Update of /cvsroot/devil-linux/build/config/etc/init.d
In directory sc8-pr-cvs1:/tmp/cvs-serv7419/build/config/etc/init.d
Modified Files:
Tag: rel-1-0-patches
firewall.rules.2nic firewall.rules.3nic
Log Message:
modified firewall scripts to flush/zero/delete chains from all tables
Index: firewall.rules.2nic
===================================================================
RCS file: /cvsroot/devil-linux/build/config/etc/init.d/firewall.rules.2nic,v
retrieving revision 1.8
retrieving revision 1.8.2.1
diff -u -d -r1.8 -r1.8.2.1
--- firewall.rules.2nic 2 Oct 2003 20:39:36 -0000 1.8
+++ firewall.rules.2nic 11 Oct 2003 21:02:02 -0000 1.8.2.1
@@ -34,10 +34,15 @@
[ -n "$LOGGING" ] && ${MODPROBE} ipt_LOG
# Flush tables & setup Policy
-${IPTABLES} -F # flush all chains and tables
-for t in `cat /proc/net/ip_tables_names`; do ${IPTABLES} -F -t $t ; done
-${IPTABLES} -X # delete all user chains
-${IPTABLES} -Z # zero all counters
+${IPTABLES} -F # flush chains
+${IPTABLES} -X # delete user chains
+${IPTABLES} -Z # zero counters
+for t in `cat /proc/net/ip_tables_names`
+do
+ ${IPTABLES} -F -t $t
+ ${IPTABLES} -X -t $t
+ ${IPTABLES} -Z -t $t
+done
${IPTABLES} -P INPUT DROP # Policy = DROP
${IPTABLES} -P OUTPUT DROP # Drop all packets that are
${IPTABLES} -P FORWARD DROP # not specifically accepted.
Index: firewall.rules.3nic
===================================================================
RCS file: /cvsroot/devil-linux/build/config/etc/init.d/firewall.rules.3nic,v
retrieving revision 1.5
retrieving revision 1.5.2.1
diff -u -d -r1.5 -r1.5.2.1
--- firewall.rules.3nic 2 Oct 2003 21:02:00 -0000 1.5
+++ firewall.rules.3nic 11 Oct 2003 21:02:02 -0000 1.5.2.1
@@ -35,10 +35,15 @@
[ -n "$LOGGING" ] && ${MODPROBE} ipt_LOG
# Flush tables & setup Policy
-${IPTABLES} -F # flush all chains and tables
-for t in `cat /proc/net/ip_tables_names`; do ${IPTABLES} -F -t $t ; done
-${IPTABLES} -X # delete all user chains
-${IPTABLES} -Z # zero all counters
+${IPTABLES} -F # flush chains
+${IPTABLES} -X # delete user chains
+${IPTABLES} -Z # zero counters
+for t in `cat /proc/net/ip_tables_names`
+do
+ ${IPTABLES} -F -t $t
+ ${IPTABLES} -X -t $t
+ ${IPTABLES} -Z -t $t
+done
${IPTABLES} -P INPUT DROP # Policy = DROP
${IPTABLES} -P OUTPUT DROP # Drop all packets that are
${IPTABLES} -P FORWARD DROP # not specifically accepted.
|
