[hipl-dev] [Branch ~hipl-core/hipl/trunk] Rev 5969: Do not exit on iptable flush error in hipfw init script.
- From: noreply@xxxxxxxxxxxxx
- To: HIPL core team <hipl-dev@xxxxxxxxxxxxx>
- Date: Tue, 21 Jun 2011 13:08:20 -0000
------------------------------------------------------------
revno: 5969
committer: David Martin <david.martin.mailbox@xxxxxxxxxxxxxx>
branch nick: hipl_init-scripts
timestamp: Tue 2011-06-21 14:51:46 +0200
message:
Do not exit on iptable flush error in hipfw init script.
We are running the scripts with set -e, that means every unchecked
command returning an error exits the script. In this case the
function to flash the firewall rules prematurely exited the script
when the rules had already been flushed.
We now check the return value of the flush_iptables() function and
print a notice if an error occurs.
This commit fixes the error return value of the hipfw in bug 795848.
modified:
debian/hipl-firewall.init
--
lp:hipl
https://code.launchpad.net/~hipl-core/hipl/trunk
Your team HIPL core team is subscribed to branch lp:hipl.
To unsubscribe from this branch go to
https://code.launchpad.net/~hipl-core/hipl/trunk/+edit-subscription
=== modified file 'debian/hipl-firewall.init'
--- debian/hipl-firewall.init 2011-06-21 12:50:02 +0000
+++ debian/hipl-firewall.init 2011-06-21 12:51:46 +0000
@@ -56,6 +56,10 @@
}
stop_hipfw() {
+ if ! flush_iptables; then
+ echo "Error while flushing HIP firewall rules."
+ fi
+
# send TERM to hipfw and if it is still running after 3 seconds send KILL
if start-stop-daemon --stop --retry 3 --oknodo --exec /usr/sbin/hipfw; then
log_end_msg 0
@@ -71,12 +75,10 @@
;;
stop)
log_daemon_msg "Stopping HIP firewall" "hipfw"
- flush_iptables
stop_hipfw
;;
restart|force-reload)
log_daemon_msg "Restarting HIP firewall" "hipfw"
- flush_iptables
stop_hipfw
start_hipfw
;;
Other related posts:
