From 1b7a7d0fdf1a074994da4efcc17cc6e1ef63feac Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 17 Aug 2012 14:24:52 -0700 Subject: [PATCH] Remove some more hard-coded directory names from the installers Signed-off-by: Tom Eastep --- Shorewall-init/install.sh | 10 +++++----- Shorewall-lite/install.sh | 8 ++++---- Shorewall/install.sh | 2 +- docs/FAQ.xml | 18 ++++++++++++++++-- 4 files changed, 26 insertions(+), 12 deletions(-) diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh index 69387aa32..fb677ac8e 100755 --- a/Shorewall-init/install.sh +++ b/Shorewall-init/install.sh @@ -297,8 +297,8 @@ fi # # Create /usr/share/shorewall-init if needed # -mkdir -p ${DESTDIR}/usr/share/shorewall-init -chmod 755 ${DESTDIR}/usr/share/shorewall-init +mkdir -p ${DESTDIR}${SHAREDIR}/shorewall-init +chmod 755 ${DESTDIR}${SHAREDIR}/shorewall-init # # Install logrotate file @@ -311,14 +311,14 @@ fi # # Create the version file # -echo "$VERSION" > ${DESTDIR}/usr/share/shorewall-init/version -chmod 644 ${DESTDIR}/usr/share/shorewall-init/version +echo "$VERSION" > ${DESTDIR}/${SHAREDIR}/shorewall-init/version +chmod 644 ${DESTDIR}${SHAREDIR}/shorewall-init/version # # Remove and create the symbolic link to the init script # if [ -z "$DESTDIR" ]; then - rm -f /usr/share/shorewall-init/init + rm -f ${SHAREDIR}/shorewall-init/init ln -s ${INITDIR}/${INITFILE} ${SHAREDIR}/shorewall-init/init fi diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index e973bf19b..f751dbcb8 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -303,8 +303,8 @@ if [ -z "$DESTDIR" -a -d ${CONFDIR}/$PRODUCT ]; then mv -f ${CONFDIR}/$PRODUCT/shorewall.conf ${CONFDIR}/$PRODUCT/$PRODUCT.conf else rm -rf ${DESTDIR}${CONFDIR}/$PRODUCT - rm -rf ${DESTDIR}/usr/share/$PRODUCT - rm -rf ${DESTDIR}/var/lib/$PRODUCT + rm -rf ${DESTDIR}${SHAREDIR}/$PRODUCT + rm -rf ${DESTDIR}${VARDIR}/$PRODUCT [ "$LIBEXECDIR" = /usr/share ] || rm -rf ${DESTDIR}/usr/share/$PRODUCT/wait4ifup ${DESTDIR}/usr/share/$PRODUCT/shorecap fi @@ -327,9 +327,9 @@ echo "$Product control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT" # Create ${CONFDIR}/$PRODUCT, /usr/share/$PRODUCT and /var/lib/$PRODUCT if needed # mkdir -p ${DESTDIR}${CONFDIR}/$PRODUCT -mkdir -p ${DESTDIR}/usr/share/$PRODUCT +mkdir -p ${DESTDIR}${SHAREDIR}/$PRODUCT mkdir -p ${DESTDIR}${LIBEXECDIR}/$PRODUCT -mkdir -p ${DESTDIR}/var/lib/$PRODUCT +mkdir -p ${DESTDIR}${VARDIR}/$PRODUCT chmod 755 ${DESTDIR}${CONFDIR}/$PRODUCT chmod 755 ${DESTDIR}/usr/share/$PRODUCT diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 26b49e305..0cd1f4be4 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -371,7 +371,7 @@ mkdir -p ${DESTDIR}/${CONFDIR}/$PRODUCT mkdir -p ${DESTDIR}${LIBEXECDIR}/$PRODUCT mkdir -p ${DESTDIR}${PERLLIBDIR}/Shorewall mkdir -p ${DESTDIR}${SHAREDIR}/$PRODUCT/configfiles -mkdir -p ${DESTDIR}/var/lib/$PRODUCT +mkdir -p ${DESTDIR}${VARDIR}/$PRODUCT chmod 755 ${DESTDIR}${CONFDIR}/$PRODUCT chmod 755 ${DESTDIR}${SHAREDIR}/$PRODUCT diff --git a/docs/FAQ.xml b/docs/FAQ.xml index c146d65d6..4ede4eb11 100644 --- a/docs/FAQ.xml +++ b/docs/FAQ.xml @@ -247,7 +247,7 @@ DNAT net:address loc:local-IP-address You are trying to test from inside your firewall (no, that - won't work -- see ). + won't work -- see ). @@ -949,6 +949,20 @@ DNAT loc dmz:192.168.2.4 tcp 80 - Open Ports +
+ (FAQ 100) With Shorewall started, the output of 'iptables -L' + looks like my firewall is wide open! + + Answer: The problem here is that + a bare iptables -L command produces totally useless + output. Use shorewall show instead. + + + The shorewall show command is a wrapper + around iptables -L -n -v. + +
+
(FAQ 51) How do I Open Ports in Shorewall? @@ -2871,7 +2885,7 @@ Shorewall has detected the following iptables/netfilter capabilities: Persistent SNAT: Available gateway:~# - +