From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011014

Description of problem:
I have a bash script that is runned at startup. Its used to start me unique
firewall rules for a server instead of using the ipchains script. In the
script I use arrays to contain the values for services I wish to allow
through the firewall. For example:

#!/bin/bash
EXTRN_INTERFACE="ppp0"
UNPRIVPORTS="1024:65535"
IPADDR='/sbin/ifconfig ppp0 | awk '/inet/ { print $2 }' | sed -e s/addr://`

declare -a POP_SERVER
POP_SERVER[1]="pop.mail.host1"
POP_SERVER[2]="pop.mail.host2"

for SERVER in ${POP_SERVER[@]; do
  ipchains -A output -i $EXTRN_INTERFACE -p tcp \
	-s $IPADDR $UNPRIVPORTS \
	-d $SERVER 110 -j ACCEPT

  ipchains -A input -i $EXTRN_INTERFACE -p tcp ! \
	-y -s $SERVER 110 \
	-d $IPADDR $UNPRIVPORTS -j ACCEPT
done

The script is activated by the /etc/ppp/ip-up.local script. Its started
when the adsl link is turned on. I know that the script is started because
the default policies are changed from ACCEPT to their respective values of
DENY or REJECT.

The problem is that the rules for the mail servers in this example are not
set. Re-running the script causes the rules to be applied. No mail is able
to be retrieved until the script is 

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Start up ADSL
2. PPP script ip-up starts ip-up.local
3. ip-up.local contains "/etc/init.d/firewall start"
4. Verify rules for POP mail servers via "/etc/init.d/firewall status |
grep 110"

	

Actual Results:  Step 4 gave no results. 

Expected Results:  It should have reported four rules (2 inputs and 2
outputs for the mail servers).
For example one server should be:

ACCEPT tcp !y---- 216.93.66.155  66.72.204.145  110 -> 1024:65535
ACCEPT tcp ------- 66.72.204.145  216.93.66.155  1024:65535 -> 110

Additional info:

bash (2.04.11)
ipchains (1.3.9)