mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-25 09:03:30 +01:00
Add LITEDIR to configpath so that distributions can define where the 'firewall' script is stored on Shorewall Lite
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4128 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
8c6e0a4391
commit
13da154569
@ -5,3 +5,19 @@
|
||||
#
|
||||
|
||||
CONFIG_PATH=/etc/shorewall-lite:/usr/share/shorewall-lite
|
||||
|
||||
#
|
||||
# SHOREWALL LITE'S FIREWALL SCRIPT DIRECTORY
|
||||
#
|
||||
# There is lack of agreement about where exactly in the file hierarchy the
|
||||
# firewall script in Shorewall Lite systems should be stored. To allow
|
||||
# everyone's opinion to prevail (and to prevent the Shorewall author from
|
||||
# going crazy), the LITEDIR option allows you to decide where the file will
|
||||
# be stored on Shorewall Lite systems under your distribution.
|
||||
#
|
||||
# a) You *must* set a value for this option
|
||||
# b) The same value must be configured in
|
||||
# /usr/share/shorewall/configpath in your Shorewall package
|
||||
# system(s).
|
||||
|
||||
LITEDIR=/var/lib/shorewall-lite
|
||||
|
||||
@ -23,13 +23,19 @@ Other changes in 3.2.0 RC 4
|
||||
installed on your administrative system(s) and Shorewall Lite RC4
|
||||
on the firewall system(s).
|
||||
|
||||
2) To appease the LHS police, the file
|
||||
/usr/share/shorewall-lite/firewall has been moved to
|
||||
2) /usr/share/shorewall-lite/firewall has been moved to
|
||||
/var/lib/shorewall-lite/firewall. When upgrading to this release of
|
||||
Shorewall Lite, please execute the following command:
|
||||
|
||||
cp -a /usr/share/shorewall-lite/firewall /var/lib/shorewall-lite/
|
||||
|
||||
Note : The 'firewall' script is in /var/lib/shorewall-lite in
|
||||
packages from shorewall.net. The package maintainers for the
|
||||
various distributions are free to choose the directory where the
|
||||
script will be stored under their distribution. You can look in
|
||||
your /usr/share/shorewall-lite/configpath file to see what your
|
||||
distribution defines for the value of LITEDIR.
|
||||
|
||||
New Features:
|
||||
|
||||
Shorewall Lite is a companion product to Shorewall and is designed to
|
||||
@ -65,6 +71,13 @@ e) On the administrative system, for each firewall system you:
|
||||
/sbin/shorewall compile -e . firewall
|
||||
scp firewall root@<firewall system>:/var/lib/shorewall-lite/
|
||||
|
||||
Note : The 'firewall' script is in /var/lib/shorewall-lite in
|
||||
packages from shorewall.net. The package maintainers for the
|
||||
various distributions are free to choose the directory where the
|
||||
script will be stored under their distribution. You can look in
|
||||
your /usr/share/shorewall-lite/configpath file to see what your
|
||||
distribution defines for the value of LITEDIR.
|
||||
|
||||
3) On the firewall system, 'shorewall-lite start'.
|
||||
|
||||
It is possible to have both shorewall and Shorewall Lite
|
||||
|
||||
@ -220,6 +220,11 @@ get_config() {
|
||||
|
||||
export VERBOSE
|
||||
|
||||
if [ -n "$LITEDIR" ]; then
|
||||
echo " ERROR: You must set the LITEDIR option in /etc/shorewall-lite/shorewall.conf" >&2
|
||||
exit 2
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
#
|
||||
@ -462,10 +467,10 @@ start_command() {
|
||||
do_it() {
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall $debugging start
|
||||
if [ -x ${LITEDIR}/firewall ]; then
|
||||
${LITEDIR}/firewall $debugging start
|
||||
else
|
||||
error_message "${VARDIR}/firewall is missing or is not executable"
|
||||
error_message "${LITEDIR}/firewall is missing or is not executable"
|
||||
fi
|
||||
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
@ -629,10 +634,10 @@ restart_command() {
|
||||
|
||||
[ -n "$nolock" ] || mutex_on
|
||||
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
$SHOREWALL_SHELL ${VARDIR}/firewall $debugging restart
|
||||
if [ -x ${LITEDIR}/firewall ]; then
|
||||
$SHOREWALL_SHELL ${LITEDIR}/firewall $debugging restart
|
||||
else
|
||||
error_message "${VARDIR}/firewall is missing or is not executable"
|
||||
error_message "${LITEDIR}/firewall is missing or is not executable"
|
||||
fi
|
||||
|
||||
[ -n "$nolock" ] || mutex_off
|
||||
@ -1171,7 +1176,6 @@ VARDIR=/var/lib/shorewall-lite
|
||||
CONFDIR=/etc/shorewall-lite
|
||||
export PRODUCT="Shorewall Lite"
