mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-22 23:53:30 +01:00
Add Makefile just for /usr/share/shorewall/configfiles
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4859 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
b0d7bda3be
commit
1356944d23
78
Shorewall/Makefile-lite
Normal file
78
Shorewall/Makefile-lite
Normal file
@ -0,0 +1,78 @@
|
||||
# Shorewall Packet Filtering Firewall Export Directory Makefile - V3.3
|
||||
#
|
||||
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
|
||||
#
|
||||
# (c) 2006 - Tom Eastep (teastep@shorewall.net)
|
||||
#
|
||||
# Shorewall documentation is available at http://www.shorewall.net
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of Version 2 of the GNU General Public License
|
||||
# as published by the Free Software Foundation.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
|
||||
################################################################################
|
||||
# Place this file in each export directory. Modify each copy to set HOST
|
||||
# to the name of the remote firewall corresponding to the directory.
|
||||
#
|
||||
# To make the 'firewall' script, type "make".
|
||||
#
|
||||
# Once the script is compiling correctly, you can install it by
|
||||
# typing "make install".
|
||||
#
|
||||
################################################################################
|
||||
# V A R I A B L E S
|
||||
#
|
||||
# Files in the export directory on which the firewall script does not depend
|
||||
#
|
||||
IGNOREFILES = firewall% Makefile% trace% %~
|
||||
#
|
||||
# Remote Firewall system
|
||||
#
|
||||
HOST = gateway
|
||||
#
|
||||
# Save some typing
|
||||
#
|
||||
LITEDIR = /var/lib/shorewall-lite
|
||||
#
|
||||
# Default target is the firewall script
|
||||
#
|
||||
################################################################################
|
||||
# T A R G E T S
|
||||
#
|
||||
all: firewall
|
||||
#
|
||||
# Only generate the capabilities file if it doesn't already exist
|
||||
#
|
||||
capabilities:
|
||||
ssh root@$(HOST) "/sbin/shorewall-lite show -f capabilities > $(LITEDIR)/capabilities"
|
||||
scp root@$(HOST):$(LITEDIR)/capabilities .
|
||||
#
|
||||
# Compile the firewall script. Using the 'wildcard' function causes "*" to be expanded so that
|
||||
# 'filter-out' will be presented with the list of files in this directory rather than "*"
|
||||
#
|
||||
firewall: $(filter-out $(IGNOREFILES) capabilities , $(wildcard *) ) capabilities
|
||||
shorewall compile -e . firewall
|
||||
#
|
||||
# Only reload on demand.
|
||||
#
|
||||
install: firewall
|
||||
scp firewall firewall.conf root@$(HOST):$(LITEDIR)
|
||||
ssh root@$(HOST) "/sbin/shorewall-lite restart"
|
||||
#
|
||||
# Save running configuration
|
||||
#
|
||||
save:
|
||||
ssh root@$(HOST) "/sbin/shorewall-lite save"
|
||||
#
|
||||
# Remove generated files
|
||||
#
|
||||
clean:
|
||||
rm -f capabilities firewall firewall.conf reload
|
||||
@ -23,6 +23,8 @@ Changes in 3.3.5
|
||||
|
||||
11) Return success if start of running config.
|
||||
|
||||
12) Add Makefile especially for /usr/share/shorewall/configfiles/
|
||||
|
||||
Changes in 3.3.4
|
||||
|
||||
1) Make exclusion work with "show zones"
|
||||
|
||||
@ -624,9 +624,9 @@ if [ ! -f ${PREFIX}/etc/shorewall/actions ]; then
|
||||
fi
|
||||
|
||||
#
|
||||
# Install the Makefile
|
||||
# Install the Makefiles
|
||||
#
|
||||
run_install $OWNERSHIP -m 0644 Makefile ${PREFIX}/usr/share/shorewall/configfiles/Makefile
|
||||
run_install $OWNERSHIP -m 0644 Makefile-lite ${PREFIX}/usr/share/shorewall/configfiles/Makefile
|
||||
run_install $OWNERSHIP -m 0600 Makefile ${PREFIX}/etc/shorewall/Makefile
|
||||
echo "Makefile installed as ${PREFIX}/etc/shorewall/Makefile"
|
||||
|
||||
|
||||
@ -79,6 +79,21 @@ Other Changes in 3.3.5.
|
||||
/etc/shorewall/tcdevices then no ingress qdisc will be created for
|
||||
the device.
|
||||
|
||||
5) The Makefile installed in /usr/share/shorewall/configfiles/ is now
|
||||
the same one mentioned at
|
||||
http://www.shorewall.net/CompiledPrograms.html.
|
||||
|
||||
Once the file is copied into an export directory, you modify the
|
||||
setting of the HOST variable to match the name of the remote
|
||||
firewall.
|
||||
|
||||
The default target is the "firewall" script so "make" compiles the
|
||||
firewall script if any of the configuration files have
|
||||
changed. "make install" builds "firewall" if necessary then
|
||||
installs it on the remote firewall. "make capabilities" will
|
||||
generate the "capabilities" file if that file doesn't exist. "make
|
||||
save" will save the running configuration on the remote firewall.
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
1) Shorewall supports the notion of "default actions". A default
|
||||
|
||||
Loading…
Reference in New Issue
Block a user