From 66f6b279b0622aa2244ace040bdb8848831d06e0 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 25 Feb 2014 12:23:09 +0100 Subject: [PATCH] Reload all firewall rules when /etc/init.d/firewall reload is executed. --- config/rootfiles/common/armv5tel/initscripts | 1 - config/rootfiles/common/i586/initscripts | 1 - config/rootfiles/core/76/filelists/firewall | 1 - config/rootfiles/core/76/update.sh | 3 +++ lfs/initscripts | 2 -- src/initscripts/init.d/firewall | 3 +++ 6 files changed, 6 insertions(+), 5 deletions(-) diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index 531e612a7..bf4dd529a 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -81,7 +81,6 @@ etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq etc/rc.d/init.d/networking/red.up/10-miniupnpd etc/rc.d/init.d/networking/red.up/10-multicast etc/rc.d/init.d/networking/red.up/20-RL-firewall -etc/rc.d/init.d/networking/red.up/22-forwardfwctrl etc/rc.d/init.d/networking/red.up/23-RS-snort etc/rc.d/init.d/networking/red.up/24-RS-qos etc/rc.d/init.d/networking/red.up/27-RS-squid diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index a3acc1fb6..3b91181d0 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -83,7 +83,6 @@ etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq etc/rc.d/init.d/networking/red.up/10-miniupnpd etc/rc.d/init.d/networking/red.up/10-multicast etc/rc.d/init.d/networking/red.up/20-RL-firewall -etc/rc.d/init.d/networking/red.up/22-forwardfwctrl etc/rc.d/init.d/networking/red.up/23-RS-snort etc/rc.d/init.d/networking/red.up/24-RS-qos etc/rc.d/init.d/networking/red.up/27-RS-squid diff --git a/config/rootfiles/core/76/filelists/firewall b/config/rootfiles/core/76/filelists/firewall index 1c5819180..e770307c1 100644 --- a/config/rootfiles/core/76/filelists/firewall +++ b/config/rootfiles/core/76/filelists/firewall @@ -1,5 +1,4 @@ etc/rc.d/init.d/firewall -etc/rc.d/init.d/networking/red.up/22-forwardfwctrl srv/web/ipfire/cgi-bin/firewall.cgi srv/web/ipfire/cgi-bin/fwhosts.cgi srv/web/ipfire/cgi-bin/optionsfw.cgi diff --git a/config/rootfiles/core/76/update.sh b/config/rootfiles/core/76/update.sh index 2da9408e2..150045bfe 100644 --- a/config/rootfiles/core/76/update.sh +++ b/config/rootfiles/core/76/update.sh @@ -204,6 +204,9 @@ rm -f /usr/sbin/ntptime rm -f /usr/sbin/ntptrace rm -f /usr/sbin/tickadj +# Remove old firewall helper link +rm -f /etc/rc.d/init.d/networking/red.up/22-forwardfwctrl + # #Extract files tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / diff --git a/lfs/initscripts b/lfs/initscripts index f9ee45f83..28387f349 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -181,8 +181,6 @@ $(TARGET) : ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall - ln -sf ../../../../../usr/local/bin/firewallctrl \ - /etc/rc.d/init.d/networking/red.up/22-forwardfwctrl ln -sf ../../../../../usr/local/bin/snortctrl \ /etc/rc.d/init.d/networking/red.up/23-RS-snort ln -sf ../../../../../usr/local/bin/qosctrl \ diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall index ddc4a4a28..2c280f2ba 100644 --- a/src/initscripts/init.d/firewall +++ b/src/initscripts/init.d/firewall @@ -281,6 +281,9 @@ iptables_red() { iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE fi + + # Reload all rules. + firewallctrl } # See how we were called. -- 2.39.2