Fails to start, firewall left open
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firehol (Debian) |
Fix Released
|
Unknown
|
|||
firehol (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Firehol claims it is "already running" but fails to start. Firewall is left completely open.
1) $ sudo /etc/init.d/firehol stop
Stopping iptables firewall: FireHOL ...FireHOL: Clearing Firewall: OK
done.
2) $ sudo /etc/init.d/firehol start
Starting iptables firewall: FireHOL ...Stopping: FireHOL is already running.
done.
What should happen: firewall should be enabled, blocking unwanted traffic.
What actually happens: Firewall is open, letting everything trough.
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Bug bypass: 'sudo /etc/init.d/firehol restart'
Tested on Ubuntu 5.10 Breezy Badger, firehol 1.231-2 and iptables 1.3.1-2ubuntu1.1. Was reproducible on multiple computers. Vesa Nieminen and "Linux-verkon hallinta" course helped to find this bug.
Changed in firehol: | |
status: | Unknown → Fix Released |
Source: firehol
Source-Version: 1.231-3
We believe that the bug you reported is fixed in the latest version of
firehol, which is due to be installed in the Debian FTP archive:
firehol_ 1.231-3. diff.gz f/firehol/ firehol_ 1.231-3. diff.gz f/firehol/ firehol_ 1.231-3. dsc 1.231-3_ all.deb f/firehol/ firehol_ 1.231-3_ all.deb
to pool/main/
firehol_1.231-3.dsc
to pool/main/
firehol_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alexander Wirt <email address hidden> (supplier of updated firehol package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7 6a5613fbf55348d 95c 578 net optional firehol_1.231-3.dsc 4efc99415a8c102 29b 8354 net optional firehol_ 1.231-3. diff.gz 3372cfdf7ae3722 51b 160232 net optional firehol_ 1.231-3_ all.deb
Date: Sun, 10 Jul 2005 08:52:50 +0200
Source: firehol
Binary: firehol
Architecture: source all
Version: 1.231-3
Distribution: unstable
Urgency: low
Maintainer: Alexander Wirt <email address hidden>
Changed-By: Alexander Wirt <email address hidden>
Description:
firehol - An easy to use but powerful iptables stateful firewall
Closes: 309651 315399
Changes:
firehol (1.231-3) unstable; urgency=low
.
* Fixed lockfile deletion (Closes: #315399,#309651)
Files:
dbaaa8759c6261
93e451ad0d78c9
f32a9115113289
-----BEGIN PGP SIGNATURE-----
8mbx9AgoRAoKIAJ 45OkpPdkYwlHk8W PyysIrwGtgwGQCb BE+C QGVUIPzQ=
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC0Mxa01u
65RBnIxgqzJytWh
=7Rh0
-----END PGP SIGNATURE-----