#20249: firewall.user is not read on reload from LuCI
---------------------------------------------+-----------------------------
Reporter: Jérôme Poulin <jeromepoulin@…> | Owner: developers
Type: defect | Status: new
Priority: highest | Milestone: Chaos Calmer
Component: packages | (trunk)
Resolution: | Version: Trunk
| Keywords:
---------------------------------------------+-----------------------------
Comment (by anonymous):
Concerning LuCI, it must be calling `/etc/init.d/firewall reload`, which
has the effect of just reloading the firewall configuration, thus you
don't see your `/etc/firewall.user` being executed (because it has been
executed ONCE during firewall startup. Since `option reload` is 0 by
default, then `/etc/firewall.user` isn't reloaded when running
`/etc/init.d/firewall reload`.
However, doing `/etc/init.d/firewall restart` from the command line has
the effect of stopping then starting the firewall, thus you see your
`/etc/firewall.user` is executed ONCE.
There's a big difference between `reload` and `restart` and you would know
these things if you took the time to read up on the UCI docs for the
firewall configuration.
So you see, making poor assumptions (big security risk, really?) without
RTFM and understanding the underlying basics (UCI) is the only risk here.
--
Ticket URL: <https://dev.openwrt.org/ticket/20249#comment:2>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
