yanglinjingshu / droidwall

Automatically exported from code.google.com/p/droidwall
0 stars 0 forks source link

Possible to flush all CHAINS ? #189

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. use custom script to insert some rules to INPUT chain
2. enable-disable firewall few times
3. there will be many "copies" of rules added from script

What is the expected output? What do you see instead?
I d like to see empty all of iptables chains after disabling firewall

What version of the product are you using? On what operating system?
1.5.3 on android 2.3.3 official rom HTC Desire

Please provide any additional information below.

all is good, works as advertised but I have some rules set up in INPUT chain, 
problem is that when disabling firewall INPUT chain is not flushed, so when 
reenabling everything is doubled/tripled and so on in INPUT chain 

tbh wiki says indirectly that INPUT chain is not supported for use with custom 
script why not include INPUT chain flush on disable ? 

--edit-- did it myself, thank you for providing source code, I edited api.java 
file and on 2 places where you flush droidwall chains I added line to flush 
INPUT chain also, could be better to clear all other chains actually, giving 
people who use scripts better integration with your software

I could flush chain inside my script when enabling droidwall to avoid doubling 
of rules, but it would still be left active after disabling, and there is no 
way to run "disable" custom script

Is there any particular reason you choose to flush only your rules ?

Original issue reported on code.google.com by vl...@skoric.info on 3 Oct 2011 at 1:30

GoogleCodeExporter commented 9 years ago
actually this is enhancement not defect

Original comment by vl...@skoric.info on 3 Oct 2011 at 1:40

GoogleCodeExporter commented 9 years ago
Hello, please note that this is already explained in the CustomScripts wiki...
http://code.google.com/p/droidwall/wiki/CustomScripts

BTW, if DroidWall flushes all chains, it might interfere with other 
applications, such as VPN, so it is better to decide wether to flush or not in 
the custom script.
Just add $IPTABLES -F INPUT on the top or your custom script.

Original comment by rodrigo...@gmail.com on 5 Oct 2011 at 3:36

GoogleCodeExporter commented 9 years ago
On Oct 5, 2011 5:36

applications, such as VPN, so it is better to decide wether to flush or not
in the custom script.

Thanks, flushing in script is half done.
Another cus> Updates:

not

Original comment by vl...@skoric.info on 5 Oct 2011 at 4:16

GoogleCodeExporter commented 9 years ago
applications, such as VPN, so it is better to decide wether to flush or not
in the custom script.

not

Thanks, flushing in script is half done.
Another custom script which runs when disabling firewall would help,
otherwise custom rules will remain active when firewall is disabled,unless
flushed manually in terminal as it says in wiki.
But I see you are focused on output, and that solution is brilliant.

Original comment by vl...@skoric.info on 5 Oct 2011 at 4:25

GoogleCodeExporter commented 9 years ago
I will try to add a custom "on disable" script to fill that gap ;)
Thanks for the feedback.

Original comment by rodrigo...@gmail.com on 7 Oct 2011 at 5:20