Add Redhat/Fedora init scripts from Jonathan Underwood

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-08-22 09:05:40 -07:00
parent 4e15786156
commit 33afe26a19
10 changed files with 592 additions and 4 deletions

View File

@ -0,0 +1,121 @@
#! /bin/bash
#
# chkconfig: - 09 91
# description: Initialize the shorewall firewall at boot time
#
### BEGIN INIT INFO
# Provides: shorewall-init
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: Initialize the shorewall firewall at boot time
# Description: Place the firewall in a safe state at boot time
# prior to bringing up the network.
### END INIT INFO
prog="shorewall-init"
logger="logger -i -t $prog"
lockfile="/var/lock/subsys/shorewall-init"
# Source function library.
. /etc/rc.d/init.d/functions
# Get startup options (override default)
OPTIONS=
# check if shorewall-init is configured or not
if [ -f "/etc/sysconfig/shorewall-init" ]; then
. /etc/sysconfig/shorewall-init
else
echo "/etc/sysconfig/shorewall-init not found"
exit 6
fi
# Initialize the firewall
start () {
local product
local vardir
if [ -z "$PRODUCTS" ]; then
echo "No firewalls configured for shorewall-init"
failure
return 6 #Not configured
fi
echo -n "Initializing \"Shorewall-based firewalls\": "
for product in $PRODUCTS; do
vardir=/var/lib/$product
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
if [ -x ${vardir}/firewall ]; then
${vardir}/firewall stop 2>&1 | $logger
retval=${PIPESTATUS[0]}
[ retval -ne 0 ] && break
fi
done
if [ retval -eq 0 ]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
# Clear the firewall
stop () {
local product
local vardir
echo -n "Clearing \"Shorewall-based firewalls\": "
for product in $PRODUCTS; do
vardir=/var/lib/$product
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
if [ -x ${vardir}/firewall ]; then
${vardir}/firewall clear 2>&1 | $logger
retval=${PIPESTATUS[0]}
[ retval -ne 0 ] && break
fi
done
if [ retval -eq 0 ]; then
rm -f $lockfile
success
else
failure
fi
echo
return $retval
}
status_q() {
status > /dev/null 2>&1
}
case "$1" in
start)
status_q && exit 0
$1
;;
stop)
status_q || exit 0
$1
;;
restart|reload|force-reload)
echo "Not implemented"
exit 3
;;
condrestart|try-restart)
echo "Not implemented"
exit 3
;;
status)
status $prog
;;
*)
echo "Usage: /etc/init.d/shorewall-init {start|stop}"
exit 1
esac
exit 0

View File

@ -160,6 +160,8 @@ elif [ -f /etc/debian_version ]; then
DEBIAN=yes DEBIAN=yes
elif [ -f /etc/SuSE-release ]; then elif [ -f /etc/SuSE-release ]; then
SUSE=Yes SUSE=Yes
elif [ -f /etc/redhat-release ]; then
FEDORA=Yes
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
echo "Shorewall-init is currently not supported on Slackware" >&2 echo "Shorewall-init is currently not supported on Slackware" >&2
exit 1 exit 1
@ -202,6 +204,8 @@ fi
# #
if [ -n "$DEBIAN" ]; then if [ -n "$DEBIAN" ]; then
install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall-init 0544 install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall-init 0544
elif [ -n "$FEDORA" ]; then
install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall-init 0544
#elif [ -n "$ARCHLINUX" ]; then #elif [ -n "$ARCHLINUX" ]; then
# install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544 # install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544
else else

