Don't fail if can't revert errors

We will log the errors, however no point in failing; not only can this hide errors that occured setting up the firewall, but is pointless as we can't actually handle these errors in a good way anyway.
author: Brian May <brian@linuxpenguins.xyz> 2015-12-05 14:14:01 +1100
committer: Brian May <brian@linuxpenguins.xyz> 2015-12-05 14:14:01 +1100
commit: d07a775d50fb21dcf345abd636376c82a030c4c7 (patch)
tree: 92fa131a4ab0edb7eecc1144e54ee04fc851bfa2
parent: 50a6e87237f482310c8d02b0050e2e3f24c8f8ec (diff)
1 files changed, 35 insertions, 5 deletions
diff --git a/sshuttle/firewall.py b/sshuttle/firewall.py
index f9803d9..68430d9 100644
--- a/sshuttle/firewall.py
+++ b/sshuttle/firewall.py
@@ -5,6 +5,7 @@ import sshuttle.ssyslog as ssyslog
 import sys
 import os
 import platform
+import traceback
 from sshuttle.helpers import debug1, debug2, Fatal
 from sshuttle.methods import get_auto_method, get_method
 
@@ -228,8 +229,37 @@ def main(method_name, syslog):
             debug1('firewall manager: undoing changes.\n')
         except:
             pass
-        if port_v6:
-            method.setup_firewall(port_v6, 0, [], socket.AF_INET6, [], udp)
-        if port_v4:
-            method.setup_firewall(port_v4, 0, [], socket.AF_INET, [], udp)
-        restore_etc_hosts(port_v6 or port_v4)
+
+        try:
+            if port_v6:
+                debug2('firewall manager: undoing IPv6 changes.\n')
+                method.setup_firewall(port_v6, 0, [], socket.AF_INET6, [], udp)
+        except:
+            try:
+                debug1("Error trying to undo IPv6 firewall\n")
+                for line in traceback.format_exc().splitlines():
+                    debug1("---> %s\n" % line)
+            except:
+                pass
+
+        try:
+            if port_v4:
+                debug2('firewall manager: undoing IPv4 changes.\n')
+        except:
+            try:
+                debug1("Error trying to undo IPv4 firewall\n")
+                for line in traceback.format_exc().splitlines():
+                    debug1("---> %s\n" % line)
+            except:
+                pass
+
+        try:
+            debug2('firewall manager: undoing /etc/hosts changes.\n')
+            restore_etc_hosts(port_v6 or port_v4)
+        except:
+            try:
+                debug1("Error trying to undo IPv4 firewall\n")
+                for line in traceback.format_exc().splitlines():
+                    debug1("---> %s\n" % line)
+            except:
+                pass
author	Brian May <brian@linuxpenguins.xyz>	2015-12-05 14:14:01 +1100
committer	Brian May <brian@linuxpenguins.xyz>	2015-12-05 14:14:01 +1100
commit	d07a775d50fb21dcf345abd636376c82a030c4c7 (patch)
tree	92fa131a4ab0edb7eecc1144e54ee04fc851bfa2
parent	50a6e87237f482310c8d02b0050e2e3f24c8f8ec (diff)