On Thu, 8 Jan 2004 13:09:42 -0600, Phil Brammer wrote:
> Is it just me or is /etc/rc.d/init.d/iptables wrong?
Just you, I think.
> I'm using the last release before Core 1 became production, but I suspect nothing's changed -- I hope I'm wrong.
>
> Anyone having issues with this script as a result of the first few lines?
>
> IPTABLES=/sbin/iptables
This line has been modified by you and will cause the script to fail.
> IPTABLES_DATA=/etc/sysconfig/$IPTABLES
> IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
> IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
> PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
> VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES
>
> So, let me get this straight. I'm supposed to create the file /etc/sysconfig/sbin/iptables-config so that this script will have the appropriate rules to apply? That's just goofy.
>
No. It's /etc/sysconfig/iptables-config and a default file is included.
It doesn't contain iptables "rules", just extra definitions.
> How about:
> IPTABLES=iptables
That's what it is in iptables-1.2.8-13. First of all, /sbin is pulled into
search path through /etc/init.d/functions. Secondly, the iptables initscript
searches for /sbin/$IPTABLES, so $IPTABLES cannot include the path a 2nd
time.
--
