http://bugzilla.novell.com/show_bug.cgi?id=519868 Summary: Enhancement request: Add API to allow adding/editing/deleting custom rules to /etc/sysconfig/scripts/SuSEfirewall2-custom Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: All OS/Version: openSUSE 11.1 Status: NEW Severity: Enhancement Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: opensuse@jeffshantz.com QAContact: jsrain@novell.com Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.4) Gecko/2008103100 SUSE/3.0.4-4.6 Firefox/3.0.4 There is currently no way to add/edit/delete custom iptables rules to /etc/sysconfig/scripts/SuSEfirewall2-custom through SCR. I am writing a YaST module that needs to add custom rules and it would be quite useful to be able to read/write to this file programmatically, rather than having to manually parse/edit the file. Currently, I am adding a call to one of the hooks that sources my own script containing custom rules, but this is not very YaST-like. I understand the complexity behind providing an API to add/edit/delete iptables rules, but one thing that could be done is to provide an API that allows the programmer to add scripts that will be sourced from hooks in /etc/sysconfig/scripts/SuSEfirewall2-custom. So, for instance, maybe I want a few custom rules to be executed in the fw_custom_before_denyall() hook. The API could allow me to add my script to this hook: e.g. SCR::Write(.etc.sysconfig.scripts.firewall_custom,["/path/to/myrulescript"]) The API could then add a line in /etc/sysconfig/scripts/SuSEfirewall2-custom in the fw_custom_before_denyall() hook to source /path/to/myrulescript. Might be easier than providing an interface to edit rules directly, but it's just a thought. You guys are the experts. :) Reproducible: Always Steps to Reproduce: n/a Actual Results: n/a Expected Results: n/a -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.