firewall: Initialize basic ruleset before entering runlevel 3.
authorMichael Tremer <michael.tremer@ipfire.org>
Fri, 14 Feb 2014 11:48:11 +0000 (12:48 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 14 Feb 2014 11:48:11 +0000 (12:48 +0100)
config/rootfiles/common/armv5tel/initscripts
config/rootfiles/common/i586/initscripts
lfs/initscripts
src/initscripts/init.d/firewall
src/initscripts/init.d/network

index 0933ca8..ba32ec8 100644 (file)
@@ -224,6 +224,7 @@ etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S75firstsetup
 etc/rc.d/rcsysinit.d/S80localnet
+etc/rc.d/rcsysinit.d/S85firewall
 etc/rc.d/rcsysinit.d/S90sysctl
 etc/rc.d/rcsysinit.d/S91network-vlans
 etc/rc.d/rcsysinit.d/S92rngd
index 727cc7a..c95f496 100644 (file)
@@ -231,6 +231,7 @@ etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S75firstsetup
 etc/rc.d/rcsysinit.d/S80localnet
+etc/rc.d/rcsysinit.d/S85firewall
 etc/rc.d/rcsysinit.d/S90sysctl
 etc/rc.d/rcsysinit.d/S91network-vlans
 etc/rc.d/rcsysinit.d/S92rngd
index 6968ede..0b5d8f4 100644 (file)
@@ -171,6 +171,7 @@ $(TARGET) :
        ln -sf ../init.d/console     /etc/rc.d/rcsysinit.d/S70console
        ln -sf ../init.d/firstsetup  /etc/rc.d/rcsysinit.d/S75firstsetup
        ln -sf ../init.d/localnet    /etc/rc.d/rcsysinit.d/S80localnet
+       ln -sf ../init.d/firewall    /etc/rc.d/rcsysinit.d/S85firewall
        ln -sf ../init.d/sysctl      /etc/rc.d/rcsysinit.d/S90sysctl
        ln -sf ../init.d/network-vlans /etc/rc.d/rcsysinit.d/S91network-vlans
        ln -sf ../init.d/rngd        /etc/rc.d/rcsysinit.d/S92rngd
index 77da232..2bb8ba1 100644 (file)
@@ -292,14 +292,20 @@ iptables_red() {
 # See how we were called.
 case "$1" in
   start)
+       boot_mesg "Setting up firewall"
        iptables_init
+       evaluate_retval
+
        # run local firewall configuration, if present
        if [ -x /etc/sysconfig/firewall.local ]; then
                /etc/sysconfig/firewall.local start
        fi
        ;;
   reload)
+       boot_mesg "Reloading firewall"
        iptables_red
+       evaluate_retval
+
        # run local firewall configuration, if present
        if [ -x /etc/sysconfig/firewall.local ]; then
                /etc/sysconfig/firewall.local reload
index 27686d1..88ac086 100644 (file)
@@ -38,9 +38,6 @@ init_networking() {
                rmmod nf_conntrack_h323
        fi
 
-       boot_mesg "Setting up firewall"
-       /etc/rc.d/init.d/firewall start; evaluate_retval
-
        /etc/rc.d/init.d/dnsmasq start
        /etc/rc.d/init.d/static-routes start
 }