From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 12 Feb 2012 01:52:29 +0000 (+0000)
Subject: bookends.m4: Open up tables we clobbered at exit.
X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/commitdiff_plain/86c975b5410e71dd9ba9faf4cca909e70adea3a0

bookends.m4: Open up tables we clobbered at exit.

Otherwise the `raw' table gets left dropping everything.  I've no idea
why this didn't actually break everything for ages.
---

diff --git a/bookends.m4 b/bookends.m4
index b51f8ae..b29047b 100644
--- a/bookends.m4
+++ b/bookends.m4
@@ -217,5 +217,17 @@ for chain in INPUT FORWARD; do
   run ip46tables -A $chain -g forbidden
 done
 
+## Allow stuff through unknown tables.
+for ip in ip ip6; do
+  for table in $(cat /proc/net/${ip}_tables_names); do
+    case $table in mangle | filter) continue ;; esac
+    ${ip}tables -nL -t $table |
+    sed -n '/^Chain \([^ ]\+\) (policy .*$/ s//\1/p ' |
+    while read chain; do
+      run ${ip}tables -t $table -P $chain ACCEPT
+    done
+  done
+done
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------