Forward Firewall: fixed icmp-types and deleted dmzholes chain

diff --git a/config/fwhosts/icmp-types b/config/fwhosts/icmp-types
index d41cdbfba884731981d461a71bef4beaf2103f5c..a9066a89b647b825cde476879a9f17de5fb7912a 100755 (executable)
--- a/config/fwhosts/icmp-types
+++ b/config/fwhosts/icmp-types
@@ -1,4 +1,4 @@
-0,echo-reply (pong),0
+0,echo-reply,0
 1,destination-unreachable,3
 2,network-unreachable,3/0
 3,host-unreachable,3/1
@@ -21,10 +21,10 @@
 20,host-redirect,5/1
 21,TOS-network-redirect,5/2
 22,TOS-host-redirect,5/3
-23,echo-request (ping),8
+23,echo-request,8
 24,router-advertisement,9
 25,router-solicitation,10
-26,time-exceeded (ttl-exceeded),11
+26,time-exceeded,11
 27,ttl-zero-during-transit,11/0
 28,ttl-zero-during-reassembly,11/1
 29,parameter-problem,12

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 7453056be0bfba1ecca24e7a674098359b0ce233..c2308d3c02427a862abda2fa0d70a92b2e8f58f7 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -242,9 +242,9 @@ case "$1" in
 
        iptables_red
        
-       # DMZ pinhole chain.  setdmzholes setuid prog adds rules here to allow
+       # DMZ pinhole chain.  
        # ORANGE to talk to GREEN / BLUE.
-       /sbin/iptables -N DMZHOLES
+
        if [ "$ORANGE_DEV" != "" ]; then
                /sbin/iptables -A FORWARD -i $ORANGE_DEV -m state --state NEW -j FORWARDFW
        fi