mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Add -f option to the restart command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
a01d47579d
commit
36e147f57b
@ -6,6 +6,8 @@ Changes in 4.2.0-Beta3
|
|||||||
|
|
||||||
3) Implement USE_DEFAULT_RT
|
3) Implement USE_DEFAULT_RT
|
||||||
|
|
||||||
|
4) Add -f option to the restart command.
|
||||||
|
|
||||||
Changes in 4.2.0-Beta2
|
Changes in 4.2.0-Beta2
|
||||||
|
|
||||||
1) Only issue a warning on RFC 1918 violation.
|
1) Only issue a warning on RFC 1918 violation.
|
||||||
|
@ -130,6 +130,10 @@ Other Changes in Shoreall 4.2.0 Beta 3.
|
|||||||
Shorewall is started, then all policy routing will stop working
|
Shorewall is started, then all policy routing will stop working
|
||||||
(except for those routing rules in the priority range 1-998).
|
(except for those routing rules in the priority range 1-998).
|
||||||
|
|
||||||
|
3) The 'shorewall restart' command now supports an -f option. When
|
||||||
|
this option is specified, no compilation occurs; rather, the script
|
||||||
|
which last started or restarted Shorewall is used.
|
||||||
|
|
||||||
New Features in Shorewall 4.2.
|
New Features in Shorewall 4.2.
|
||||||
|
|
||||||
1) Shorewall 4.2 contains support for multiple Internet providers
|
1) Shorewall 4.2 contains support for multiple Internet providers
|
||||||
|
@ -761,6 +761,10 @@ restart_command() {
|
|||||||
DEBUG=Yes
|
DEBUG=Yes
|
||||||
option=${option#d}
|
option=${option#d}
|
||||||
;;
|
;;
|
||||||
|
f*)
|
||||||
|
FAST=Yes
|
||||||
|
option=${option#f}
|
||||||
|
;;
|
||||||
n*)
|
n*)
|
||||||
NOROUTES=Yes
|
NOROUTES=Yes
|
||||||
option=${option#n}
|
option=${option#n}
|
||||||
@ -804,6 +808,7 @@ restart_command() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
SHOREWALL_DIR=$(resolve_file $1)
|
SHOREWALL_DIR=$(resolve_file $1)
|
||||||
|
[ -n "$FAST" ] && fatal_error "Directory may not be specified with the -f option"
|
||||||
export SHOREWALL_DIR
|
export SHOREWALL_DIR
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
@ -816,20 +821,27 @@ restart_command() {
|
|||||||
export NOROUTES
|
export NOROUTES
|
||||||
export PURGE
|
export PURGE
|
||||||
|
|
||||||
progress_message3 "Compiling..."
|
if [ -z "$FAST" ]; then
|
||||||
|
progress_message3 "Compiling..."
|
||||||
|
|
||||||
if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
|
if compiler run $debugging $nolock compile ${VARDIR}/.restart; then
|
||||||
[ -n "$nolock" ] || mutex_on
|
[ -n "$nolock" ] || mutex_on
|
||||||
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
|
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
|
||||||
rc=$?
|
rc=$?
|
||||||
[ -n "$nolock" ] || mutex_off
|
[ -n "$nolock" ] || mutex_off
|
||||||
else
|
else
|
||||||
rc=$?
|
rc=$?
|
||||||
logger -p kern.err "ERROR:Shorewall restart failed"
|
logger -p kern.err "ERROR:Shorewall restart failed"
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
[ -x ${VARDIR}/.restore ] || fatal_error "No ${VARDIR}/.restore file found"
|
||||||
|
[ -n "$nolock" ] || mutex_on
|
||||||
|
$SHOREWALL_SHELL ${VARDIR}/.restore $debugging restart
|
||||||
|
rc=$?
|
||||||
|
[ -n "$nolock" ] || mutex_off
|
||||||
|
fi
|
||||||
|
|
||||||
|
return $rc
|
||||||
return $rc
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -1436,7 +1448,7 @@ usage() # $1 = exit status
|
|||||||
echo " reject <address> ..."
|
echo " reject <address> ..."
|
||||||
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -C {shell|perl} ] [ <directory> ] <system>"
|
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -C {shell|perl} ] [ <directory> ] <system>"
|
||||||
echo " reset"
|
echo " reset"
|
||||||
echo " restart [ -n ] [ -p ] [ -C {shell|perl} ] [ <directory> ]"
|
echo " restart [ -n ] [ -p ] [ -f ] [ -C {shell|perl} ] [ <directory> ]"
|
||||||
echo " restore [ -n ] [ <file name> ]"
|
echo " restore [ -n ] [ <file name> ]"
|
||||||
echo " save [ <file name> ]"
|
echo " save [ <file name> ]"
|
||||||
echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|vardir|zones} ]"
|
echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|vardir|zones} ]"
|
||||||
|
@ -682,7 +682,7 @@ EOF
|
|||||||
run_started_exit
|
run_started_exit
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cp -f $(my_pathname) ${VARDIR}/.restore
|
[ $0 = ${VARDIR}/.restore ] || cp -f $(my_pathname) ${VARDIR}/.restore
|
||||||
fi
|
fi
|
||||||
|
|
||||||
date > ${VARDIR}/restarted
|
date > ${VARDIR}/restarted
|
||||||
|
@ -1167,7 +1167,7 @@ compile_refresh_firewall()
|
|||||||
|
|
||||||
append_file refreshed
|
append_file refreshed
|
||||||
|
|
||||||
save_command "cp -f \$(my_pathname) \${VARDIR}/.restore"
|
save_command "[ \$0 = \${VARDIR}/.restore ] || cp -f \$(my_pathname) \${VARDIR}/.restore"
|
||||||
|
|
||||||
INDENT=""
|
INDENT=""
|
||||||
|
|
||||||
|
@ -356,6 +356,8 @@
|
|||||||
|
|
||||||
<arg><option>-p</option></arg>
|
<arg><option>-p</option></arg>
|
||||||
|
|
||||||
|
<arg><option>-f</option></arg>
|
||||||
|
|
||||||
<arg><option>-C</option> <option>{shell|perl}</option></arg>
|
<arg><option>-C</option> <option>{shell|perl}</option></arg>
|
||||||
|
|
||||||
<arg><replaceable>directory</replaceable></arg>
|
<arg><replaceable>directory</replaceable></arg>
|
||||||
@ -1064,6 +1066,10 @@
|
|||||||
table to be flushed; the <command>conntrack</command> utility must
|
table to be flushed; the <command>conntrack</command> utility must
|
||||||
be installed to use this option.</para>
|
be installed to use this option.</para>
|
||||||
|
|
||||||
|
<para>The <option>-f</option> option suppresses the compilation step
|
||||||
|
and simply reused the compiled script which last started/restarted
|
||||||
|
Shorewall. </para>
|
||||||
|
|
||||||
<para>The <option>-C</option> option determines the compiler to use
|
<para>The <option>-C</option> option determines the compiler to use
|
||||||
(Shorewall-shell or Shorewall-perl). If not specified, the
|
(Shorewall-shell or Shorewall-perl). If not specified, the
|
||||||
SHOREWALL_COMPILER setting in <ulink
|
SHOREWALL_COMPILER setting in <ulink
|
||||||
|
Loading…
Reference in New Issue
Block a user