Red Hat Bugzilla – Bug 63792
/etc/init.d/ipchains stop should rmmod ipchains
Last modified: 2007-04-18 12:42:09 EDT
From Bugzilla Helper: User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-31 i686) Description of problem: When you do a /etc/init.d/ipchiains stop it leaves the ipchains module still running. So if you stop ipchains and try to start iptables, iptables will not start because iptables rc script does an lsmod and exits if it sees the ipchains modules still running. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. /etc/init.d/ipchains stop 2. lsmod | grep ipchains 3. Actual Results: ipchains was still running. Expected Results: ipchains should not have shown up in a lsmod. Additional info: Try running /etc/init.d/iptables start after /etc/init.d/ipchains stop and you will see that iptables will not start up will the ipchains modules is still loaded.
Sounds reasonable. The iptables script should probably do the same with iptables modules.
Will rmmod remove dependent modules? I'm thinking of the connection-tracking suite. It would also be nice if there were an /etc/sysconfig file to control which tracking modules were loaded.
I've added an rmmod to the ipchains script at the end of the "stop" section. It's currently untested so I don't know how well it works, but that should turn up in beta testing. If anyone would like it done in iptables' initscript also, file a separate request against iptables. ipchains 1.3.10-14
FYI, iptables bug has been entered as bug 65389.
probably better done as modprobe -r instead of rmmod in case there's a set of dependent modules that would also be best removed later on