Package: shorewall Version: 3.2.6-2 Bug: "/etc/init.d/shorewall stop" "silently" opens the machine for ANY traffic (built-in chains policy is ACCEPT) because instead of "/sbin/shorewall stop" the script execute "/sbin/shorewall clear". IMHO for SECURITY reasons it's VARY bad behaviour.
I think, that the command "/etc/init.d/shorewall stop" should execute "/sbin/shorewall stop". Or, at least, action on executing "/etc/init.d/shorewall stop" MUST be adjusted in "/etc/default/shorewall". In general, traffic is not allowed in stopped state, regardless of what in http://bugs.debian.org/342609 (may be solution is "/sbin/shorewall clear" and then "/sbin/shorewall stop"). OS: Debian Etch 4.0r1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
