~ubuntu-branches/ubuntu/hardy/ufw/hardy-updates

Committer: Bazaar Package Importer
Author(s): Jamie Strandboge
Date: 2008-07-11 18:37:27 UTC
Revision ID: james.westby@ubuntu.com-20080711183727-l26fstr6mooy4rqp

Tags: 0.16.2.3

https://launchpad.net/bugs/194844

* fix confusing error output when ipv6 or ip6_tables is not available.
(LP: #194844)
* fix initscript not setting default ipv6 policy when IPV6=no (LP: #251355)

files modified:
conf/initscript

debian/changelog

setup.py

src/ufw

Show diffs side-by-side

added added

removed removed

conf/initscript

done

execs="iptables"

# IPv6 setup

if [ "$IPV6" = "yes" ] || [ "$IPV6" = "YES" ]; then

if [ -e "/proc/sys/net/ipv6" ]; then

execs="$execs ip6tables"

elif modprobe ipv6 ; then

if ip6tables -L INPUT >/dev/null 2>&1; then

execs="$execs ip6tables"

else

log_action_cont_msg "Problem loading ipv6 (skipping)"

else

if ip6tables -L INPUT >/dev/null 2>&1; then

# IPv6 support disabled but available in the kernel, so

# default DROP and accept all on loopback

ip6tables -F || error="yes"

ip6tables -X || error="yes"

ip6tables -P INPUT DROP || error="yes"

ip6tables -P OUTPUT DROP || error="yes"

ip6tables -P FORWARD DROP || error="yes"

ip6tables -A INPUT -i lo -j ACCEPT || error="yes"

ip6tables -A OUTPUT -o lo -j ACCEPT || error="yes"

if [ "$error" = "yes" ]; then

log_action_cont_msg "Problem setting default IPv6 policy"

for exe in $execs

116

131

$exe -A ufw${type}-before-input -j RETURN || error="yes"

117

132

$exe -A ufw${type}-before-output -j RETURN || error="yes"

118

133

$exe -A ufw${type}-before-forward -j RETURN || error="yes"

119

134

120

135

# setup ufw${type}-after-* chains

121

136

$exe -N ufw${type}-after-input || error="yes"

122

137

$exe -N ufw${type}-after-output || error="yes"

157

172

error=""

158

173

159

174

execs="iptables"

160

if [ -e "/proc/sys/net/ipv6" ]; then

175

if ip6tables -L INPUT >/dev/null 2>&1; then

161

176

execs="$execs ip6tables"

162

177

163

178

Older »