Add -f option to the restart command

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-common/changelog.txt

@@ -6,6 +6,8 @@ Changes in 4.2.0-Beta3
 
 3)  Implement USE_DEFAULT_RT
 
+4)  Add -f option to the restart command. 
+
 Changes in 4.2.0-Beta2
 
 1)  Only issue a warning on RFC 1918 violation.

Shorewall-common/releasenotes.txt

@@ -130,6 +130,10 @@ Other Changes in Shoreall 4.2.0 Beta 3.
        Shorewall is started, then all policy routing will stop working
        (except for those routing rules in the priority range 1-998).
 
+3)  The 'shorewall restart' command now supports an -f option. When
+    this option is specified, no compilation occurs; rather, the script
+    which last started or restarted Shorewall is used. 
+
 New Features in Shorewall 4.2.
 
 1)  Shorewall 4.2 contains support for multiple Internet providers

Shorewall-common/shorewall

@@ -761,6 +761,10 @@ restart_command() {
 			    DEBUG=Yes
 			    option=${option#d}
 			    ;;
+			f*)
+			    FAST=Yes
+			    option=${option#f}
+			    ;;
 			n*)
 			    NOROUTES=Yes
 			    option=${option#n}
@@ -804,6 +808,7 @@ restart_command() {
 	    fi
 
 	    SHOREWALL_DIR=$(resolve_file $1)
+	    [ -n "$FAST" ] && fatal_error "Directory may not be specified with the -f option"
 	    export SHOREWALL_DIR
 	    ;;
 	*)
@@ -816,20 +821,27 @@ restart_command() {
     export NOROUTES
     export PURGE
 
-    progress_message3 "Compiling..."
+   if [ -z "$FAST" ]; then  
+       progress_message3 "Compiling..."
 
-    if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
-	[ -n "$nolock" ] || mutex_on
-	$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
-	rc=$?
-	[ -n "$nolock" ] || mutex_off
-    else
-	rc=$?
-	logger -p kern.err "ERROR:Shorewall restart failed"
-    fi
+       if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
+	   [ -n "$nolock" ] || mutex_on
+	   $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
+	   rc=$?
+	   [ -n "$nolock" ] || mutex_off
+       else
+	   rc=$?
+	   logger -p kern.err "ERROR:Shorewall restart failed"
+       fi
+   else
+       [ -x ${VARDIR}/.restore ] || fatal_error "No ${VARDIR}/.restore file found"
+       [ -n "$nolock" ] || mutex_on
+       $SHOREWALL_SHELL ${VARDIR}/.restore $debugging restart
+       rc=$?
+       [ -n "$nolock" ] || mutex_off
+   fi
 
-
-    return $rc
+   return $rc
 }
 
 #
@@ -1436,7 +1448,7 @@ usage() # $1 = exit status
     echo "   reject <address> ..."
     echo "   reload [ -s ] [ -c ] [ -r <root user> ] [ -C {shell|perl} ] [ <directory> ] <system>"
     echo "   reset"
-    echo "   restart [ -n ] [ -p ] [ -C {shell|perl} ] [ <directory> ]"
+    echo "   restart [ -n ] [ -p ] [ -f ] [ -C {shell|perl} ] [ <directory> ]"
     echo "   restore [ -n ] [ <file name> ]"
     echo "   save [ <file name> ]"
     echo "   show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|vardir|zones} ]"

Shorewall-perl/Shorewall/Compiler.pm

@@ -682,7 +682,7 @@ EOF
         run_started_exit
     fi
 
-    cp -f $(my_pathname) ${VARDIR}/.restore
+    [ $0 = ${VARDIR}/.restore ] || cp -f $(my_pathname) ${VARDIR}/.restore
 fi
 
 date > ${VARDIR}/restarted

Shorewall-shell/compiler

@@ -1167,7 +1167,7 @@ compile_refresh_firewall()
 
     append_file refreshed
 
-    save_command "cp -f \$(my_pathname) \${VARDIR}/.restore"
+    save_command "[ \$0 = \${VARDIR}/.restore ] || cp -f \$(my_pathname) \${VARDIR}/.restore"
 
     INDENT=""
 

manpages/shorewall.xml

@@ -356,6 +356,8 @@
 
       <arg><option>-p</option></arg>
 
+      <arg><option>-f</option></arg>
+
       <arg><option>-C</option> <option>{shell|perl}</option></arg>
 
       <arg><replaceable>directory</replaceable></arg>
@@ -1064,6 +1066,10 @@
           table to be flushed; the <command>conntrack</command> utility must
           be installed to use this option.</para>
 
+          <para>The <option>-f</option> option suppresses the compilation step
+          and simply reused the compiled script which last started/restarted
+          Shorewall. </para>
+
           <para>The <option>-C</option> option determines the compiler to use
           (Shorewall-shell or Shorewall-perl). If not specified, the
           SHOREWALL_COMPILER setting in <ulink