From abc84e2b0b3c9bd1462dae41e1141d840fc29b63 Mon Sep 17 00:00:00 2001
From: Thomas Martin <tmartin@optiplex.evolix.net>
Date: Wed, 9 Jun 2010 19:27:19 +0200
Subject: [PATCH 1/2] check correct sourcing of configuration file, and exit if
 it fails

---
 minifirewall | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/minifirewall b/minifirewall
index 8741bfd..9ee7865 100644
--- a/minifirewall
+++ b/minifirewall
@@ -91,7 +91,21 @@ $IPT -A LOG_ACCEPT -j LOG  --log-prefix '[IPTABLES ACCEPT] : '
 $IPT -A LOG_ACCEPT -j ACCEPT
 
 # Configuration
-test -f /etc/firewall.rc && . /etc/firewall.rc
+configfile="/etc/firewall.rc"
+
+if ! test -f $configfile; then
+	echo "$configfile does not exist" >&2
+	exit 1
+fi
+
+tmpfile=`mktemp`
+. $configfile 2>$tmpfile >&2
+if [ -s $tmpfile ]; then
+	echo "$configfile returns standard or error output (see below). Stopping."
+	cat $tmpfile
+	exit 1
+fi
+rm $tmpfile
 
 # trusted ip addresses
 $IPT -N ONLYTRUSTED

From 530ed78833e6ef4c869b0072aa79861bd70ff2d9 Mon Sep 17 00:00:00 2001
From: Romain Dessort <romain@univers-libre.net>
Date: Wed, 23 Jun 2010 10:45:35 +0200
Subject: [PATCH 2/2] =?UTF-8?q?Ajout=20de=20l'URL=20mirror.evolix.org=20da?=
 =?UTF-8?q?ns=20la=20liste=20des=20sites=20autoris=C3=A9s.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 firewall.rc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/firewall.rc b/firewall.rc
index 23c853c..22e1c59 100644
--- a/firewall.rc
+++ b/firewall.rc
@@ -49,7 +49,7 @@ DNSSERVEURS='85.31.205.33 78.153.240.29'
 #     du minifirewall en crontab
 # (Attention, si un proxy HTTP est installe en local
 #  mettre 0.0.0.0/0)
-HTTPSITES='security.debian.org pub.evolix.net volatile.debian.org'
+HTTPSITES='security.debian.org pub.evolix.net volatile.debian.org mirror.evolix.org'
 
 # HTTPS
 # /!\ Possibilite d'utiliser des noms de domaines