From 36e147f57bdddb63ab9a3c218bcf5c49194ce9e6 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sun, 6 Jul 2008 21:47:59 +0000
Subject: [PATCH] Add -f option to the restart command

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-common/changelog.txt       |  2 ++
 Shorewall-common/releasenotes.txt    |  4 +++
 Shorewall-common/shorewall           | 38 ++++++++++++++++++----------
 Shorewall-perl/Shorewall/Compiler.pm |  2 +-
 Shorewall-shell/compiler             |  2 +-
 manpages/shorewall.xml               |  6 +++++
 6 files changed, 39 insertions(+), 15 deletions(-)

diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt
index de033c2a1..7b1c9050a 100644
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@@ -6,6 +6,8 @@ Changes in 4.2.0-Beta3
 
 3)  Implement USE_DEFAULT_RT
 
+4)  Add -f option to the restart command. 
+
 Changes in 4.2.0-Beta2
 
 1)  Only issue a warning on RFC 1918 violation.
diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index 6f4d96fd5..529f57fe6 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -130,6 +130,10 @@ Other Changes in Shoreall 4.2.0 Beta 3.
        Shorewall is started, then all policy routing will stop working
        (except for those routing rules in the priority range 1-998).
 
+3)  The 'shorewall restart' command now supports an -f option. When
+    this option is specified, no compilation occurs; rather, the script
+    which last started or restarted Shorewall is used. 
+
 New Features in Shorewall 4.2.
 
 1)  Shorewall 4.2 contains support for multiple Internet providers
diff --git a/Shorewall-common/shorewall b/Shorewall-common/shorewall
index 01e3e9065..e3ff9f574 100755
--- a/Shorewall-common/shorewall
+++ b/Shorewall-common/shorewall
@@ -761,6 +761,10 @@ restart_command() {
 			    DEBUG=Yes
 			    option=${option#d}
 			    ;;
+			f*)
+			    FAST=Yes
+			    option=${option#f}
+			    ;;
 			n*)
 			    NOROUTES=Yes
 			    option=${option#n}
@@ -804,6 +808,7 @@ restart_command() {
 	    fi
 
 	    SHOREWALL_DIR=$(resolve_file $1)
+	    [ -n "$FAST" ] && fatal_error "Directory may not be specified with the -f option"
 	    export SHOREWALL_DIR
 	    ;;
 	*)
@@ -816,20 +821,27 @@ restart_command() {
     export NOROUTES
     export PURGE
 
-    progress_message3 "Compiling..."
+   if [ -z "$FAST" ]; then  
+       progress_message3 "Compiling..."
 
-    if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
-	[ -n "$nolock" ] || mutex_on
-	$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
-	rc=$?
-	[ -n "$nolock" ] || mutex_off
-    else
-	rc=$?
-	logger -p kern.err "ERROR:Shorewall restart failed"
-    fi
+       if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
+	   [ -n "$nolock" ] || mutex_on
+	   $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
+	   rc=$?
+	   [ -n "$nolock" ] || mutex_off
+       else
+	   rc=$?
+	   logger -p kern.err "ERROR:Shorewall restart failed"
+       fi
+   else
+       [ -x ${VARDIR}/.restore ] || fatal_error "No ${VARDIR}/.restore file found"
+       [ -n "$nolock" ] || mutex_on
+       $SHOREWALL_SHELL ${VARDIR}/.restore $debugging restart
+       rc=$?
+       [ -n "$nolock" ] || mutex_off
+   fi
 
-
-    return $rc
+   return $rc
 }
 
 #
@@ -1436,7 +1448,7 @@ usage() # $1 = exit status
     echo "   reject <address> ..."
     echo "   reload [ -s ] [ -c ] [ -r <root user> ] [ -C {shell|perl} ] [ <directory> ] <system>"
     echo "   reset"
-    echo "   restart [ -n ] [ -p ] [ -C {shell|perl} ] [ <directory> ]"
+    echo "   restart [ -n ] [ -p ] [ -f ] [ -C {shell|perl} ] [ <directory> ]"
     echo "   restore [ -n ] [ <file name> ]"
     echo "   save [ <file name> ]"
     echo "   show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|vardir|zones} ]"
diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm
index a1586c101..7ccefa2b4 100644
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@@ -682,7 +682,7 @@ EOF
         run_started_exit
     fi
 
-    cp -f $(my_pathname) ${VARDIR}/.restore
+    [ $0 = ${VARDIR}/.restore ] || cp -f $(my_pathname) ${VARDIR}/.restore
 fi
 
 date > ${VARDIR}/restarted
diff --git a/Shorewall-shell/compiler b/Shorewall-shell/compiler
index ccf1a4777..08648ecb3 100755
--- a/Shorewall-shell/compiler
+++ b/Shorewall-shell/compiler
@@ -1167,7 +1167,7 @@ compile_refresh_firewall()
 
     append_file refreshed
 
-    save_command "cp -f \$(my_pathname) \${VARDIR}/.restore"
+    save_command "[ \$0 = \${VARDIR}/.restore ] || cp -f \$(my_pathname) \${VARDIR}/.restore"
 
     INDENT=""
 
diff --git a/manpages/shorewall.xml b/manpages/shorewall.xml
index 7660d7c82..da31508ea 100644
--- a/manpages/shorewall.xml
+++ b/manpages/shorewall.xml
@@ -356,6 +356,8 @@
 
       <arg><option>-p</option></arg>
 
+      <arg><option>-f</option></arg>
+
       <arg><option>-C</option> <option>{shell|perl}</option></arg>
 
       <arg><replaceable>directory</replaceable></arg>
@@ -1064,6 +1066,10 @@
           table to be flushed; the <command>conntrack</command> utility must
           be installed to use this option.</para>
 
+          <para>The <option>-f</option> option suppresses the compilation step
+          and simply reused the compiled script which last started/restarted
+          Shorewall. </para>
+
           <para>The <option>-C</option> option determines the compiler to use
           (Shorewall-shell or Shorewall-perl). If not specified, the
           SHOREWALL_COMPILER setting in <ulink