Awall unhandled exception if extra iptables modules are loaded (#3419) · Issues · alpine / awall

Awall unhandled exception if extra iptables modules are loaded

If any extra iptables kernel module is loaded then during awall activate awall raises error exception in M.flush() function, line for i, chain in ipairs(M.builtin[tbl]) do

in /usr/share/lua/5.1/awall/iptables.lua:

function M.flush()
    local empty = M.IPTables()
    for family, params in pairs(families) do
       local success, lines = pcall(io.lines, params.procfile)
       if success then
          for tbl in lines do
             for i, chain in ipairs(M.builtin[tbl]) do 
...

since M.builtin has no extra module default and there is no error excpetion handler:

M.builtin = {
    filter={'FORWARD', 'INPUT', 'OUTPUT'},
    mangle={'FORWARD', 'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'},
    nat={'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'},
    raw={'OUTPUT', 'PREROUTING'},
    security={'FORWARD', 'INPUT', 'OUTPUT'}
}

This case happened on host with iptable_rawpost module loaded

(from redmine: issue id 3419, created on 2014-10-07, closed on 2017-05-17)

If any extra iptables kernel module is loaded then during **awall
activate** awall raises error exception in **M.flush()** function, line
**for i, chain in ipairs(M.builtin\[tbl\]) do**

in **/usr/share/lua/5.1/awall/iptables.lua**:

function M.flush()
        local empty = M.IPTables()
        for family, params in pairs(families) do
           local success, lines = pcall(io.lines, params.procfile)
           if success then
              for tbl in lines do
                 for i, chain in ipairs(M.builtin[tbl]) do 
    ...

since **M.builtin** has no extra module default and there is no error
excpetion handler:

M.builtin = {
        filter={'FORWARD', 'INPUT', 'OUTPUT'},
        mangle={'FORWARD', 'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'},
        nat={'INPUT', 'OUTPUT', 'POSTROUTING', 'PREROUTING'},
        raw={'OUTPUT', 'PREROUTING'},
        security={'FORWARD', 'INPUT', 'OUTPUT'}
    }

This case happened on host with **iptable\_rawpost** module loaded

*(from redmine: issue id 3419, created on 2014-10-07, closed on 2017-05-17)*

Discussion
Designs