[isf-wifidog] Bug in fw_iptables.c

[Benoit Grégoire]

> So basically the -D in FW_ACCESS_DENY just "deletes" the "ACCEPT line".

Darn, I missed the -D when I did the audit to create the dia firewall map in 
doc/. 

We should change to long style iptables parameters in the code, it would 
improve readability quite a bit.

> I would personally suggest releasing a 1.1.4... It leaves entries in
> mangle until wifidog is restarted (it clears all chains it created).
> More importantly, it messes up the stats for a user who logs back in
> during the same wifidog process. To reproduce:

Yes, it definitely warrants a 1.1.4

> Benoit, should I just commit the code once you confirm?

Yes you should.  And I confirm.

-- 
Benoit Grégoire
Technologies Coeus inc.
-------------- section suivante --------------
Une pièce jointe non texte a été nettoyée...
Nom: non disponible
Type: application/pgp-signature
Taille: 189 octets
Desc: This is a digitally signed message part.
Url: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20071015/83a73a59/attachment.pgp