https://bugzilla.novell.com/show_bug.cgi?id=694464 https://bugzilla.novell.com/show_bug.cgi?id=694464#c10 Curtis J Blank <Curt.Blank@curtronics.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #10 from Curtis J Blank <Curt.Blank@curtronics.com> 2011-05-20 01:35:10 UTC --- Here's the problem. Do this: In: FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-ipRules" There is this: fw_custom_after_chain_creation() { /etc/init.d/ip_accept_test true } # cat /etc/init.d/ip_accept_test #!/usr/bin/ksh iptables -N ipINacc iptables -A ipINacc -p tcp -s 7.7.7.7 -d 0/0 iptables -I INPUT 1 -s 0.0.0.0/0 -d 0.0.0.0/0 -j ipINacc exit 0 # That does not work. If you put the "iptables" statement in the function in the file pointed to by FW_CUSTOMRULES it works. If you call scripts in the function to put the rules in it does *not* work. I've got hundreds of rules that are generated by 3 scripts each using data from data files. To have to put each rule in individually in the fw_custom_after_chain_creation() function would be a nightmare to try and maintain. Plus the rules are generate from accumulated data thus dynamic to thwart off attacks. So. When the rules are added by a script that is called from the function it does not work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.