aboutsummaryrefslogtreecommitdiffstats
path: root/sysconfig/network-scripts/ifup
diff options
context:
space:
mode:
authorBill Nottingham <notting@redhat.com>2002-07-17 04:53:32 +0000
committerBill Nottingham <notting@redhat.com>2002-07-17 04:53:32 +0000
commita3fa1548cd9ec2a6ceb8037005ac24a2ed365a78 (patch)
tree5c752edfab0a48d3ecc351010eb72c0aff120dd4 /sysconfig/network-scripts/ifup
parent97abe79272f33d8e83bb9eeff1f72d0430a281fa (diff)
downloadinitscripts-a3fa1548cd9ec2a6ceb8037005ac24a2ed365a78.tar
initscripts-a3fa1548cd9ec2a6ceb8037005ac24a2ed365a78.tar.gz
initscripts-a3fa1548cd9ec2a6ceb8037005ac24a2ed365a78.tar.bz2
initscripts-a3fa1548cd9ec2a6ceb8037005ac24a2ed365a78.tar.xz
initscripts-a3fa1548cd9ec2a6ceb8037005ac24a2ed365a78.zip
use iptables & our lokkit chain
Diffstat (limited to 'sysconfig/network-scripts/ifup')
-rwxr-xr-xsysconfig/network-scripts/ifup9
1 files changed, 4 insertions, 5 deletions
diff --git a/sysconfig/network-scripts/ifup b/sysconfig/network-scripts/ifup
index 1313d380..029cf6d9 100755
--- a/sysconfig/network-scripts/ifup
+++ b/sysconfig/network-scripts/ifup
@@ -127,8 +127,7 @@ fi
# Is there a firewall running, and does it look like one we configured?
FWACTIVE=
-if [ -f /etc/sysconfig/ipchains -a \
- "`ipchains -L input -n 2>&1 | awk 'END { print NR }'`" -gt 1 ]; then
+if iptables -L 2>/dev/null | grep -q RH-Lokkit-0-50-INPUT ; then
FWACTIVE=1
fi
@@ -179,7 +178,7 @@ if [ -n "${DYNCONFIG}" ]; then
# what DNS server they're using until they are done.
FWHACK=
if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
- ipchains -I input -s 0/0 53 -d 0/0 1025:65535 -p udp -j ACCEPT
+ iptables -A RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT
FWHACK=1
fi
@@ -191,11 +190,11 @@ if [ -n "${DYNCONFIG}" ]; then
echo $" done."
else
echo $" failed."
- [ -n "$FWHACK" ] && ipchains -D input -s 0/0 53 -d 0/0 1025:65535 -p udp -j ACCEPT
+ [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT
exit 1
fi
- [ -n "$FWHACK" ] && ipchains -D input -s 0/0 53 -d 0/0 1025:65535 -p udp -j ACCEPT
+ [ -n "$FWHACK" ] && iptables -D RH-Lokkit-0-50-INPUT -s 0/0 --sport 53 -d 0/0 --dport 1025:65535 -p udp -m udp -j ACCEPT
# DHCP likes to create duplicate routes. Fix that up.
NUMDEFROUTES=`ip -o route | \