Reload all firewall rules when /etc/init.d/firewall reload is executed.

author Michael Tremer <michael.tremer@ipfire.org>

Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)

committer Michael Tremer <michael.tremer@ipfire.org>

Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)
author Michael Tremer <michael.tremer@ipfire.org>
Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)
committer Michael Tremer <michael.tremer@ipfire.org>
Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts

index 531e612a7119d35a0e3ae80939751b00dde243a3..bf4dd529ab620ebf1db7d33540587c8b45c86886 100644 (file)
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -81,7 +81,6 @@ etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
  etc/rc.d/init.d/networking/red.up/10-miniupnpd
  etc/rc.d/init.d/networking/red.up/10-multicast
  etc/rc.d/init.d/networking/red.up/20-RL-firewall
  etc/rc.d/init.d/networking/red.up/10-miniupnpd
  etc/rc.d/init.d/networking/red.up/10-multicast
  etc/rc.d/init.d/networking/red.up/20-RL-firewall
-etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
  etc/rc.d/init.d/networking/red.up/23-RS-snort
  etc/rc.d/init.d/networking/red.up/24-RS-qos
  etc/rc.d/init.d/networking/red.up/27-RS-squid
  etc/rc.d/init.d/networking/red.up/23-RS-snort
  etc/rc.d/init.d/networking/red.up/24-RS-qos
  etc/rc.d/init.d/networking/red.up/27-RS-squid
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts

index a3acc1fb6dd95f1378daac5c5784fa1f3c8da611..3b91181d03f29fc9ff6be15fd75a6b55e69b6b2a 100644 (file)
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -83,7 +83,6 @@ etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
  etc/rc.d/init.d/networking/red.up/10-miniupnpd
  etc/rc.d/init.d/networking/red.up/10-multicast
  etc/rc.d/init.d/networking/red.up/20-RL-firewall
  etc/rc.d/init.d/networking/red.up/10-miniupnpd
  etc/rc.d/init.d/networking/red.up/10-multicast
  etc/rc.d/init.d/networking/red.up/20-RL-firewall
-etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
  etc/rc.d/init.d/networking/red.up/23-RS-snort
  etc/rc.d/init.d/networking/red.up/24-RS-qos
  etc/rc.d/init.d/networking/red.up/27-RS-squid
  etc/rc.d/init.d/networking/red.up/23-RS-snort
  etc/rc.d/init.d/networking/red.up/24-RS-qos
  etc/rc.d/init.d/networking/red.up/27-RS-squid
diff --git a/config/rootfiles/core/76/filelists/firewall b/config/rootfiles/core/76/filelists/firewall

index 1c5819180b00d792f5a390cca07ba744e9536023..e770307c14b1f0b57373e2661a639933a4a03c74 100644 (file)
--- a/config/rootfiles/core/76/filelists/firewall
+++ b/config/rootfiles/core/76/filelists/firewall
@@ -1,5 +1,4 @@
  etc/rc.d/init.d/firewall
  etc/rc.d/init.d/firewall
-etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
  srv/web/ipfire/cgi-bin/firewall.cgi
  srv/web/ipfire/cgi-bin/fwhosts.cgi
  srv/web/ipfire/cgi-bin/optionsfw.cgi
  srv/web/ipfire/cgi-bin/firewall.cgi
  srv/web/ipfire/cgi-bin/fwhosts.cgi
  srv/web/ipfire/cgi-bin/optionsfw.cgi
diff --git a/config/rootfiles/core/76/update.sh b/config/rootfiles/core/76/update.sh

index 2da9408e25fbdb1bafdc64cb48c4051f880caf65..150045bfe0c9f1428e9c2f236a04e59343872846 100644 (file)
--- a/config/rootfiles/core/76/update.sh
+++ b/config/rootfiles/core/76/update.sh
@@ -204,6 +204,9 @@ rm -f /usr/sbin/ntptime
  rm -f /usr/sbin/ntptrace
  rm -f /usr/sbin/tickadj
  
  rm -f /usr/sbin/ntptrace
  rm -f /usr/sbin/tickadj
  
+# Remove old firewall helper link
+rm -f /etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
+
  #
  #Extract files
  tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
  #
  #Extract files
  tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
diff --git a/lfs/initscripts b/lfs/initscripts

index f9ee45f83125727d9c356a1ea22d94029cdc7107..28387f3499a34e9aa2bf33a16d1890ac45ceb18d 100644 (file)
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -181,8 +181,6 @@ $(TARGET) :
  
         ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
         ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall
  
         ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
         ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall
-       ln -sf ../../../../../usr/local/bin/firewallctrl \
-               /etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
         ln -sf ../../../../../usr/local/bin/snortctrl \
                 /etc/rc.d/init.d/networking/red.up/23-RS-snort
         ln -sf ../../../../../usr/local/bin/qosctrl \
         ln -sf ../../../../../usr/local/bin/snortctrl \
                 /etc/rc.d/init.d/networking/red.up/23-RS-snort
         ln -sf ../../../../../usr/local/bin/qosctrl \
diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall

index ddc4a4a283d5282abcce3de7400eb06171959409..2c280f2ba07ce3c9574fc7c6a0f8389c87548d0a 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -281,6 +281,9 @@ iptables_red() {
                 iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
  
         fi
                 iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
  
         fi
+
+       # Reload all rules.
+       firewallctrl
  }
  
  # See how we were called.
  }
  
  # See how we were called.
author	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 25 Feb 2014 11:23:09 +0000 (12:23 +0100)
config/rootfiles/common/armv5tel/initscripts		patch \| blob \| blame \| history
config/rootfiles/common/i586/initscripts		patch \| blob \| blame \| history
config/rootfiles/core/76/filelists/firewall		patch \| blob \| blame \| history
config/rootfiles/core/76/update.sh		patch \| blob \| blame \| history
lfs/initscripts		patch \| blob \| blame \| history
src/initscripts/init.d/firewall		patch \| blob \| blame \| history