diff options
| author | Bill Nottingham <notting@redhat.com> | 2003-06-19 17:58:46 +0000 |
|---|---|---|
| committer | Bill Nottingham <notting@redhat.com> | 2003-06-19 17:58:46 +0000 |
| commit | a305632d36836eec48f39fb29bd7977a228446cf (patch) | |
| tree | 54e3622e97c6c72af42e78e5287c60b6c4e52f8a | |
| parent | 70b9ae6f73d40c606813c2a08d4247d4a13bab56 (diff) | |
| download | initscripts-a305632d36836eec48f39fb29bd7977a228446cf.tar initscripts-a305632d36836eec48f39fb29bd7977a228446cf.tar.gz initscripts-a305632d36836eec48f39fb29bd7977a228446cf.tar.bz2 initscripts-a305632d36836eec48f39fb29bd7977a228446cf.tar.xz initscripts-a305632d36836eec48f39fb29bd7977a228446cf.zip | |
fix DNS punching in the case of other rules for the DNS server (#97686, <martin@zepler.org>)
| -rwxr-xr-x | sysconfig/network-scripts/ifup-post | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sysconfig/network-scripts/ifup-post b/sysconfig/network-scripts/ifup-post index c6e9062b..39dbad59 100755 --- a/sysconfig/network-scripts/ifup-post +++ b/sysconfig/network-scripts/ifup-post @@ -86,7 +86,7 @@ if [ "$FIREWALL_MODS" != "no" -a -f /etc/sysconfig/iptables ] && \ ns=`awk '/^nameserver / { print $2 }' /etc/resolv.conf` if [ -n "$ns" ]; then for nameserver in $ns ; do - if ! iptables -L RH-Lokkit-0-50-INPUT -n | grep -q $nameserver ; then + if ! iptables -L RH-Lokkit-0-50-INPUT -n | grep -q "$nameserver.* --sport 53 " ; then iptables -I RH-Lokkit-0-50-INPUT -m udp -s $nameserver/32 --sport 53 -d 0/0 --dport 1025:65535 -p udp -j ACCEPT [ -x /usr/bin/logger ] && logger $"punching nameserver $nameserver through the firewall" fi |