Give a nice error if a VPN key can't be readed (refs #22).

[software/pymin.git] / pymin / services / firewall / templates / iptables.sh

diff --git a/pymin/services/firewall/templates/iptables.sh b/pymin/services/firewall/templates/iptables.sh
index bb67d9a58b0b8993a12761f6e2815f0a1113ae56..e384d0ed36c38e267ff6461589d20119b3e9f347 100644 (file)
--- a/pymin/services/firewall/templates/iptables.sh
+++ b/pymin/services/firewall/templates/iptables.sh
@@ -4,7 +4,7 @@
 
 # TODO escape shell commands more securely
 def s(text):
-    return repr(text.encode('utf-8'))
+    return repr(unicode(text).encode('utf-8'))
 
 def optional(switch, value):
     if value is not None:
@@ -15,6 +15,10 @@ def optional(switch, value):
 
 /usr/sbin/iptables -t filter -F
 
+/usr/sbin/iptables -t filter -P INPUT ACCEPT
+/usr/sbin/iptables -t filter -P OUTPUT ACCEPT
+/usr/sbin/iptables -t filter -P FORWARD ACCEPT
+
 % for (index, rule) in enumerate(rules):
 /usr/sbin/iptables -t filter \
     -I ${rule.chain|s} ${index+1|s} \