diff --git a/Shorewall-lite/shorewall-lite.service b/Shorewall-lite/shorewall-lite.service index 42dd729ee..76490236a 100644 --- a/Shorewall-lite/shorewall-lite.service +++ b/Shorewall-lite/shorewall-lite.service @@ -5,7 +5,7 @@ # [Unit] Description=Shorewall IPv4 firewall (lite) -After=network.target +After=network-online.target Conflicts=iptables.service firewalld.service [Service] diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index d36f7430a..29ceeb782 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -649,10 +649,7 @@ sub compiler { set_config_path( $config_path ) if $config_path; - if ( $directory ne '' ) { - fatal_error "$directory is not an existing directory" unless -d $directory; - set_shorewall_dir( $directory ); - } + set_shorewall_dir( $directory ) if $directory ne ''; $verbosity = 1 if $debug && $verbosity < 1; @@ -665,15 +662,6 @@ sub compiler { # get_configuration( $export , $update , $annotate , $directives , $inline ); # - # Create a temp file to hold the script - # - if ( $scriptfilename ) { - set_command( 'compile', 'Compiling', 'Compiled' ); - create_temp_script( $scriptfilename , $export ); - } else { - set_command( 'check', 'Checking', 'Checked' ); - } - # # Chain table initialization depends on shorewall.conf and capabilities. So it must be deferred until # now when shorewall.conf has been processed and the capabilities have been determined. # @@ -683,6 +671,15 @@ sub compiler { # run_user_exit1 'compile'; # + # Create a temp file to hold the script + # + if ( $scriptfilename ) { + set_command( 'compile', 'Compiling', 'Compiled' ); + create_temp_script( $scriptfilename , $export ); + } else { + set_command( 'check', 'Checking', 'Checked' ); + } + # # Z O N E D E F I N I T I O N # (Produces no output to the compiled script) # diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index eb08c39ae..cdadcf6c8 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -1268,9 +1268,7 @@ sub cleanup_iptables() { qt1( "$iptables $iptablesw -t raw -X $sillyname" ); } - $sillyname = $sillyname1 = undef; - - $sillyname = ''; + $sillyname = $sillyname1 = ''; } # @@ -1591,7 +1589,7 @@ sub set_command( $$$ ) { # # Print the current TOD to STDOUT. # -sub timestamp() { +sub get_localtime() { our @localtime = localtime; printf '%02d:%02d:%02d ', @localtime[2,1,0]; } @@ -1608,7 +1606,7 @@ sub progress_message { $line =~ s/\s+/ /g; if ( $verbosity > 1 ) { - timestamp, $havelocaltime = 1 if $timestamp; + get_localtime, $havelocaltime = 1 if $timestamp; # # We use this function to display messages containing raw config file images which may contains tabs (including multiple tabs in succession). # The following makes such messages look more readable and uniform @@ -1631,7 +1629,7 @@ sub progress_message_nocompress { my $havelocaltime = 0; if ( $verbosity > 1 ) { - timestamp, $havelocaltime = 1 if $timestamp; + get_localtime, $havelocaltime = 1 if $timestamp; print "@_\n"; } @@ -1652,7 +1650,7 @@ sub progress_message2 { my $havelocaltime = 0; if ( $verbosity > 0 ) { - timestamp, $havelocaltime = 1 if $timestamp; + get_localtime, $havelocaltime = 1 if $timestamp; print "@_\n"; } @@ -1673,7 +1671,7 @@ sub progress_message3 { my $havelocaltime = 0; if ( $verbosity >= 0 ) { - timestamp, $havelocaltime = 1 if $timestamp; + get_localtime, $havelocaltime = 1 if $timestamp; print "@_\n"; } @@ -1762,7 +1760,7 @@ sub create_temp_script( $$ ) { } -# Generate the SHA1 digest of the (incomplete script) +# Generate the SHA1 digest of the (incomplete) script # sub generate_sha1() { my $data = `cat $tempfile`; @@ -1840,7 +1838,7 @@ sub set_config_path( $ ) { } # -# Set $debug +# Set $debug and $confess # sub set_debug( $$ ) { $debug = shift; @@ -1865,6 +1863,9 @@ sub find_file($) "$config_path[0]$filename"; } +# +# Split a comma-separated list into a Perl array +# sub split_list( $$;$ ) { my ($list, $type, $origlist ) = @_; @@ -1873,6 +1874,9 @@ sub split_list( $$;$ ) { split /,/, $list; } +# +# This version handles parenthetical list elements with embedded commas. It removes the parentheses +# sub split_list1( $$;$ ) { my ($list, $type, $keepparens ) = @_; @@ -2024,6 +2028,9 @@ sub split_list3( $$ ) { @list2; } +# +# Splits the columns of a config file record +# sub split_columns( $ ) { my ($list) = @_; @@ -4752,6 +4759,7 @@ sub ensure_config_path() { # sub set_shorewall_dir( $ ) { $shorewall_dir = shift; + fatal_error "$shorewall_dir is not an existing directory" unless -d $shorewall_dir; ensure_config_path; } diff --git a/Shorewall/shorewall.service b/Shorewall/shorewall.service index c61e1abf7..41223714e 100644 --- a/Shorewall/shorewall.service +++ b/Shorewall/shorewall.service @@ -5,7 +5,7 @@ # [Unit] Description=Shorewall IPv4 firewall -After=network.target +After=network-online.target Conflicts=iptables.service firewalld.service [Service] diff --git a/Shorewall6-lite/shorewall6-lite.service b/Shorewall6-lite/shorewall6-lite.service index 19cc137b6..6ca161f9b 100644 --- a/Shorewall6-lite/shorewall6-lite.service +++ b/Shorewall6-lite/shorewall6-lite.service @@ -5,7 +5,7 @@ # [Unit] Description=Shorewall IPv6 firewall (lite) -After=network.target +After=network-online.target Conflicts=ip6tables.service firewalld.service [Service] diff --git a/Shorewall6/shorewall6.service b/Shorewall6/shorewall6.service index 1f17db8c6..0d79c28c3 100644 --- a/Shorewall6/shorewall6.service +++ b/Shorewall6/shorewall6.service @@ -5,7 +5,7 @@ # [Unit] Description=Shorewall IPv6 firewall -After=network.target +After=network-online.target Conflicts=ip6tables.service firewalld.service [Service]