diff --git a/STABLE2/firewall b/STABLE2/firewall index 746ae7d6c..50af7a829 100755 --- a/STABLE2/firewall +++ b/STABLE2/firewall @@ -1278,7 +1278,7 @@ stop_firewall() { [ -n "$NAT_ENABLED" ] && delete_nat delete_proxy_arp - [ -n "$CLEAR_TC" ] && delete_tc + [ -n "$CLEAR_TC" ] && delete_tc1 [ -n "$DISABLE_IPV6" ] && disable_ipv6 @@ -1363,7 +1363,16 @@ stop_firewall() { iptables -A FORWARD -p udp -i $interface -o $interface --dport 67:68 -j ACCEPT done - setup_forwarding + case "$IP_FORWARDING" in + [Oo][Nn]) + echo 1 > /proc/sys/net/ipv4/ip_forward + echo "IP Forwarding Enabled" + ;; + [Oo][Ff][Ff]) + echo 0 > /proc/sys/net/ipv4/ip_forward + echo "IP Forwarding Disabled!" + ;; + esac run_user_exit stopped @@ -2163,6 +2172,29 @@ delete_tc() done } +delete_tc1() +{ + + clear_one_tc() { + tc qdisc del dev $1 root 2> /dev/null + tc qdisc del dev $1 ingress 2> /dev/null + + } + + run_user_exit tcclear + + run_ip link list | \ + while read inx interface details; do + case $inx in + [0-9]*) + clear_one_tc ${interface%:} + ;; + *) + ;; + esac + done +} + # # Process a record from the accounting file # @@ -2385,7 +2417,7 @@ refresh_tc() { echo "Refreshing Traffic Control Rules..." - [ -n "$CLEAR_TC" ] && delete_tc + [ -n "$CLEAR_TC" ] && delete_tc1 [ -n "$MARK_IN_FORWARD_CHAIN" ] && chain=tcfor || chain=tcpre @@ -5515,7 +5547,7 @@ define_firewall() # $1 = Command (Start or Restart) RESTOREBASE=$(mktempfile /var/lib/shorewall) - [ -n "$RESTOREBASE" ] || fatal_error "Cannot create temporary file in /var/lib/shorewall" + [ -n "$RESTOREBASE" ] || startup_error "Cannot create temporary file in /var/lib/shorewall" echo '#bin/sh' >> $RESTOREBASE save_command "#"