On Fri, 29 Apr 2016 23:42:34 +0300 Sena Kamar <[email protected]>
wrote:
> Package: fwbuilder
> Version: 5.1.0-4
> Severity: important
>
>
> while running script on Firewalls, before adding new rules iptables
> is doing flush process. At this step, xtables is locked by iptables.
> For that reason iptables cannot flush old rules and stopped working.
> At our environment we have approximate 3000 firewall rules. While
> script run "$IPTABLES -t $table -L -n | while read c chain rest;"
> command, buffer cannot give us the result. So iptables was waiting at
> lock state. We used to script
> (https://github.com/UNINETT/fwbuilder/blob/master/src/res/configlets/linux24/reset_iptables)
> for this problem and resolved the issue.
>
> We suggest to add this solution to firewallbuilder code.
You might want to solve this by enabling the use of 'iptables-restore'
in fwbuilder ('Firewall Settings...', then 'Script' tab).
HTH
-- D.
