From 5f1370f1b40911df5ea09fe1f36c9d237c35fc09 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 6 Mar 2017 11:22:55 -0800 Subject: [PATCH] Clear the firewall on Debian systemd 'stop' command Signed-off-by: Tom Eastep --- Shorewall-lite/shorewall-lite.service.debian | 2 +- Shorewall/Perl/Shorewall/Rules.pm | 4 ++-- Shorewall/shorewall.service.debian | 2 +- Shorewall6-lite/shorewall6-lite.service.debian | 2 +- Shorewall6/shorewall6.service.debian | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Shorewall-lite/shorewall-lite.service.debian b/Shorewall-lite/shorewall-lite.service.debian index 86f20910a..8d0755379 100644 --- a/Shorewall-lite/shorewall-lite.service.debian +++ b/Shorewall-lite/shorewall-lite.service.debian @@ -16,7 +16,7 @@ RemainAfterExit=yes EnvironmentFile=-/etc/default/shorewall-lite StandardOutput=syslog ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS -ExecStop=/sbin/shorewall-lite $OPTIONS stop +ExecStop=/sbin/shorewall-lite $OPTIONS clear ExecReload=/sbin/shorewall-lite $OPTIONS reload $RELOADOPTIONS [Install] diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index d1e27dacf..74cd3ca95 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -1735,12 +1735,12 @@ sub process_action(\$\$$) { progress_message2 "$doing $actionfile for chain $chainref->{name}..."; - push_open $actionfile, 2, 1, undef, 2; - my $oldparms = push_action_params( $action, $chainref, $param, $level, $tag, $caller ); my $options = $actionref->{options}; my $nolog = $options & ( NOLOG_OPT | LOGJUMP_OPT ); + push_open $actionfile, 2, 1, undef, 2; + setup_audit_action( $action ) if $options & AUDIT_OPT; $active{$action}++; diff --git a/Shorewall/shorewall.service.debian b/Shorewall/shorewall.service.debian index ec250ef1f..eadfb2a9e 100644 --- a/Shorewall/shorewall.service.debian +++ b/Shorewall/shorewall.service.debian @@ -16,7 +16,7 @@ RemainAfterExit=yes EnvironmentFile=-/etc/default/shorewall StandardOutput=syslog ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS -ExecStop=/sbin/shorewall $OPTIONS stop +ExecStop=/sbin/shorewall $OPTIONS clear ExecReload=/sbin/shorewall $OPTIONS reload $RELOADOPTIONS [Install] diff --git a/Shorewall6-lite/shorewall6-lite.service.debian b/Shorewall6-lite/shorewall6-lite.service.debian index f91346333..e4f32c90d 100644 --- a/Shorewall6-lite/shorewall6-lite.service.debian +++ b/Shorewall6-lite/shorewall6-lite.service.debian @@ -15,7 +15,7 @@ RemainAfterExit=yes EnvironmentFile=-/etc/default/shorewall6-lite StandardOutput=syslog ExecStart=/sbin/shorewall6-lite $OPTIONS start -ExecStop=/sbin/shorewall6-lite $OPTIONS stop +ExecStop=/sbin/shorewall6-lite $OPTIONS clear ExecReload=/sbin/shorewall6-lite $OPTIONS reload [Install] diff --git a/Shorewall6/shorewall6.service.debian b/Shorewall6/shorewall6.service.debian index c311ed4d4..0a0f62f06 100644 --- a/Shorewall6/shorewall6.service.debian +++ b/Shorewall6/shorewall6.service.debian @@ -16,7 +16,7 @@ RemainAfterExit=yes EnvironmentFile=-/etc/default/shorewall6 StandardOutput=syslog ExecStart=/sbin/shorewall -6 $OPTIONS start $STARTOPTIONS -ExecStop=/sbin/shorewall -6 $OPTIONS stop +ExecStop=/sbin/shorewall -6 $OPTIONS clear ExecReload=/sbin/shorewall -6 $OPTIONS reload $RELOADOPTIONS [Install]