extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 12:09:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

More update fixes

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-08-09 14:31:47 -07:00
parent 0d635632e3
commit 2ab8bd3040
4 changed files with 46 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -635,6 +635,7 @@ sub compiler {
directives => { store => \$directives, validate=> \&validate_boolean } , directives => { store => \$directives, validate=> \&validate_boolean } ,
tcrules => { store => \$tcrules, validate=> \&validate_boolean } , tcrules => { store => \$tcrules, validate=> \&validate_boolean } ,
routestopped => { store => \$routestopped, validate=> \&validate_boolean } , routestopped => { store => \$routestopped, validate=> \&validate_boolean } ,
notrack => { store => \$notrack, validate=> \&validate_boolean } ,
config_path => { store => \$config_path } , config_path => { store => \$config_path } ,
shorewallrc => { store => \$shorewallrc } , shorewallrc => { store => \$shorewallrc } ,
shorewallrc1 => { store => \$shorewallrc1 } , shorewallrc1 => { store => \$shorewallrc1 } ,

24
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -247,7 +247,7 @@ sub remove_blacklist( $ ) {
} }
# #
# Convert a pre-4.4.25 blacklist to a 4.4.25 blacklist # Convert a pre-4.4.25 blacklist to a 4.4.25 blrules file
# #
sub convert_blacklist() { sub convert_blacklist() {
my $zones = find_zones_by_option 'blacklist', 'in'; my $zones = find_zones_by_option 'blacklist', 'in';
@ -265,7 +265,19 @@ sub convert_blacklist() {
$target = verify_audit( $disposition ); $target = verify_audit( $disposition );
} }
my $fn = open_file 'blacklist'; my $fn = open_file( 'blacklist' );
unless ( $fn ) {
if ( -f ( $fn = find_file( 'blacklist' ) ) ) {
if ( unlink( $fn ) ) {
warning_message "Empty blacklist file ($fn) removed";
} else {
warning_message "Unable to remove empty blacklist file $fn: $!";
}
}
return 0;
}
first_entry "Converting $fn..."; first_entry "Converting $fn...";
@ -558,6 +570,12 @@ EOF
rename $fn, "$fn.bak"; rename $fn, "$fn.bak";
progress_message2 "Routestopped file $fn saved in $fn.bak"; progress_message2 "Routestopped file $fn saved in $fn.bak";
close $stoppedrules; close $stoppedrules;
} elsif ( -f ( my $fn1 = find_file( 'routestopped' ) ) ) {
if ( unlink( $fn1 ) ) {
warning_message "Empty routestopped file ($fn1) removed";
} else {
warning_message "Unable to remove empty routestopped file $fn1: $!";
}
} }
} }
@ -826,7 +844,7 @@ sub add_common_rules ( $$$ ) {
if ( $upgrade_blacklist ) { if ( $upgrade_blacklist ) {
exit 0 unless convert_blacklist || $upgrade_tcrules || $upgrade_routestopped; exit 0 unless convert_blacklist || $upgrade_tcrules || $upgrade_routestopped;
} elsif ( my $fn = find_file 'blacklist' ) { } elsif ( -f ( my $fn = find_file 'blacklist' ) ) {
warning_message "The blacklist file is no longer supported -- use '$product update -b' to convert $fn to the equivalent blrules file"; warning_message "The blacklist file is no longer supported -- use '$product update -b' to convert $fn to the equivalent blrules file";
} }

14
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -280,7 +280,7 @@ sub setup_conntrack($) {
my $fn; my $fn;
my @files = $convert ? ( qw/notrack conntrack/ ) : ( 'conntrack' ); my @files = $convert ? ( qw/notrack conntrack/ ) : ( 'conntrack' );
for my $name ( qw/notrack conntrack/ ) { for my $name ( @files ) {
$fn = open_file( $name, 3 , 1 ); $fn = open_file( $name, 3 , 1 );
@ -349,6 +349,14 @@ sub setup_conntrack($) {
} }
} elsif ( $name eq 'notrack' ) { } elsif ( $name eq 'notrack' ) {
$convert = undef; $convert = undef;
if ( -f ( my $fn1 = find_file( $name ) ) ) {
if ( unlink( $fn1 ) ) {
warning_message "Empty notrack file ($fn1) removed";
} else {
warning_message "Unable to remove empty notrack file ($fn1): $!";
}
}
} }
} }
@ -369,7 +377,7 @@ sub setup_conntrack($) {
# #
############################################################################################################## ##############################################################################################################
EOF EOF
print $conntrack '?' . "FORMAT 3"; print $conntrack '?' . "FORMAT 3\n";
print $conntrack <<'EOF'; print $conntrack <<'EOF';
#ACTION SOURCE DESTINATION PROTO DEST SOURCE USER/ SWITCH #ACTION SOURCE DESTINATION PROTO DEST SOURCE USER/ SWITCH
@ -391,7 +399,7 @@ EOF
# #
$empty = undef; $empty = undef;
print $conntrack '?' . "format 1\n" unless $currentline =~ /^\s*\??FORMAT/i; print $conntrack '?' . "FORMAT 1\n" unless $currentline =~ /^\s*\??FORMAT/i;
} }
print $conntrack "$currentline\n"; print $conntrack "$currentline\n";

14
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -3218,11 +3218,23 @@ sub setup_tc( $ ) {
} else { } else {
fatal_error "Cannot Rename $fn to $fn.bak: $!"; fatal_error "Cannot Rename $fn to $fn.bak: $!";
} }
} else {
if ( unlink $fn ) {
warning_message "Empty tcrules file ($fn) removed";
} else {
warning_message "Unable to remove empty tcrules file $fn: $!";
}
} }
close $mangle, directive_callback( 0 ); close $mangle, directive_callback( 0 );
} elsif ( -f ( my $fn = find_file( 'tcrules' ) ) ) {
if ( unlink $fn ) {
warning_message "Empty tcrules file ($fn) removed";
} else {
warning_message "Unable to remove empty tcrules file $fn: $!";
}
} }
} elsif ( my $fn = find_file( 'tcrules' ) ) { } elsif ( -f ( my $fn = find_file( 'tcrules' ) ) ) {
warning_message "The tcrules file is no longer supported -- use the '$product update -t' to convert $fn to an equivalent 'mangle' file"; warning_message "The tcrules file is no longer supported -- use the '$product update -t' to convert $fn to an equivalent 'mangle' file";
} }