View File

@ -0,0 +1,112 @@
#!/bin/sh
#
# Shorewall init script
#
# chkconfig: - 28 90
# description: Packet filtering firewall
### BEGIN INIT INFO
# Provides: shorewall-lite
# Required-Start: $local_fs $remote_fs $syslog $network
# Should-Start: VMware $time $named
# Required-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: Packet filtering firewall
# Description: The Shoreline Firewall, more commonly known as "Shorewall", is a
# Netfilter (iptables) based firewall
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
prog="shorewall-lite"
shorewall="/sbin/$prog"
logger="logger -i -t $prog"
lockfile="/var/lock/subsys/$prog"
# Get startup options (override default)
OPTIONS=
if [ -f /etc/sysconfig/$prog ]; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting Shorewall: "
$shorewall $OPTIONS start 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping Shorewall: "
$shorewall $OPTIONS stop 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
rm -f $lockfile
success
else
failure
fi
echo
return $retval
}
restart() {
# Note that we don't simply stop and start since shorewall has a built in
# restart which stops the firewall if running and then starts it.
echo -n $"Restarting Shorewall: "
$shorewall $OPTIONS restart 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else # Failed to start, clean up lock file if present
rm -f $lockfile
failure
fi
echo
return $retval
}
status(){
$shorewall status
return $?
}
status_q() {
status > /dev/null 2>&1
}
case "$1" in
start)
status_q && exit 0
$1
;;
stop)
status_q || exit 0
$1
;;
restart|reload|force-reload)
restart
;;
condrestart|try-restart)
status_q || exit 0
restart
;;
status)
$1
;;
*)
echo "Usage: $0 start|stop|reload|restart|force-reload|status"
exit 1
;;
esac

View File

@ -136,7 +136,6 @@ esac
# #
# Determine where to install the firewall script # Determine where to install the firewall script
# #
DEBIAN=
CYGWIN= CYGWIN=
INSTALLD='-D' INSTALLD='-D'
T='-T' T='-T'
@ -173,6 +172,8 @@ if [ -n "$DESTDIR" ]; then
install -d $OWNERSHIP -m 755 ${DESTDIR}${DEST} install -d $OWNERSHIP -m 755 ${DESTDIR}${DEST}
elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then
DEBIAN=yes DEBIAN=yes
elif [ -f /etc/redhat-release ]; then
FEDORA=yes
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
DEST="/etc/rc.d" DEST="/etc/rc.d"
INIT="rc.firewall" INIT="rc.firewall"
@ -223,10 +224,11 @@ echo "Shorewall Lite control program installed in ${DESTDIR}/sbin/shorewall-lite
# Install the Firewall Script # Install the Firewall Script
# #
if [ -n "$DEBIAN" ]; then if [ -n "$DEBIAN" ]; then
install_file init.debian.sh /etc/init.d/shorewall-lite 0544 install_file init.debian.sh ${DESTDIR}etc/init.d/shorewall-lite 0544
elif [ -n "$FEDORA" ]; then
install_file init.fedora.sh ${DESTDIR}etc/init.d/shorewall-lite 0544
elif [ -n "$ARCHLINUX" ]; then elif [ -n "$ARCHLINUX" ]; then
install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544 install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544
else else
install_file init.sh ${DESTDIR}${DEST}/$INIT 0544 install_file init.sh ${DESTDIR}${DEST}/$INIT 0544
fi fi

112
Shorewall/init.fedora.sh Normal file
View File

@ -0,0 +1,112 @@
#!/bin/sh
#
# Shorewall init script
#
# chkconfig: - 28 90
# description: Packet filtering firewall
### BEGIN INIT INFO
# Provides: shorewall
# Required-Start: $local_fs $remote_fs $syslog $network
# Should-Start: VMware $time $named
# Required-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: Packet filtering firewall
# Description: The Shoreline Firewall, more commonly known as "Shorewall", is a
# Netfilter (iptables) based firewall
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
prog="shorewall"
shorewall="/sbin/$prog"
logger="logger -i -t $prog"
lockfile="/var/lock/subsys/$prog"
# Get startup options (override default)
OPTIONS=
if [ -f /etc/sysconfig/$prog ]; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting Shorewall: "
$shorewall $OPTIONS start 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping Shorewall: "
$shorewall $OPTIONS stop 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
rm -f $lockfile
success
else
failure
fi
echo
return $retval
}
restart() {
# Note that we don't simply stop and start since shorewall has a built in
# restart which stops the firewall if running and then starts it.
echo -n $"Restarting Shorewall: "
$shorewall $OPTIONS restart 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else # Failed to start, clean up lock file if present
rm -f $lockfile
failure
fi
echo
return $retval
}
status(){
$shorewall status
return $?
}
status_q() {
status > /dev/null 2>&1
}
case "$1" in
start)
status_q && exit 0
$1
;;
stop)
status_q || exit 0
$1
;;
restart|reload|force-reload)
restart
;;
condrestart|try-restart)
status_q || exit 0
restart
;;
status)
$1
;;
*)
echo "Usage: $0 start|stop|reload|restart|force-reload|status"
exit 1
;;
esac

View File

@ -248,6 +248,9 @@ else
echo "Installing Debian-specific configuration..." echo "Installing Debian-specific configuration..."
DEBIAN=yes DEBIAN=yes
SPARSE=yes SPARSE=yes
elif [ -f /etc/redhat-version ]; then
echo "Installing Redhat/Fedora-specific configuration..."
FEDORA=yes
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
echo "Installing Slackware-specific configuration..." echo "Installing Slackware-specific configuration..."
DEST="/etc/rc.d" DEST="/etc/rc.d"
@ -301,6 +304,8 @@ fi
# #
if [ -n "$DEBIAN" ]; then if [ -n "$DEBIAN" ]; then
install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall 0544 install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall 0544
elif [ -n "$FEDORA" ]; then
install_file init.fedora.sh ${DESTDIR}/etc/init.d/shorewall 0544
elif [ -n "$ARCHLINUX" ]; then elif [ -n "$ARCHLINUX" ]; then
install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544 install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544
elif [ -n "$SLACKWARE" ]; then elif [ -n "$SLACKWARE" ]; then

View File

@ -0,0 +1,112 @@
#!/bin/sh
#
# Shorewall init script
#
# chkconfig: - 28 90
# description: Packet filtering firewall
### BEGIN INIT INFO
# Provides: shorewall6-lite
# Required-Start: $local_fs $remote_fs $syslog $network
# Should-Start: VMware $time $named
# Required-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: Packet filtering firewall
# Description: The Shoreline Firewall, more commonly known as "Shorewall", is a
# Netfilter (iptables) based firewall
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
prog="shorewall6-lite"
shorewall="/sbin/$prog"
logger="logger -i -t $prog"
lockfile="/var/lock/subsys/$prog"
# Get startup options (override default)
OPTIONS=
if [ -f /etc/sysconfig/$prog ]; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting Shorewall: "
$shorewall $OPTIONS start 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping Shorewall: "
$shorewall $OPTIONS stop 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
rm -f $lockfile
success
else
failure
fi
echo
return $retval
}
restart() {
# Note that we don't simply stop and start since shorewall has a built in
# restart which stops the firewall if running and then starts it.
echo -n $"Restarting Shorewall: "
$shorewall $OPTIONS restart 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else # Failed to start, clean up lock file if present
rm -f $lockfile
failure
fi
echo
return $retval
}
status(){
$shorewall status
return $?
}
status_q() {
status > /dev/null 2>&1
}
case "$1" in
start)
status_q && exit 0
$1
;;
stop)
status_q || exit 0
$1
;;
restart|reload|force-reload)
restart
;;
condrestart|try-restart)
status_q || exit 0
restart
;;
status)
$1
;;
*)
echo "Usage: $0 start|stop|reload|restart|force-reload|status"
exit 1
;;
esac

View File

@ -171,6 +171,8 @@ if [ -n "$DESTDIR" ]; then
install -d $OWNERSHIP -m 755 ${DESTDIR}${DEST} install -d $OWNERSHIP -m 755 ${DESTDIR}${DEST}
elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then
DEBIAN=yes DEBIAN=yes
elif [ -f /etc/redhat-release ]; then
FEDORA=yes
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
DEST="/etc/rc.d" DEST="/etc/rc.d"
INIT="rc.firewall" INIT="rc.firewall"
@ -222,6 +224,8 @@ echo "Shorewall6 Lite control program installed in ${DESTDIR}/sbin/shorewall6-li
# #
if [ -n "$DEBIAN" ]; then if [ -n "$DEBIAN" ]; then
install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall6-lite 0544 install_file init.debian.sh ${DESTDIR}/etc/init.d/shorewall6-lite 0544
elif [ -n "$FEDORA" ]; then
install_file init.fedora.sh /etc/init.d/shorewall6-lite 0544
elif [ -n "$ARCHLINUX" ]; then elif [ -n "$ARCHLINUX" ]; then
install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544 install_file init.archlinux.sh ${DESTDIR}${DEST}/$INIT 0544

112
Shorewall6/init.fedora.sh Normal file
View File

@ -0,0 +1,112 @@
#!/bin/sh
#
# Shorewall init script
#
# chkconfig: - 28 90
# description: Packet filtering firewall
### BEGIN INIT INFO
# Provides: shorewall6
# Required-Start: $local_fs $remote_fs $syslog $network
# Should-Start: VMware $time $named
# Required-Stop:
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: Packet filtering firewall
# Description: The Shoreline Firewall, more commonly known as "Shorewall", is a
# Netfilter (iptables) based firewall
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
prog="shorewall6"
shorewall="/sbin/$prog"
logger="logger -i -t $prog"
lockfile="/var/lock/subsys/$prog"
# Get startup options (override default)
OPTIONS=
if [ -f /etc/sysconfig/$prog ]; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting Shorewall: "
$shorewall $OPTIONS start 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping Shorewall: "
$shorewall $OPTIONS stop 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
rm -f $lockfile
success
else
failure
fi
echo
return $retval
}
restart() {
# Note that we don't simply stop and start since shorewall has a built in
# restart which stops the firewall if running and then starts it.
echo -n $"Restarting Shorewall: "
$shorewall $OPTIONS restart 2>&1 | $logger
retval=${PIPESTATUS[0]}
if [[ $retval == 0 ]]; then
touch $lockfile
success
else # Failed to start, clean up lock file if present
rm -f $lockfile
failure
fi
echo
return $retval
}
status(){
$shorewall status
return $?
}
status_q() {
status > /dev/null 2>&1
}
case "$1" in
start)
status_q && exit 0
$1
;;
stop)
status_q || exit 0
$1
;;
restart|reload|force-reload)
restart
;;
condrestart|try-restart)
status_q || exit 0
restart
;;
status)
$1
;;
*)
echo "Usage: $0 start|stop|reload|restart|force-reload|status"
exit 1
;;
esac

View File

@ -107,7 +107,6 @@ if [ -z "$INIT" ] ; then
fi fi
ANNOTATED= ANNOTATED=
DEBIAN=
CYGWIN= CYGWIN=
MAC= MAC=
MACHOST= MACHOST=
@ -242,6 +241,9 @@ else
echo "Installing Debian-specific configuration..." echo "Installing Debian-specific configuration..."
DEBIAN=yes DEBIAN=yes
SPARSE=yes SPARSE=yes
elif [ -f /etc/redhat-release ]; then
echo "Installing Redhat/Fedora-specific configuration..."
FEDORA=yes
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
echo "Installing Slackware-specific configuration..." echo "Installing Slackware-specific configuration..."
DEST="/etc/rc.d" DEST="/etc/rc.d"
@ -295,6 +297,8 @@ fi
# #
if [ -n "$DEBIAN" ]; then if [ -n "$DEBIAN" ]; then
install_file init.debian.sh /etc/init.d/shorewall6 0544 ${DESTDIR}/usr/share/shorewall6-${VERSION}.bkout install_file init.debian.sh /etc/init.d/shorewall6 0544 ${DESTDIR}/usr/share/shorewall6-${VERSION}.bkout
elif [ -n "$FEDORA" ]; then
install_file init.fedora.sh /etc/init.d/shorewall6 0544 ${DESTDIR}/usr/share/shorewall6-${VERSION}.bkout
elif [ -n "$SLACKWARE" ]; then elif [ -n "$SLACKWARE" ]; then
install_file init.slackware.shorewall6.sh ${DESTDIR}${DEST}/rc.shorewall6 0544 ${DESTDIR}/usr/share/shorewall6-${VERSION}.bkout install_file init.slackware.shorewall6.sh ${DESTDIR}${DEST}/rc.shorewall6 0544 ${DESTDIR}/usr/share/shorewall6-${VERSION}.bkout
elif [ -n "$ARCHLINUX" ]; then elif [ -n "$ARCHLINUX" ]; then