https://bugzilla.novell.com/show_bug.cgi?id=694464
https://bugzilla.novell.com/show_bug.cgi?id=694464#c10
Curtis J Blank changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
--- Comment #10 from Curtis J Blank 2011-05-20 01:35:10 UTC ---
Here's the problem.
Do this:
In:
FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-ipRules"
There is this:
fw_custom_after_chain_creation() {
/etc/init.d/ip_accept_test
true
}
# cat /etc/init.d/ip_accept_test
#!/usr/bin/ksh
iptables -N ipINacc
iptables -A ipINacc -p tcp -s 7.7.7.7 -d 0/0
iptables -I INPUT 1 -s 0.0.0.0/0 -d 0.0.0.0/0 -j ipINacc
exit 0
#
That does not work.
If you put the "iptables" statement in the function in the file pointed to by
FW_CUSTOMRULES it works. If you call scripts in the function to put the rules
in it does *not* work.
I've got hundreds of rules that are generated by 3 scripts each using data from
data files. To have to put each rule in individually in the
fw_custom_after_chain_creation() function would be a nightmare to try and
maintain.
Plus the rules are generate from accumulated data thus dynamic to thwart off
attacks.
So. When the rules are added by a script that is called from the function it
does not work.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.