diff options
author | Bill Nottingham <notting@redhat.com> | 2002-08-12 20:35:02 +0000 |
---|---|---|
committer | Bill Nottingham <notting@redhat.com> | 2002-08-12 20:35:02 +0000 |
commit | 4edc473e3e708db975b4ef264d35cb4878d7cbfe (patch) | |
tree | f6c9e8eab3e1c0ac927563ee0a934f727cf0157b | |
parent | ff7a7b021275bce3b2b2e11336a970c8041066af (diff) | |
download | initscripts-4edc473e3e708db975b4ef264d35cb4878d7cbfe.tar initscripts-4edc473e3e708db975b4ef264d35cb4878d7cbfe.tar.gz initscripts-4edc473e3e708db975b4ef264d35cb4878d7cbfe.tar.bz2 initscripts-4edc473e3e708db975b4ef264d35cb4878d7cbfe.tar.xz initscripts-4edc473e3e708db975b4ef264d35cb4878d7cbfe.zip |
fix iptables invocation (#71201)
-rwxr-xr-x | sysconfig/network-scripts/ifup | 6 | ||||
-rwxr-xr-x | sysconfig/network-scripts/ifup-post | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/sysconfig/network-scripts/ifup b/sysconfig/network-scripts/ifup index 05731c35..d80fd87c 100755 --- a/sysconfig/network-scripts/ifup +++ b/sysconfig/network-scripts/ifup @@ -178,7 +178,7 @@ if [ -n "${DYNCONFIG}" ]; then # what DNS server they're using until they are done. FWHACK= if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then - iptables -A RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT + iptables -A RH-Lokkit-0-50-INPUT -m udp -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -j ACCEPT FWHACK=1 fi @@ -190,11 +190,11 @@ if [ -n "${DYNCONFIG}" ]; then echo $" done." else echo $" failed." - [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT + [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -m udp -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -j ACCEPT exit 1 fi - [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT + [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -m udp -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -j ACCEPT # DHCP likes to create duplicate routes. Fix that up. NUMDEFROUTES=`ip -o route | \ diff --git a/sysconfig/network-scripts/ifup-post b/sysconfig/network-scripts/ifup-post index e36b3a93..da1ab88c 100755 --- a/sysconfig/network-scripts/ifup-post +++ b/sysconfig/network-scripts/ifup-post @@ -88,7 +88,7 @@ if [ "$FIREWALL_MODS" != "no" -a -f /etc/sysconfig/ipchains ] && \ if [ -n "$ns" ]; then for nameserver in $ns ; do if ! iptables -L RH-Lokkit-0-50-INPUT -n | grep -q $nameserver ; then - iptables -A RH-Lokkit-0-50-INPUT -s $nameserver/32 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT + iptables -A RH-Lokkit-0-50-INPUT -m udp -s $nameserver/32 --sport 53 -d 0/0 --dport 1025:65535 -p udp -j ACCEPT [ -x /usr/bin/logger ] && logger $"punching nameserver $nameserver through the firewall" fi done |