Bug 33011 - efw restart и stop неправильно работают с ipset
Summary: efw restart и stop неправильно работают с ipset
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: etcnet (show other bugs)
Version: unstable
Hardware: all Linux
: P3 normal
Assignee: Mikhail Efremov
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-17 23:25 MSK by Sergey Y. Afonin
Modified: 2017-06-26 14:48 MSK (History)
6 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sergey Y. Afonin 2017-01-17 23:25:09 MSK 
# efw restart
Interface is "default"
Table is "filter"
Chain is ""
Action is "restart"

Firewall type is "ipset"
Stopping ipset for default
        Destroying the "ahttpd" set of the "nethash" type
ipset v6.29: Set cannot be destroyed: it is in use by a kernel component
ERROR: /sbin/efw: /sbin/ipset -X ahttpd

то есть, надо, сначала, "Stopping iptables for default", потом перезапустить ipset, потом "Starting iptables for default"

Если ничего не править, вот так работает:

efw stop ; efw stop ; efw start
Comment 1 Sergey Y. Afonin 2017-01-18 09:55:32 MSK 
В качестве времянки можно в .bashrc добавить

alias efwrestart='efw stop ; efw stop ; efw start'
alias efwstop='efw stop ; efw stop'

Топорно, но работать будет.
Comment 3 Sergey Y. Afonin 2017-01-19 14:39:36 MSK 
(In reply to comment #2)

> попробуйте efw отсюда:

делает вид, что работает.
Comment 4 Repository Robot 2017-06-26 14:48:21 MSK 
etcnet-0.9.12-alt1 -> sisyphus:

Mon Jun 26 2017 Anton Farygin <rider@altlinux.ru> 0.9.12-alt1
- added network@.service for manage interfaces via systemctl
  (for example - systemctl enable network@eth0) (closes: #33588)
- bonding: avoid autocreated bond0 iface by dshadrinov (closes: #33273)
- efw: walk fw type list backward on stop by sbolshakov (closes: #33011)
- weakening checks to enable empty bridge interfaces creation by naf (closes: #33295)