[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSEfirewall2 - scripts (SuSE 9.3)



Hi,

> There is are 3rd Script "SuSEfirewall2_final"
> 
> The firewall starts in 3 stages
> 
> 1]init
> 
> Description: SuSEfirewall2_init does some basic setup and is the phase 1 
> of 3 of the SuSEfirewall initialization
> 
> 2]setup
> 
> Description: SuSEfirewall2_setup does some basic setup and is the phase 
> 2 of 3 of the SuSEfirewall initialization.
> 
> 3]up and running
> 
> Description: SuSEfirewall2_final does finally set all the firewalling
> rules. Phase 3 of 3 of SuSEfirewall setup.
> 
> All 3 scripts call /sbin/SuSEfirewall2 with different parameters.

Okay, I think SuSE 9.3 does not really have the 3rd phase anymore since the script SuSEfirewall2_init and SuSEfirewall2_setup tell:

### BEGIN INIT INFO
# Provides: SuSEfirewall2_init
# Required-Start: $local_fs boot.localnet
# Required-Stop: 
# Should-Stop: $network
# Default-Start: B
# Default-Stop:
# Short-Description: SuSEfirewall2 phase 1
# Description: SuSEfirewall2_init does some basic setup and is the
#       phase 1 of 2 of the SuSEfirewall initialization
### END INIT INFO

and### BEGIN INIT INFO
# Provides: SuSEfirewall2_setup
# Required-Start: SuSEfirewall2_init $network $local_fs
# Should-Start: $ALL
# Required-Stop: $local_fs
# X-UnitedLinux-Should-Stop: 
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: SuSEfirewall2 phase 2
# Description: SuSEfirewall2_setup does some basic setup and is the
#       phase 2 of 2 of the SuSEfirewall initialization.
### END INIT INFO
# X-SuSE-Dep-Only

I just wanted to add that.

Here is a locate of the SuSE firewall scripts


bash:/etc # locate SuSEfirewall2_
/etc/init.d/boot.d/K11SuSEfirewall2_init
/etc/init.d/boot.d/S11SuSEfirewall2_init
/etc/init.d/rc3.d/K01SuSEfirewall2_setup
/etc/init.d/rc3.d/S21SuSEfirewall2_setup
/etc/init.d/rc4.d/K01SuSEfirewall2_setup
/etc/init.d/rc4.d/S21SuSEfirewall2_setup
/etc/init.d/rc5.d/K01SuSEfirewall2_setup
/etc/init.d/rc5.d/S21SuSEfirewall2_setup
/etc/init.d/SuSEfirewall2_init
/etc/init.d/SuSEfirewall2_setup
/etc/preload.d/SuSEfirewall2_final
/etc/preload.d/SuSEfirewall2_init
/etc/preload.d/SuSEfirewall2_setup
/lib/scpm/resource_types/service/status/SuSEfirewall2_final
/lib/scpm/resource_types/service/status/SuSEfirewall2_init

There is just one SuSEfirewall2_final entry displayed which even calls the SuSEfirewall2_setup script. I can't find any reason to have this file? Does somebody do?

Regards,
Robert.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature