From 29cc5150b755000cc01d6eb92bc747bc0283d51d Mon Sep 17 00:00:00 2001 From: Christoph Date: Thu, 20 Jun 2019 14:04:44 +0200 Subject: [PATCH 1/3] update_firewall-script_ipt-gateway.sh: Fix error restarting firewall. --- update_firewall-script_ipt-gateway.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/update_firewall-script_ipt-gateway.sh b/update_firewall-script_ipt-gateway.sh index bdb4610..7088672 100755 --- a/update_firewall-script_ipt-gateway.sh +++ b/update_firewall-script_ipt-gateway.sh @@ -206,6 +206,7 @@ DEFAULT_FIREWALL_CONFIGURATION_FILES=" logging_ipv4.conf logging_ipv6.conf post_decalrations.conf + default_ports.conf " if [[ -f "$conf_file" ]]; then @@ -330,7 +331,7 @@ blank_line echononl "Restart IPv4 Firewall.." if $restart_ipv4_firewall ; then - /usr/local/sbin/$IPV6_FIREWALL_SCRIPT > /dev/null 2> "$log_file" + /usr/local/sbin/$IPV4_FIREWALL_SCRIPT > /dev/null 2> "$log_file" if [[ $? -gt 0 ]]; then echo_failed error "$(cat "$log_file")" @@ -342,7 +343,9 @@ else fi echononl "Restart IPv6 Firewall.." -if $restart_ipv6_firewall ; then +if $restart_ipv6_firewall \ + && [[ -f "/etc/ipt-firewall/main_ipv6.conf" ]] \ + && [[ -f "/usr/local/sbin/$IPV6_FIREWALL_SCRIPT" ]]; then /usr/local/sbin/$IPV6_FIREWALL_SCRIPT > /dev/null 2> "$log_file" if [[ $? -gt 0 ]]; then echo_failed @@ -354,7 +357,7 @@ else echo_skipped fi -info "Configuration files \033[1mmain_ipv[4|6].conf\033[m and \033[1mdefault_ports.conf\033[m are not considered." +info "Configuration files \033[1mmain_ipv[4|6].conf\033[m are not considered." clean_up 0 From f710e4966df85a9b5ca2fb39e6a07ba3d39748c1 Mon Sep 17 00:00:00 2001 From: Christoph Date: Thu, 20 Jun 2019 14:23:54 +0200 Subject: [PATCH 2/3] update_firewall-script_ipt-gateway.sh: don't restart firewall on read-only systems. --- update_firewall-script_ipt-gateway.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/update_firewall-script_ipt-gateway.sh b/update_firewall-script_ipt-gateway.sh index 7088672..24c998a 100755 --- a/update_firewall-script_ipt-gateway.sh +++ b/update_firewall-script_ipt-gateway.sh @@ -329,6 +329,14 @@ done blank_line +if [[ -d "/ro" ]] && [[ -d "/rw" ]] ; then + restart_ipv4_firewall=false + restart_ipv6_firewall=false + + info "Restarting firewall is ommited - Read only system." +fi + + echononl "Restart IPv4 Firewall.." if $restart_ipv4_firewall ; then /usr/local/sbin/$IPV4_FIREWALL_SCRIPT > /dev/null 2> "$log_file" From 0d3414c6512fdf720049f541f0b4069865ced459 Mon Sep 17 00:00:00 2001 From: Christoph Date: Thu, 20 Jun 2019 14:26:44 +0200 Subject: [PATCH 3/3] update_firewall-script_ipt-gateway.sh: revert last commit. --- update_firewall-script_ipt-gateway.sh | 7 ------- 1 file changed, 7 deletions(-) diff --git a/update_firewall-script_ipt-gateway.sh b/update_firewall-script_ipt-gateway.sh index 24c998a..9494a56 100755 --- a/update_firewall-script_ipt-gateway.sh +++ b/update_firewall-script_ipt-gateway.sh @@ -329,13 +329,6 @@ done blank_line -if [[ -d "/ro" ]] && [[ -d "/rw" ]] ; then - restart_ipv4_firewall=false - restart_ipv6_firewall=false - - info "Restarting firewall is ommited - Read only system." -fi - echononl "Restart IPv4 Firewall.." if $restart_ipv4_firewall ; then