Add lib.user extension script

This commit is contained in:
Tom Eastep 2009-06-19 14:39:45 -07:00
parent 793ecd5c73
commit 01d046fac9
7 changed files with 39 additions and 2 deletions

View File

@ -97,6 +97,9 @@ sub generate_script_1() {
# Functions to execute the various user exits (extension scripts)
################################################################################
EOF
my $lib = find_file 'lib.user';
copy1 $lib, emit "\n" if -f $lib;
for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored findgw/ {
emit "\nrun_${exit}_exit() {";

View File

@ -79,6 +79,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
push_indent
pop_indent
copy
copy1
create_temp_aux_config
finalize_aux_config
set_shorewall_dir
@ -1088,6 +1089,8 @@ sub copy1( $ ) {
close IF;
}
$lastlineblank = 0;
}
#

View File

@ -20,6 +20,8 @@ Changes in Shorewall 4.4.0-Beta2
8) Add 'USER/GROUP' column to masq file.
9) Added lib.user.
Changes in Shorewall 4.4.0-Beta1
1) Correct typo in Shorewall6 two-interface sample shorewall.conf.

View File

@ -0,0 +1,14 @@
#
# Shorewall version 4 - lib.user File
#
# /etc/shorewall/lib.user
#
# Use this file to declare shell functions to be called in the other
# run-time extension scripts. The file will be copied into the generated
# firewall script.
#
# See http://shorewall.net/shorewall_extension_scripts.htm for additional
# information.
#
###############################################################################
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE

View File

@ -180,6 +180,10 @@ None.
column works similarly to USER/GROUP columns in other Shorewall
configuration files. Only locally-generated traffic is matched.
4) A new extension script, 'lib.user' has been added. This file is
intended to include declarations of shell functions that are called
by the other run-time extension scripts.
----------------------------------------------------------------------------
N E W F E A T U R E S IN 4 . 4
----------------------------------------------------------------------------

View File

@ -1355,6 +1355,10 @@ fi</programlisting></para>
<para><filename>/etc/shorewall/isusable</filename>:</para>
<para>Note that <filename>/etc/lsm/script </filename>writes
a<filename> ${VARDIR}/xxx.status</filename> file when the status of an
interface changes. </para>
<programlisting>local status=0
[ -f ${VARDIR}/${1}.status ] &amp;&amp; status=$(cat ${VARDIR}/${1}.status)
@ -1378,7 +1382,7 @@ connection {
connection {
name=Comcast
checkip=$ETH3_GATEWAY
checkip=${ETH3_GATEWAY:-71.227.156.1}
device=eth3
ttl=1
}
@ -1388,7 +1392,8 @@ EOF
fi</programlisting>
<para>eth3 has a dynamic IP address so I need to use the
Shorewall-detected gateway address ($ETH3_GATEWAY).</para>
Shorewall-detected gateway address ($ETH3_GATEWAY). I supply a default
value in the event that detection fails.</para>
<para><filename>/etc/shorewall/restored</filename>:</para>

View File

@ -69,6 +69,12 @@
<para>The following scripts can be supplied:</para>
<itemizedlist>
<listitem>
<para><filename>lib.user</filename> -- Intended to contain
declarations of shell functions to be called by other run-time
extension scripts.</para>
</listitem>
<listitem>
<para><filename>compile</filename> -- Invoked by the rules compiler
early in the compilation process. Must be written in Perl.</para>