extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-02 20:06:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move the main firewall script to /usr/lib/shorewall

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-10-15 15:00:11 +00:00
parent 5b84c98eb7
commit 23f6bb2371
6 changed files with 102 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall/fallback.sh
View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=1.3.9b VERSION=1.3.10
usage() # $1 = exit status usage() # $1 = exit status
{ {
@ -38,7 +38,7 @@ usage() # $1 = exit status
restore_file() # $1 = file to restore restore_file() # $1 = file to restore
{ {
if [ -f ${1}-${VERSION}.bkout ]; then if [ -f ${1}-${VERSION}.bkout -o -L ${1}-${VERSION}.bkout ]; then
if (mv -f ${1}-${VERSION}.bkout $1); then if (mv -f ${1}-${VERSION}.bkout $1); then
echo echo
echo "$1 restored" echo "$1 restored"
@ -63,6 +63,10 @@ if [ -L /usr/lib/shorewall/firewall ]; then
elif [ -L /var/lib/shorewall/firewall ]; then elif [ -L /var/lib/shorewall/firewall ]; then
FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'` FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
restore_file $FIREWALL restore_file $FIREWALL
elif [ -L /usr/lib/shorewall/init ]; then
FIREWALL=`ls -l /usr/lib/shorewall/init | sed 's/^.*> //'`
restore_file $FIREWALL
restore_file /usr/lib/shorewall/firewall
fi fi
restore_file /sbin/shorewall restore_file /sbin/shorewall
@ -74,6 +78,7 @@ restore_file /etc/shorewall/shorewall.conf
restore_file /etc/shorewall/functions restore_file /etc/shorewall/functions
restore_file /usr/lib/shorewall/functions restore_file /usr/lib/shorewall/functions
restore_file /var/lib/shorewall/functions restore_file /var/lib/shorewall/functions
restore_file /usr/lib/shorewall/firewall
restore_file /etc/shorewall/common.def restore_file /etc/shorewall/common.def

16
Shorewall/firewall
View File

@ -1,5 +1,4 @@
#!/bin/sh #!/bin/sh
RCDLINKS="2,S41 3,S41 6,K41"
# #
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V1.3 6/14/2002 # The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V1.3 6/14/2002
# #
@ -41,20 +40,6 @@ RCDLINKS="2,S41 3,S41 6,K41"
# shorewall refresh . Rebuild the common chain # shorewall refresh . Rebuild the common chain
# shorewall check Verify the more heavily-used # shorewall check Verify the more heavily-used
# configuration files. # configuration files.
#### BEGIN INIT INFO
# Provides: shorewall
# Required-Start: $network
# Required-Stop:
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Description: starts and stops the shorewall firewall
### END INIT INFO
# chkconfig: 2345 25 90
# description: Packet filtering firewall
#
############################################################################### ###############################################################################
# Search a list looking for a match -- returns zero if a match found # # Search a list looking for a match -- returns zero if a match found #
# 1 otherwise # # 1 otherwise #
@ -1161,6 +1146,7 @@ setup_tunnels() # $1 = name of tunnels file
for z in `separate_list $3`; do for z in `separate_list $3`; do
if validate_zone $z; then if validate_zone $z; then
addrule ${FW}2${z} -p udp --sport 500 --dport 500 $options addrule ${FW}2${z} -p udp --sport 500 --dport 500 $options
addrule ${z}2${FW} -p udp --sport 500 --dport 500 $options
else else
error_message "Warning: Invalid gateway zone ($z)" \ error_message "Warning: Invalid gateway zone ($z)" \
" -- Tunnel \"$tunnel\" may encounter keying problems" " -- Tunnel \"$tunnel\" may encounter keying problems"

75
Shorewall/init.sh Normal file
View File

@ -0,0 +1,75 @@
#!/bin/sh
RCDLINKS="2,S41 3,S41 6,K41"
#
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V1.3 6/14/2002
#
# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
#
# (c) 1999,2000,2001,2002 - Tom Eastep (teastep@shorewall.net)
#
# On most distributions, this file should be called:
# /etc/rc.d/init.d/shorewall or /etc/init.d/shorewall
#
# Complete documentation is available at http://shorewall.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of Version 2 of the GNU General Public License
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
#
# If an error occurs while starting or restarting the firewall, the
# firewall is automatically stopped.
#
# Commands are:
#
# shorewall start Starts the firewall
# shorewall restart Restarts the firewall
# shorewall stop Stops the firewall
# shorewall status Displays firewall status
#
#### BEGIN INIT INFO
# Provides: shorewall
# Required-Start: $network
# Required-Stop:
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Description: starts and stops the shorewall firewall
### END INIT INFO
# chkconfig: 2345 25 90
# description: Packet filtering firewall
#
################################################################################
# Give Usage Information #
################################################################################
usage() {
echo "Usage: $0 start|stop|restart|status"
exit 1
}
################################################################################
# E X E C U T I O N B E G I N S H E R E #
################################################################################
command="$1"
case "$command" in
stop|start|restart|status)
exec /sbin/shorewall $@
;;
*)
usage
;;
esac

