Bug#409609: arno-iptables-firewall: fails to source files from plugin directory

Sun, 04 Feb 2007 06:06:54 -0800 

Hi Christian,

[ CC'ed Upstream Arno van Amersfoort ]

thanks for your report. I can confirm this bug.

On 2/4/07, Christian Schult <cschult@gmx.de> wrote:


Package: arno-iptables-firewall
Version: 1.8.8.g-2
Severity: normal
Tags: patch


arno-iptables-firewall v.1.8.8g (Debian unstable) fails to read files in
/etc/arno-iptables-firewall/plugins/ if there is more then one file with
suffix .plugin. I posted the error message below and attached a patch just
to
show how i solved the problem.

#######################################
Using loglevel "info" for syslogd

Setting up firewall rules:

-------------------------------------------------------------------------------
Accepting packets from the local loopback device
Enabling setting the maximum packet size via MSS
Enabling mangling TOS
Logging of stealth scans (nmap probes etc.) enabled
Logging of packets with bad TCP-flags disabled
Logging of INVALID TCP packets disabled
Logging of INVALID UDP packets disabled
Logging of INVALID ICMP packets disabled
Logging of fragmented packets disabled
Logging of access from reserved addresses disabled
Setting up anti-spoof rules
Reading custom rules from /etc/arno-iptables-firewall/custom-rules
/etc/arno-iptables-firewall/custom-rules: line 7: [:
/etc/arno-iptables-firewall/plugins/50ssh-brute-force-protection.plugin:
binary operator expected
Setting up INPUT policy for the external net (INET):
Logging of explicitly blocked hosts enabled
#######################################


#######################################
~ # cat etc_arno-iptables-firewall_custom-rules.diff
--- /etc/arno-iptables-firewall/custom-rules~   2007-02-03 10:28:
24.000000000 +0100
+++ /etc/arno-iptables-firewall/custom-rules    2007-02-04 10:31:
50.000000000 +0100
@@ -4,7 +4,7 @@
PLUGIN_PATH="/etc/arno-iptables-firewall/plugins"

# Load/insert user plugins
-if [ -e "$PLUGIN_PATH"/*.plugin ]; then
+if [[ $(ls $PLUGIN_PATH | grep ".plugin$") ]]; then
   echo "Loading (user) plugins:"
   plugin_count=0
   for plugin in "$PLUGIN_PATH"/*.plugin; do

#######################################



I'd prefer this line as a fix:


if [ "$(ls -1 ${PLUGIN_PATH}/*.plugin)" ]; then


@Arno: Do we miss anything?

I'm going to have a closer look tonight and will provide a patched version
shortly.


Thanks,

Michael

--

GPG key:  1024D/3144BE0F Michael Hanke
http://apsy.gse.uni-magdeburg.de/hanke
ICQ: 48230050
Jabber: [EMAIL PROTECTED]

Reply via email to