Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
SuSEfirewall2
SuSEfirewall2-3.6_SVNr211.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File SuSEfirewall2-3.6_SVNr211.diff of Package SuSEfirewall2
From 29a22da3f463b8b6cb653380afaa133b7caab187 Mon Sep 17 00:00:00 2001 From: lnussel <lnussel@b36d0de6-17df-0310-aa5c-c2ebc275e154> Date: Fri, 23 Jan 2009 09:37:12 +0000 Subject: [PATCH] allow service files to specify kernel modules and allow related packets git-svn-id: https://forgesvn1.novell.com/svn/susefirewall2/trunk@211 b36d0de6-17df-0310-aa5c-c2ebc275e154 --- SuSEfirewall2 | 11 +++++++++++ SuSEfirewall2.service.TEMPLATE | 18 ++++++++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/SuSEfirewall2 b/SuSEfirewall2 index 7cab747..6873ddd 100755 --- a/SuSEfirewall2 +++ b/SuSEfirewall2 @@ -1076,6 +1076,8 @@ parse_configurations() local RPC='' local IP='' local BROADCAST='' + local RELATED='' + local MODULES='' # XXX: could use a sub shell in order to enforce use of known variables only if [ ! -r $CONFIGURATIONSDIR_0/$config ] || ! . $CONFIGURATIONSDIR_0/$config; then @@ -1097,6 +1099,15 @@ parse_configurations() eval $var="\"\$$var \$BROADCAST\"" fi fi + + if [ -n "$RELATED" ]; then + eval FW_SERVICES_ACCEPT_RELATED_`cibiz $zone`="\"\$FW_SERVICES_ACCEPT_RELATED_`cibiz $zone` \$RELATED\"" + fi + + if [ -n "$MODULES" ]; then + eval FW_LOAD_MODULES="\"\$FW_LOAD_MODULES \$MODULES\"" + fi + done done } diff --git a/SuSEfirewall2.service.TEMPLATE b/SuSEfirewall2.service.TEMPLATE index 9a5622d..7771036 100644 --- a/SuSEfirewall2.service.TEMPLATE +++ b/SuSEfirewall2.service.TEMPLATE @@ -1,8 +1,10 @@ # Do not edit this file as it's just a template and will be # overwritten on package updates! Copy to a new file instead. +# Fill in the required variables and delete the unused ones. +# If in doubt ask security@suse.de # -# Only the variables TCP, UDP, RPC, IP and BROADCAST are allowed. -# More may be supported in the future. +# Only the variables TCP, UDP, RPC, IP, BROADCAST, RELATED and +# MODULES are allowed. More may be supported in the future. # # For a more detailed description of the individual variables see # the comments for FW_SERVICES_*_EXT in /etc/sysconfig/SuSEfirewall2 @@ -25,3 +27,15 @@ IP="" # space separated list of allowed UDP broadcast ports BROADCAST="" + +### variables below are only needed in very special cases + +# space separated list of net,protocol[,sport[,dport]] +# see FW_SERVICES_ACCEPT_RELATED_EXT +# net 0/0 means IPv4 and IPv6. If this sevice should only work for +# IPv4 use 0.0.0.0/0 +RELATED="" + +# additional kernel modules needed for this service +# see FW_LOAD_MODULES +MODULES="" -- 1.6.0.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor