From edd9360b4155ca657f9830b7e1433b85dee6d5ac Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 8 Oct 2012 07:35:47 -0700 Subject: [PATCH 1/3] Make the -lite installers consistent with the others WRT SYSTEMD and INITFILE Signed-off-by: Tom Eastep --- Shorewall-lite/install.sh | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index ddf0bf8ce..fcc259683 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -189,7 +189,6 @@ PATH=${SBINDIR}:/bin:/usr${SBINDIR}:/usr/bin:/usr/local/bin:/usr/local${SBINDIR} # cygwin= INSTALLD='-D' -INITFILE=$PRODUCT T='-T' if [ -z "$BUILD" ]; then @@ -281,21 +280,11 @@ if [ -n "$DESTDIR" ]; then install -d $OWNERSHIP -m 755 ${DESTDIR}/${SBINDIR} install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR} - - if [ -n "$SYSTEMD" ]; then - mkdir -p ${DESTDIR}/lib/systemd/system - INITFILE= - fi else if [ ! -f /usr/share/shorewall/coreversion ]; then echo "$PRODUCT $VERSION requires Shorewall Core which does not appear to be installed" >&2 exit 1 fi - - if [ -f /lib/systemd/system ]; then - SYSTEMD=Yes - INITFILE= - fi fi echo "Installing $Product Version $VERSION" @@ -364,6 +353,7 @@ fi # Install the .service file # if [ -n "$SYSTEMD" ]; then + mkdir -p ${DESTDIR}${SYSTEMD} run_install $OWNERSHIP -m 600 $PRODUCT.service ${DESTDIR}/${SYSTEMD}/$PRODUCT.service [ ${SBINDIR} != /sbin ] && eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${SYSTEMD}/$PRODUCT.service echo "Service file installed as ${DESTDIR}/lib/systemd/system/$PRODUCT.service" From f53618fc0ce942658a21ca253d1618f49734dd4c Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 8 Oct 2012 08:54:54 -0700 Subject: [PATCH 2/3] Re-order logic in add_group_to_zone - Need to normalize the address prior to comparing it with ALLIP Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Zones.pm | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 3b07f16a0..e19c7fbc8 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -763,6 +763,13 @@ sub add_group_to_zone($$$$$) $new = \@exclusions; } + if ( substr( $host, 0, 1 ) eq '+' ) { + fatal_error "Invalid ipset name ($host)" unless $host =~ /^\+(6_)?[a-zA-Z][-\w]*$/; + require_capability( 'IPSET_MATCH', 'Ipset names in host lists', ''); + } else { + $host = validate_host $host, 0; + } + unless ( $switched ) { if ( $type == $zonetype ) { fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if $interfaces{$interface}{zone} eq $zone; @@ -781,13 +788,6 @@ sub add_group_to_zone($$$$$) } } - if ( substr( $host, 0, 1 ) eq '+' ) { - fatal_error "Invalid ipset name ($host)" unless $host =~ /^\+(6_)?[a-zA-Z][-\w]*$/; - require_capability( 'IPSET_MATCH', 'Ipset names in host lists', ''); - } else { - $host = validate_host $host, 0; - } - push @$new, $host; } From 4bb86d8126b1a4cdb92c9d9604bbfafb20e43bd3 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 9 Oct 2012 16:53:49 -0700 Subject: [PATCH 3/3] Correct typo in shorewallrc.default Signed-off-by: Tom Eastep --- Shorewall-core/shorewallrc.default | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Shorewall-core/shorewallrc.default b/Shorewall-core/shorewallrc.default index f2a0b556d..f88f3618b 100644 --- a/Shorewall-core/shorewallrc.default +++ b/Shorewall-core/shorewallrc.default @@ -10,7 +10,7 @@ PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl mod CONFDIR=/etc #Directory where subsystem configurations are installed SBINDIR=/sbin #Directory where system administration programs are installed MANDIR=${PREFIX}/man #Directory where manpages are installed. -INITDIR=etc/init.d #Directory where SysV init scripts are installed. +INITDIR=/etc/init.d #Directory where SysV init scripts are installed. INITFILE=$PRODUCT #Name of the product's installed SysV init script INITSOURCE=init.sh #Name of the distributed file to be installed as the SysV init script ANNOTATED= #If non-zero, annotated configuration files are installed