extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-18 07:36:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix delete_proxy_arp (again)

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3319 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-01-18 19:16:50 +00:00
parent b0bf9d518b
commit 715d2d2a4c
1 changed files with 44 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
Shorewall/firewall
View File

@ -2951,12 +2951,29 @@ setup_syn_flood_chains()
delete_proxy_arp() { delete_proxy_arp() {
if [ -f /var/lib/shorewall/proxyarp ]; then if [ -f /var/lib/shorewall/proxyarp ]; then
while read address interface external haveroute; do while read address interface external haveroute; do
run_and_save_command "qt arp -i $external -d $address pub" case $COMMAND in
if [ $COMMAND = compile ]; then compile)
[ -z "$haveroute" ] && save_command "qt ip route del $address dev $interface" save_command "qt arp -i $external -d $address pub"
else [ -z "$haveroute" ] && save_command "[ -n \"\$NOROUTE\" ] || qt ip route del $address dev $interface"
;;
stop|clear)
qt arp -i $external -d $address pub
[ -z "${haveroute}${NOROUTES}" ] && qt ip route del $address dev $interface [ -z "${haveroute}${NOROUTES}" ] && qt ip route del $address dev $interface
;;
*)
if [ -n "$STOPPING" ]; then
run_and_save_command "qt arp -i $external -d $address pub"
qt arp -i $external -d $address pub
[ -z "${haveroute}${NOROUTES}" ] && qt ip route del $address dev $interface
else
run_and_save_command "qt arp -i $external -d $address pub"
if [ -z "$haveroute" ];then
[ -n "$NOROUTE" ] || qt ip route del $address dev $interface
save_command "[ -n \"\$NOROUTE\" ] || qt ip route del $address dev $interface"
fi fi
fi
;;
esac
done < /var/lib/shorewall/proxyarp done < /var/lib/shorewall/proxyarp
[ $COMMAND = compile ] || rm -f /var/lib/shorewall/proxyarp [ $COMMAND = compile ] || rm -f /var/lib/shorewall/proxyarp
@ -2964,7 +2981,8 @@ delete_proxy_arp() {
[ -d $STATEDIR ] && touch $STATEDIR/proxyarp [ -d $STATEDIR ] && touch $STATEDIR/proxyarp
if [ $COMMAND = compile ]; then case $COMMAND in
compile)
cat >> $RESTOREBASE << __EOF__ cat >> $RESTOREBASE << __EOF__
${INDENT}for f in /proc/sys/net/ipv4/conf/*; do ${INDENT}for f in /proc/sys/net/ipv4/conf/*; do
@ -2972,11 +2990,24 @@ ${INDENT} [ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
${INDENT}done ${INDENT}done
${INDENT} ${INDENT}
__EOF__ __EOF__
else ;;
stop|clear)
for f in /proc/sys/net/ipv4/conf/*; do for f in /proc/sys/net/ipv4/conf/*; do
[ -f $f/proxy_arp ] && echo 0 > $f/proxy_arp [ -f $f/proxy_arp ] && echo 0 > $f/proxy_arp
done done
;;
*)
if [ -n "$STOPPING" ]; then
for f in /proc/sys/net/ipv4/conf/*; do
[ -f $f/proxy_arp ] && echo 0 > $f/proxy_arp
done
else
for f in /proc/sys/net/ipv4/conf/*; do
run_and_save_command "[ -f $f/proxy_arp ] && echo 0 > $f/proxy_arp"
done
fi fi
;;
esac
} }
# #