awall activate failed to restore running configuration
Seems that on certain conditions activate does not restore running configuration if the new rules fail to install.
I observed this on one box when using high flow-limit (50/s) which kernel refused due to the recent match’s max packet count limit of 20.
As the rules were flawed they failed to install. However, it seems that also restore of previous config failed, and as final result the box was left with empty rules, with policy of DROP.
(from redmine: issue id 1584, created on 2013-01-24, closed on 2013-02-08)
- Changesets:
- Revision 35c741f3 by Kaarle Ritvanen on 2013-01-30T08:14:11Z:
improved error handling
do not print stack trace in case of user errors, fixes #1453
immediate fallback after failed activation, even with --force, before main process exit, fixes #1584