Fix firewall script to stop _ext_fw properly
authorNeutron Soutmun <neo.neutron@gmail.com>
Sat, 19 Sep 2009 11:05:11 +0000 (18:05 +0700)
committerNeutron Soutmun <neo.neutron@gmail.com>
Sat, 19 Sep 2009 11:05:11 +0000 (18:05 +0700)
tools/rahunas-firewall.in

index 102e887..77c6c4a 100755 (executable)
@@ -262,14 +262,20 @@ navigation_rules () {
   fi
 
   # INPUT from external
-  for dev in $DEV_EXTERNAL_LIST; do
-    # Filter duplicated external interfaces
-    if ! echo $MAIN_EXT_IFACE_LIST | grep $dev > /dev/null; then
-      MAIN_EXT_IFACE_LIST=`echo "$MAIN_EXT_IFACE_LIST $dev"`
+  if [ "$opt" = "start" ]; then
+    for dev in $DEV_EXTERNAL_LIST; do
+      # Filter duplicated external interfaces
+      if ! echo $MAIN_EXT_IFACE_LIST | grep $dev > /dev/null; then
+        MAIN_EXT_IFACE_LIST=`echo "$MAIN_EXT_IFACE_LIST $dev"`
 
+        $IPTABLES $action INPUT $DEV_IN_PARAM $dev -j ${NAME}_ext_fw
+      fi
+    done
+  else #stop
+    for dev in $MAIN_EXT_IFACE_LIST; do
       $IPTABLES $action INPUT $DEV_IN_PARAM $dev -j ${NAME}_ext_fw
-    fi
-  done
+    done
+  fi
 
   # INPUT
   $IPTABLES $action INPUT \