Package: arno-iptables-firewall Version: 1.8.8.o-2 Tags: patch Hi,
Please append "$network" to arno-iptables-firewall's LSB Required-Start and
Required-Stop lines.
When using a concurrent boot method, I have experienced race conditions
whereby the interface is not fully configured before arno-iptables-firewall
starts (for example, due to a slow-responding DHCP server or by having a
number of interfaces to configure).
This does not affect arno-iptables-firewall in its default shipped state as
/sbin/iptables will happily add rules to unconfigured interfaces. However,
plugins that use commands such as /sbin/ip and friends (including the
shipped multiroute plugin) and anything that relies on an IP address being
assigned will race with the "ifup" calls. (I encountered this with a custom
plugin of mine, not with multiroute, however.)
Patch attached.
Regards,
--
Chris Lamb, UK [EMAIL PROTECTED]
GPG: 0x634F9A20
diff -urNad arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall arno-iptables-firewall-1.8.8.o/arno-iptables-firewall --- arno-iptables-firewall-1.8.8.o.orig/arno-iptables-firewall 2008-08-05 01:01:52.000000000 +0100 +++ arno-iptables-firewall-1.8.8.o/arno-iptables-firewall 2008-08-05 01:02:05.000000000 +0100 @@ -5,8 +5,8 @@ ### BEGIN INIT INFO # Provides: arno-iptables-firewall -# Required-Start: $syslog $local_fs -# Required-Stop: $syslog $local_fs +# Required-Start: $syslog $local_fs $network +# Required-Stop: $syslog $local_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Setup iptables firewall configuration
signature.asc
Description: PGP signature
