd
 etc/rc.d/init.d/networking/red.up/10-multicast
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index 737e87847dba28784133814744c4c2fe02e9df0c..f26e2446dc815aa78b4be6134e5e5723bfca0bda 100644 (file)
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -75,6 +75,7 @@ etc/rc.d/init.d/networking/red.down/10-ovpn
 etc/rc.d/init.d/networking/red.down/20-RL-firewall
 etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
 #etc/rc.d/init.d/networking/red.up
+etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
 etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
 etc/rc.d/init.d/networking/red.up/10-miniupnpd
 etc/rc.d/init.d/networking/red.up/10-multicast
diff --git a/config/rootfiles/core/66/filelists/files b/config/rootfiles/core/66/filelists/files
index bf51301d741ca620bece6a4f89c2a326de2fc89a..91142e0c4fe581f0e21046d728d3b617626a6931 100644 (file)
--- a/config/rootfiles/core/66/filelists/files
+++ b/config/rootfiles/core/66/filelists/files
@@ -7,6 +7,7 @@ etc/rc.d/init.d/halt
 etc/rc.d/init.d/leds
 etc/rc.d/init.d/mountfs
 etc/rc.d/init.d/network
+etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
 etc/rc.d/init.d/networking/red.up/98-leds
 etc/rc.d/init.d/partresize
 etc/rc.d/init.d/reboot
diff --git a/src/initscripts/init.d/networking/red.up/01-conntrack-cleanup b/src/initscripts/init.d/networking/red.up/01-conntrack-cleanup
new file mode 100644 (file)
index 0000000..4bb43b9
--- /dev/null
+++ b/src/initscripts/init.d/networking/red.up/01-conntrack-cleanup
@@ -0,0 +1,25 @@
+#!/bin/bash
+############################################################################
+# conntrack-cleanup - remove conntrack entries with the last red ipaddress #
+############################################################################
+#
+
+curr_ip=`cat /var/ipfire/red/local-ipaddress 2>/dev/null`
+last_ip=`cat /var/lock/last-ipaddress 2>/dev/null`
+
+if [ "$curr_ip" == "$last_ip" ]; then
+       exit 0
+fi
+
+if [ -z "$curr_ip" ]; then
+       echo ERROR: cannot read current IP.
+       exit 1
+fi
+
+if [ ! -z "$last_ip" ]; then
+       conntrack -D -s $last_ip 2>&1 > /dev/null
+       conntrack -D -d $last_ip 2>&1 > /dev/null
+       conntrack -D -r $last_ip 2>&1 > /dev/null
+       conntrack -D -q $last_ip 2>&1 > /dev/null
+fi
+echo $curr_ip > /var/lock/last-ipaddress
IPFire 2.x development tree