[connman] Implement firewall failsafe mechanism. Contributes to JB#43998
This commit adds a failsafe mechanism to set policies of all chains to ACCEPT in case the setup of dynamic rules fails due to iptables error. It will cleanup and initialize iptables.c before setting the policies. Also added a pre-cleanup for firewall. It sets the policies to defaults before the iptables content is saved. This would prevent network blocking in case of downgrading to version where the rules are not set. The saved filter.v4 table then has not got DROP as default INPUT chain policy.
Showing
Please register or sign in to comment