Forward Firewall: fixed icmp-types and deleted dmzholes chain

2026-04-16 05:53:00 +02:00 · 2013-01-31 08:45:04 +01:00
parent 8f1634ffbc
commit d6bdebd47d
2 changed files with 5 additions and 5 deletions
--- a/config/fwhosts/icmp-types
+++ b/config/fwhosts/icmp-types
@@ -1,4 +1,4 @@
-0,echo-reply (pong),0
+0,echo-reply,0
 1,destination-unreachable,3
 2,network-unreachable,3/0
 3,host-unreachable,3/1
@@ -21,10 +21,10 @@
 20,host-redirect,5/1
 21,TOS-network-redirect,5/2
 22,TOS-host-redirect,5/3
-23,echo-request (ping),8
+23,echo-request,8
 24,router-advertisement,9
 25,router-solicitation,10
-26,time-exceeded (ttl-exceeded),11
+26,time-exceeded,11
 27,ttl-zero-during-transit,11/0
 28,ttl-zero-during-reassembly,11/1
 29,parameter-problem,12
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -242,9 +242,9 @@ case "$1" in

 	iptables_red
 	
-	# DMZ pinhole chain.  setdmzholes setuid prog adds rules here to allow
+	# DMZ pinhole chain.  
 	# ORANGE to talk to GREEN / BLUE.
-	/sbin/iptables -N DMZHOLES
+
 	if [ "$ORANGE_DEV" != "" ]; then
 		/sbin/iptables -A FORWARD -i $ORANGE_DEV -m state --state NEW -j FORWARDFW
 	fi