On 9/14/10 1:46 PM, Tom Eastep wrote:
> On 9/14/10 1:40 PM, Tom Eastep wrote:
>> On 9/14/10 1:16 PM, Steven Jan Springl wrote:
>>> Tom
>>>
>>> A 'shorewall clear' produces the following messages:
>>>
>>> /var/lib/shorewall/firewall: line 608: setpolicy: command not found
>>> /var/lib/shorewall/firewall: line 609: setpolicy: command not found
>>> /var/lib/shorewall/firewall: line 610: setpolicy: command not found
>>>
>>> The appropriate lines from /var/lib/shorewall/firewall:
>>>
>>> clear_firewall() {
>>> stop_firewall
>>>
>>> setpolicy INPUT ACCEPT
>>> setpolicy FORWARD ACCEPT
>>> setpolicy OUTPUT ACCEPT
>>
>> Crap -- and I grepped for setpolicy() before deleting it. The attached
>> patch restores it.
>
> Hold on a moment -- I think that patch is broken.Yes -- it was. I managed to delete something in the corrected file before generating the patch. This one should work. You will have to 'shorewall compile' before 'shorewall clear'. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/prog.header b/Shorewall/Perl/prog.header
index d19be77..b00bbbf 100644
--- a/Shorewall/Perl/prog.header
+++ b/Shorewall/Perl/prog.header
@@ -81,6 +81,14 @@ progress_message3() # $* = Message
}
#
+# Set a standard chain's policy
+#
+setpolicy() # $1 = name of chain, $2 = policy
+{
+ run_iptables -P $1 $2
+}
+
+#
# Generate a list of all network interfaces on the system
#
find_all_interfaces() {
diff --git a/Shorewall/Perl/prog.header6 b/Shorewall/Perl/prog.header6
index 8bf3638..1931f24 100644
--- a/Shorewall/Perl/prog.header6
+++ b/Shorewall/Perl/prog.header6
@@ -81,6 +81,14 @@ progress_message3() # $* = Message
}
#
+# Set a standard chain's policy
+#
+setpolicy() # $1 = name of chain, $2 = policy
+{
+ run_iptables -P $1 $2
+}
+
+#
# Generate a list of all network interfaces on the system
#
find_all_interfaces() {
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
