Bug#684449: unblock: ufw/0.31.1-2

[Jamie Strandboge]

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock

Please unblock package ufw

Fixes RC bug #672439

unblock ufw/0.31.1-2

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-27-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set 
LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

diff -Nru ufw-0.31.1/debian/changelog ufw-0.31.1/debian/changelog
--- ufw-0.31.1/debian/changelog	2012-04-04 12:12:29.000000000 -0500
+++ ufw-0.31.1/debian/changelog	2012-07-20 15:06:17.000000000 -0500
@@ -1,3 +1,15 @@
+ufw (0.31.1-2) unstable; urgency=low
+
+  * Simplify unload of firewall and play nicely with other firewall tools by
+    using ufw-init instead of iptables directly. 'ufw-init stop' by design
+    leaves a few empty chains around, but they won't get in the way of
+    anything and are gone after the next reboot. Using upstream's ufw-init has
+    the important benefit of always cleaning what it needs. (Closes: 672439).
+    - debian/prerm: call '/lib/ufw/ufw-init stop' on removal
+    - debian/postrm: don't flush the chains on purge
+
+ -- Jamie Strandboge <ja...@ubuntu.com>  Fri, 20 Jul 2012 15:05:39 -0500
+
 ufw (0.31.1-1) unstable; urgency=low
 
   * New upstream release (Closes: 663677, Closes: 625681)
diff -Nru ufw-0.31.1/debian/postrm ufw-0.31.1/debian/postrm
--- ufw-0.31.1/debian/postrm	2012-03-17 09:30:25.000000000 -0500
+++ ufw-0.31.1/debian/postrm	2012-07-20 15:05:23.000000000 -0500
@@ -23,21 +23,6 @@
         done
         rm -f $RULES_PATH/ufw.rules $RULES_PATH/ufw.rules.dpkg-old
         rm -f $USER_PATH/user.rules $USER_PATH/user6.rules
-
-        # go back to default accept, if ufw was enabled
-        if [ -f "$UFW_CONF" ] && grep -qi "^ENABLED=yes" "$UFW_CONF"; then
-            for exe in iptables ip6tables
-            do
-                if which $exe > /dev/null 2>&1; then
-                    $exe -P INPUT ACCEPT 2>/dev/null || true
-                    $exe -P OUTPUT ACCEPT 2>/dev/null || true
-                    $exe -P FORWARD ACCEPT 2>/dev/null || true
-                    $exe -F 2>/dev/null || true
-                    $exe -X 2>/dev/null || true
-                fi
-            done
-        fi
-
         rm -f "$UFW_CONF"
         ;;
 
diff -Nru ufw-0.31.1/debian/prerm ufw-0.31.1/debian/prerm
--- ufw-0.31.1/debian/prerm	1969-12-31 18:00:00.000000000 -0600
+++ ufw-0.31.1/debian/prerm	2012-07-20 15:05:23.000000000 -0500
@@ -0,0 +1,12 @@
+#!/bin/sh -e
+
+case "$1" in
+    remove)
+        # Unload ufw (will only happen if enabled)
+        if [ -x /lib/ufw/ufw-init ]; then
+            /lib/ufw/ufw-init stop || true
+        fi
+        ;;
+esac
+
+#DEBHELPER#