Attachment #6134 for bug #30286

View | Details | Raw Unified | Return to bug 30286
Collapse All | Expand All




				    unset IPTABLES_SYNTAX IPTABLES_SED_RULES
				}
			}
			xtables_preload
			xtables_${ACTION} "$NAME"
		    ;;
        "ip6tables")
		    # FIXME Does ip6tables support only IPv6?

				    unset IP6TABLES_SYNTAX IP6TABLES_SED_RULES
				}
			}
			xtables_preload
			xtables_${ACTION} "$NAME"
		    ;;
	"ebtables")
		    profiled_filename_dir cfwdir "$MYIFACEDIR/fw/$CFW_TYPE" ||

			    print_error "$EBTABLES not found. Please, install ebtables package"
			    continue
			}
			xtables_preload
			xtables_${ACTION} "$NAME"
		    ;;
		
	*)





    [ -n "$HEADER" ] || return 0
    print_message -e "\tCreating the \"$SET\" set of the \"$TYPE\" type"
    eval "$IPSET create $SET $TYPE" || print_error "$IPSET create $SET $TYPE"

    [ -n "$MEMBERS" ] || return 0
    while read; do
	eval "$IPSET add $SET $REPLY" || print_error "$IPSET add $SET $REPLY"
    done <<<"$MEMBERS"
}



    [ -n "$RULE" ] || return 0
    print_message -e "\tDestroying the \"$SET\" set of the \"$TYPE\" type"
    eval "$IPSET destroy $SET" || print_error "$IPSET destroy $SET"
}

ipset_start()

Lines 175-183 Link Here

(-)etc/net/ifaces/default/fw/iptables/syntax.old (-4 / +6 lines)
175	physdev-is-out: -mphysdev --physdev-is-out	175	physdev-is-out: -mphysdev --physdev-is-out
176	physdev-is-bridged: -mphysdev --physdev-is-bridged	176	physdev-is-bridged: -mphysdev --physdev-is-bridged
177	pkttype: -mpkttype --pkt-type	177	pkttype: -mpkttype --pkt-type
178	random: -mrandom --average	178	random: -mrandom --average
179	realm: -mrealm --realm	179	realm: -mrealm --realm
180	set: -mset --set	180	set: -mset --match-set
		181	in-set: -mset --match-set
		182	out-set: -mset ! --match-set
		183	not-in-set: -mset ! --match-set
181	state: -mstate --state	184	state: -mstate --state
182	tcp-source-port: -mtcp --source-port	185	tcp-source-port: -mtcp --source-port
183	tcp-src-port: -mtcp --source-port	186	tcp-src-port: -mtcp --source-port
Lines 212-221 Link Here
212		215
213	# Parameters	216	# Parameters
214	from: --src	217	from: --src
215	src: --src
216	source: --src	218	source: --src
217	to: --dst	219	to: --dst
218	dst: --dst
219	destination: --dst	220	destination: --dst
220	sport: --source-port	221	sport: --source-port
221	src-port: --source-port	222	src-port: --source-port
Lines 234-239 Link Here
234	udp: --protocol UDP	235	udp: --protocol UDP
235	icmp: --protocol ICMP	236	icmp: --protocol ICMP
236	gre: --protocol GRE	237	gre: --protocol GRE
		238	ospf: --protocol OSPF
237	jump: -j	239	jump: -j
238	jump-to: -j	240	jump-to: -j
239	any: 0.0.0.0/0	241	any: 0.0.0.0/0

Return to bug 30286

Lines 94-100 Link Here

(-)etc/net/scripts/config-fw.old (-3 / +6 lines)
94	unset IPTABLES_SYNTAX IPTABLES_SED_RULES	94	unset IPTABLES_SYNTAX IPTABLES_SED_RULES
95	}	95	}
96	}	96	}
97	xtables_${ACTION} "$NAME"	97	xtables_preload
		98	xtables_${ACTION} "$NAME"
98	;;	99	;;
99	"ip6tables")	100	"ip6tables")
100	# FIXME Does ip6tables support only IPv6?	101	# FIXME Does ip6tables support only IPv6?
Lines 115-121 Link Here
115	unset IP6TABLES_SYNTAX IP6TABLES_SED_RULES	116	unset IP6TABLES_SYNTAX IP6TABLES_SED_RULES
116	}	117	}
117	}	118	}
118	xtables_${ACTION} "$NAME"	119	xtables_preload
		120	xtables_${ACTION} "$NAME"
119	;;	121	;;
120	"ebtables")	122	"ebtables")
121	profiled_filename_dir cfwdir "$MYIFACEDIR/fw/$CFW_TYPE" \|\|	123	profiled_filename_dir cfwdir "$MYIFACEDIR/fw/$CFW_TYPE" \|\|
Lines 125-131 Link Here
125	print_error "$EBTABLES not found. Please, install ebtables package"	127	print_error "$EBTABLES not found. Please, install ebtables package"
126	continue	128	continue
127	}	129	}
128	xtables_${ACTION} "$NAME"	130	xtables_preload
		131	xtables_${ACTION} "$NAME"
129	;;	132	;;
130		133
131	*)	134	*)

Lines 421-431 Link Here

(-)etc/net/scripts/functions-fw-old (-3 / +3 lines)
421		421
422	[ -n "$HEADER" ] \|\| return 0	422	[ -n "$HEADER" ] \|\| return 0
423	print_message -e "\tCreating the \"$SET\" set of the \"$TYPE\" type"	423	print_message -e "\tCreating the \"$SET\" set of the \"$TYPE\" type"
424	eval "$IPSET -N $SET $TYPE $HEADER" \|\| print_error "$IPSET -N $SET $TYPE $HEADER"	424	eval "$IPSET create $SET $TYPE" \|\| print_error "$IPSET create $SET $TYPE"
425		425
426	[ -n "$MEMBERS" ] \|\| return 0	426	[ -n "$MEMBERS" ] \|\| return 0
427	while read; do	427	while read; do
428	eval "$IPSET -A $SET $REPLY" \|\| print_error "$IPSET -A $SET $REPLY"	428	eval "$IPSET add $SET $REPLY" \|\| print_error "$IPSET add $SET $REPLY"
429	done <<<"$MEMBERS"	429	done <<<"$MEMBERS"
430	}	430	}
431		431
Lines 439-445 Link Here
439		439
440	[ -n "$RULE" ] \|\| return 0	440	[ -n "$RULE" ] \|\| return 0
441	print_message -e "\tDestroying the \"$SET\" set of the \"$TYPE\" type"	441	print_message -e "\tDestroying the \"$SET\" set of the \"$TYPE\" type"
442	eval "$IPSET -X $SET" \|\| print_error "$IPSET -X $SET"	442	eval "$IPSET destroy $SET" \|\| print_error "$IPSET destroy $SET"
443	}	443	}
444		444
445	ipset_start()	445	ipset_start()