Univention Bugzilla – Bug 45825
Consider splitting up 10_univention-firewall_start.sh
Last modified: 2020-07-03 20:55:23 CEST
Currently we initialise iptables in 10_univention-firewall_start.sh AND define the iptables rules via UCRV security/packetfilter/... We should split this in more files, at least two: - 10_univention-firewall_init.sh <- initialise iptables - 15_univention-firewall_ucr_rules.sh <- add rules defined in UCR This way, it would be much easier to insert certain iptables rules in a custom script right after initialising iptables (e.g. more strict filtering or logging), but before the iptables rules defined by our packages.
This issue has been filed against UCS 4.2. UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.