© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Another issue I found in the iptables_firewall code is that it builds iptables rules in reverse, for example:
-j RETURN -p udp -m udp --dport 68 --sport 67 -s 10.11.12.2/32
This causes the code in iptables_manager to not match that since iptables-save outputs them in this order:
-s 10.11.12.2/32 -p udp -m udp --sport 67 --dport 68 -j RETURN
Had to tweak the code there a little.
Some of the other code needed similar tweaks, but no change in the functionality.
Also, when specifying either TCP or UDP (-p tcp), iptables-save will always put the module name on output. For example:
-p tcp -m tcp
I had to change the code to always put that '-m $proto' as well since otherwise we won't match exactly.