[Astlinux-commits] SF.net SVN: astlinux:[5593] branches/1.0/package/arnofw

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 5593
          http://astlinux.svn.sourceforge.net/astlinux/?rev=5593&view=rev
Author:   abelbeck
Date:     2012-07-06 13:39:37 +0000 (Fri, 06 Jul 2012)
Log Message:
-----------
AIF, add upstream patch r647 and adjust miniupnpd.plugin to not flush MINIUPNPD iptables nat table rules when AIF is restarted

Revision Links:
--------------
    http://astlinux.svn.sourceforge.net/astlinux/?rev=647&view=rev

Modified Paths:
--------------
    branches/1.0/package/arnofw/miniupnpd/50miniupnpd.plugin.sh

Added Paths:
-----------
    branches/1.0/package/arnofw/arnofw-revision-647.patch

Added: branches/1.0/package/arnofw/arnofw-revision-647.patch
===================================================================

--- branches/1.0/package/arnofw/arnofw-revision-647.patch	                        (rev 0)
+++ branches/1.0/package/arnofw/arnofw-revision-647.patch	2012-07-06 13:39:37 UTC (rev 5593)
@@ -0,0 +1,18 @@
+--- arno-iptables-firewall_2.0.1c/bin/arno-iptables-firewall.orig
++++ arno-iptables-firewall_2.0.1c/bin/arno-iptables-firewall
+@@ -5128,9 +5128,13 @@
+   ip4tables -F OUTPUT
+   ip4tables -F FORWARD
+ 
+-  # Flush rules in the nat/mangle tables
++  # Flush builtin IPv4 nat chains
++  ip4tables -t nat -F PREROUTING
++  ip4tables -t nat -F OUTPUT
++  ip4tables -t nat -F POSTROUTING
++
++  # Flush rules in the mangle table
+   ip4tables -t mangle -F
+-  ip4tables -t nat -F
+ 
+   if [ "$IPV6_DETECTED" = "1" ]; then
+     # Flush builtin IPv6 chains

Modified: branches/1.0/package/arnofw/miniupnpd/50miniupnpd.plugin.sh
===================================================================
--- branches/1.0/package/arnofw/miniupnpd/50miniupnpd.plugin.sh	2012-07-05 21:53:14 UTC (rev 5592)
+++ branches/1.0/package/arnofw/miniupnpd/50miniupnpd.plugin.sh	2012-07-06 13:39:37 UTC (rev 5593)
@@ -5,7 +5,7 @@
 PLUGIN_VERSION="1.0"
 PLUGIN_CONF_FILE="miniupnpd.conf"
 #
-# Last changed          : July 4, 2012
+# Last changed          : July 6, 2012
 # Requirements          : AIF 2.0.0+ with miniupnpd daemon
 # Comments              : Setup of the iptables chains that the miniupnpd daemon manages
 #
@@ -33,21 +33,15 @@
 # Plugin start function
 plugin_start()
 {
-  local IFS
-
   ip4tables -t nat -N MINIUPNPD 2>/dev/null
   ip4tables -t nat -F MINIUPNPD
 
   ip4tables -N MINIUPNPD 2>/dev/null
   ip4tables -F MINIUPNPD
 
-  IFS=' ,'
-  for eif in $EXT_IF; do
-    ip4tables -t nat -A POST_NAT_PREROUTING_CHAIN -i $eif -j MINIUPNPD
+  # Connect both MINIUPNPD chains
+  plugin_restart
 
-    ip4tables -A POST_FORWARD_CHAIN -i $eif ! -o $eif -j MINIUPNPD
-  done
-
   return 0
 }
 
@@ -55,10 +49,18 @@
 # Plugin restart function
 plugin_restart()
 {
+  local eif IFS
 
   # Skip plugin_stop on a restart
-  plugin_start
+  # Reconnect both MINIUPNPD chains, flushed on a restart
 
+  IFS=' ,'
+  for eif in $EXT_IF; do
+    ip4tables -t nat -A POST_NAT_PREROUTING_CHAIN -i $eif -j MINIUPNPD
+
+    ip4tables -A POST_FORWARD_CHAIN -i $eif ! -o $eif -j MINIUPNPD
+  done
+
   return 0
 }
 
@@ -66,7 +68,7 @@
 # Plugin stop function
 plugin_stop()
 {
-  local IFS
+  local eif IFS
 
   IFS=' ,'
   for eif in $EXT_IF; do

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