|
||||
|
||||
FIREWALL=$VARDIR/firewall
|
||||
FUNCTIONS=$SHAREDIR/functions
|
||||
VERSION_FILE=$SHAREDIR/version
|
||||
HELP=$SHAREDIR/help
|
||||
@ -1204,6 +1208,8 @@ export CONFIG_PATH
|
||||
|
||||
get_config
|
||||
|
||||
FIREWALL=$LITEDIR/firewall
|
||||
|
||||
if [ ! -f $FIREWALL ]; then
|
||||
echo " ERROR: Shorewall Lite is not properly installed" >&2
|
||||
if [ -L $FIREWALL ]; then
|
||||
|
||||
@ -11,3 +11,18 @@
|
||||
# from trying to use configuration information from /etc/shorewall.
|
||||
|
||||
CONFIG_PATH=${CONFDIR}:/usr/share/shorewall
|
||||
|
||||
#
|
||||
# SHOREWALL LITE'S FIREWALL SCRIPT DIRECTORY
|
||||
#
|
||||
# There is lack of agreement about where exactly in the file hierarchy the
|
||||
# firewall script in Shorewall Lite systems should be stored. To allow
|
||||
# everyone's opinion to prevail (and to prevent the Shorewall author from
|
||||
# going crazy), the LITEDIR option allows you to decide where the file will
|
||||
# be stored on Shorewall Lite systems under your distribution.
|
||||
#
|
||||
# a) You *must* set a value for this option
|
||||
# b) The same value must be configured in
|
||||
# /usr/share/shorewall-lite/configpath in your Shorewall Lite package.
|
||||
|
||||
LITEDIR=/var/lib/shorewall-lite
|
||||
|
||||
@ -219,6 +219,8 @@ ensure_config_path() {
|
||||
[ -f $F ] || { echo " ERROR: $F does not exist"; exit 2; }
|
||||
. $F
|
||||
fi
|
||||
|
||||
[ -n "$LITEDIR" ] || { echo " ERROR: LITEDIR not defined in $F"; exit 2; }
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@ -257,7 +257,7 @@ reload)
|
||||
Causes the shorewall configuration in <directory> to be compiled into a
|
||||
program called '<directory>/firewall'. If compilation is successful,
|
||||
the '<directory>/firewall' script is copied via scp to the
|
||||
/var/lib/shorewall-lite/ directory on <system>. If the script is copied
|
||||
${LITEDIR} directory on <system>. If the script is copied
|
||||
successfully, Shorewall Lite on <system> is restarted via ssh."
|
||||
;;
|
||||
|
||||
|
||||
@ -72,8 +72,12 @@ Other changes in 3.2.0 RC 4
|
||||
Shorewall Lite on <system> is restarted via ssh.
|
||||
|
||||
Note 1: In Shorewall Lite 3.2.0 RC4, the 'firewall' script has moved
|
||||
from /usr/share/shorewall/ to /var/lib/shorewall/ in order to
|
||||
appease the LHS police.
|
||||
from /usr/share/shorewall-lite/ to /var/lib/shorewall-lite in
|
||||
packages from shorewall.net. The package maintainers for the
|
||||
various distributions are free to choose the directory where the
|
||||
script will be stored under their distribution. You can look in
|
||||
your /usr/share/shorewall/configpath file to see what your
|
||||
distribution defines for the value of LITEDIR.
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
|
||||
@ -1301,8 +1301,8 @@ reload_command()
|
||||
local verbose=$(make_verbose)
|
||||
|
||||
shorewall $debugging $verbose compile -e $1 $1/firewall && \
|
||||
echo "Copying firewall to ${2}/var/lib/shorewall-lite/..." && \
|
||||
scp $1/firewall root@${2}:/var/lib/shorewall-lite/ && \
|
||||
echo "Copying ${1}/firewall to ${2}:${LITEDIR}..." && \
|
||||
scp $1/firewall root@${2}:${LITEDIR}/ && \
|
||||
echo "Copy complete" && \
|
||||
ssh root@${2} "/sbin/shorewall-lite $debugging $verbose restart" && \
|
||||
progress_message3 "System $2 reloaded"
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
</author>
|
||||
</authorgroup>
|
||||
|
||||
<pubdate>2006-06-16</pubdate>
|
||||
<pubdate>2006-06-17</pubdate>
|
||||
|
||||
<copyright>
|
||||
<year>2006</year>
|
||||
@ -241,6 +241,16 @@
|
||||
<programlisting><command>cd <configuration directory></command>
|
||||
<command>/sbin/shorewall compile -e . firewall</command>
|
||||
<command>scp firewall root@<firewall system>:/var/lib/shorewall-lite/</command></programlisting>
|
||||
|
||||
<note>
|
||||
<para>The 'firewall' script is in <filename
|
||||
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||
from shorewall.net. The package maintainers for the various
|
||||
distributions are free to choose the directory where the script
|
||||
will be stored under their distribution. You can look in your
|
||||
/usr/share/shorewall/configpath file to see what your
|
||||
distribution defines for the value of LITEDIR.</para>
|
||||
</note>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
</listitem>
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
</author>
|
||||
</authorgroup>
|
||||
|
||||
<pubdate>2006-06-16</pubdate>
|
||||
<pubdate>2006-06-17</pubdate>
|
||||
|
||||
<copyright>
|
||||
<year>2004</year>
|
||||
@ -977,6 +977,16 @@
|
||||
<system> using scp. If the copy succeeds, Shorewall Lite on
|
||||
<system> is restarted via ssh.</para>
|
||||
|
||||
<note>
|
||||
<para>The 'firewall' script is in <filename
|
||||
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||
from shorewall.net. The package maintainers for the various
|
||||
distributions are free to choose the directory where the script
|
||||
will be stored under their distribution. You can look in your
|
||||
/usr/share/shorewall/configpath file to see what your distribution
|
||||
defines for the value of LITEDIR.</para>
|
||||
</note>
|
||||
|
||||
<para>Example: <command>shorewall reload gateway</command></para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user