Package: ferm
Version: 1.2.2-1
ferm code:
mod state state NEW subchain {
ACCEPT;
}
produces:
iptables -A CHAIN -m state --state NEW -j ferm_auto_1
iptables -A ferm_auto_1 -m state -j ACCEPT
-m state in second rule is redundant and not accepted by iptables.
The same behaviour can be observed for any module.
As a quick hack, following seems to work (not sure with all possible
consequencies though):
*** ferm.patched 2007-01-17 21:09:42.000000000 +0100
--- ferm 2006-11-16 08:55:25.000000000 +0100
***************
*** 2186,2188 ****
my $fw2 = {};
! foreach my $key (qw(domain table proto)) {
my $value = $fw->{$key};
--- 2186,2188 ----
my $fw2 = {};
! foreach my $key (qw(domain table proto modules)) {
my $value = $fw->{$key};
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