24
Shorewall/install.sh
View File

@ -54,7 +54,7 @@
# /etc/rc.d/rc.local file is modified to start the firewall. # /etc/rc.d/rc.local file is modified to start the firewall.
# #
VERSION=1.3.9b VERSION=1.3.10
usage() # $1 = exit status usage() # $1 = exit status
{ {
@ -237,7 +237,7 @@ if [ -n "$RUNLEVELS" ]; then
echo "/# chkconfig/ { print \"# chkconfig: $RUNLEVELS\" ; next }" > awk.temp echo "/# chkconfig/ { print \"# chkconfig: $RUNLEVELS\" ; next }" > awk.temp
echo "{ print }" >> awk.temp echo "{ print }" >> awk.temp
awk -f awk.temp firewall > firewall.temp awk -f awk.temp init.sh > init.temp
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo -e "\nERROR: Error running awk." echo -e "\nERROR: Error running awk."
@ -246,11 +246,11 @@ if [ -n "$RUNLEVELS" ]; then
exit 1 exit 1
fi fi
install_file_with_backup firewall.temp ${PREFIX}${DEST}/$FIREWALL 0544 install_file_with_backup init.temp ${PREFIX}${DEST}/$FIREWALL 0544
rm -f firewall.temp awk.tmp rm -f init.temp awk.tmp
else else
install_file_with_backup firewall ${PREFIX}${DEST}/$FIREWALL 0544 install_file_with_backup init.sh ${PREFIX}${DEST}/$FIREWALL 0544
fi fi
echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL" echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL"
@ -476,13 +476,15 @@ chmod 644 ${PREFIX}/usr/lib/shorewall/version
if [ -z "$PREFIX" ]; then if [ -z "$PREFIX" ]; then
rm -f /etc/shorewall/firewall rm -f /etc/shorewall/firewall
rm -f /var/lib/shorewall/firewall rm -f /var/lib/shorewall/firewall
rm -f /usr/lib/shorewall/firewall [ -L /usr/lib/shorewall/firewall] && \
ln -s ${DEST}/${FIREWALL} /usr/lib/shorewall/firewall mv -f /usr/lib/shorewall/firewall /usr/lib/shorewall/firewall-${VERSION}.bkout
else rm -f /usr/lib/shorewall/init
pushd ${PREFIX}/usr/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null ln -s ${DEST}/${FIREWALL} /usr/lib/shorewall/init
fi fi
#
echo -e "\n${PREFIX}/usr/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL" # Install the firewall script
#
install_file_with_backup firewall ${PREFIX}/usr/lib/shorewall/firewall 0544
if [ -z "$PREFIX" -a -n "$first_install" ]; then if [ -z "$PREFIX" -a -n "$first_install" ]; then
if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then

7
Shorewall/shorewall.spec
View File

@ -1,5 +1,5 @@
%define name shorewall %define name shorewall
%define version 1.3.9b %define version 1.3.10
%define release 1 %define release 1
%define prefix /usr %define prefix /usr
@ -95,11 +95,14 @@ fi
%attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918 %attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918
%attr(0544,root,root) /sbin/shorewall %attr(0544,root,root) /sbin/shorewall
%attr(0444,root,root) /usr/lib/shorewall/functions %attr(0444,root,root) /usr/lib/shorewall/functions
/usr/lib/shorewall/firewall %attr(0544,root,root) /usr/lib/shorewall/firewall
%doc documentation %doc documentation
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog %changelog
* Tue Oct 15 2002 Tom Eastep <tom@shorewall.net>
- Changed version to 1.3.10
- Replaced symlink with real file
* Wed Oct 09 2002 Tom Eastep <tom@shorewall.net> * Wed Oct 09 2002 Tom Eastep <tom@shorewall.net>
- Changed version to 1.3.9b - Changed version to 1.3.9b
* Mon Sep 30 2002 Tom Eastep <tom@shorewall.net> * Mon Sep 30 2002 Tom Eastep <tom@shorewall.net>

2
Shorewall/uninstall.sh
View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Seattle Firewall # shown below. Simply run this script to remove Seattle Firewall
VERSION=1.3.9b VERSION=1.3.10
usage() # $1 = exit status usage() # $1 = exit status
{ {