Page 1 of 1
rc.firewall script - do I have an error?
Posted: Tue Nov 22, 2022 4:12 am
by mow9902
Hi
When I examine the rc.firewall script in /etc/init.d I notice that line 14/15 says that "The save and restore arguments will save or restore the rules # from the /etc/sysconfig/iptables file."
However - on my fossapup64 system there is no directory /etc/sysconfig and therefore no iptables file in that directory.
Should there be?
Is this just an error on my system (which I may have created in my playing around), or is there an error in the rc.firewall script?
- rc.firewall.png (153.1 KiB) Viewed 1511 times
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 2:36 am
by mow9902
Please - could anyone with a fossapup64 system just do a quick check to see if the directory /etc/sysconfig exists on your system. If it does not, then I have to conclude that rc.firewall has an error in the script and I will alter my copy to fix it.
thanks
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 3:03 am
by Marv
Running fossapup64 9.5 currently. No directory /etc/sysconfig in my running system nor in the main SFS straight from the 9.5 iso.
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 4:22 am
by mow9902
Thanks Marv
Looks like it is an error in the original script.
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 12:26 pm
by mikewalsh
@mow9902 :-
Nah. Not an "error", I don't think. If ya read the bumf, it was originally developed in 2002, then subsequently modified for Slackware by Eric Hameleers - "AlienBob" as he's known to 'Slackers'.
Mainstream distros contain a lot of often redundant/unnecessary stuff that usually gets stripped out of Puppy builds.
If you then read the very next sentence, the functions for which that particular script was originally written appear to be specific to RedHat & Fedora:-
"The save and restore arguments are included to preserve compatibility with Redhat's or Fedora's init.d script if you prefer to use it."
Looks like a 'legacy' item, from an earlier cycle of development. This script has been around for at least two decades, and has doubtless got modified by no end of different devs during its lifetime..!
(*shrug*)
Mike. 
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 12:40 pm
by Burunduk
I'm not an expert here, maybe someone will explain it better. From what I can see in Fossapup64, the /etc/init.d/rc.firewall script is generated automatically by the firewall configuration program (/usr/sbin/firewall_ng). It in itself contains all the settings in a form of iptables command lines. There is no need for an external configuration file.
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 1:31 pm
by BarryK
I made some changes to firewall_ng:
https://github.com/bkauler/woofq/commit ... 5a62e6a272
But fossapup is very old, so perhaps the "-m state" still works, and perhaps don't have to run "iptables-legacy"
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 1:37 pm
by fr-ke
I have another problem with firewall-ng as described here.
http://forum.puppylinux.com/viewtopic.p ... 964#p73290
Re: rc.firewall script - do I have an error?
Posted: Wed Nov 23, 2022 4:46 pm
by dimkr
The firewall part of woof-CE, at https://github.com/puppylinux-woof-CE/w ... irewall_ng. It's pretty much unmaintained, other than some IPv6-related fixes in 2022.