diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh
index adc239083..bc9a36881 100755
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@@ -426,9 +426,6 @@ fi
if [ $HOST = archlinux ] ; then
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf
-elif [ $HOST = gentoo ]; then
- # Adjust SUBSYSLOCK path (see https://bugs.gentoo.org/show_bug.cgi?id=459316)
- perl -p -w -i -e "s|^SUBSYSLOCK=.*|SUBSYSLOCK=/run/lock/$PRODUCT|;" ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf
fi
#
# Install the default config path file
@@ -563,7 +560,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
if [ $HOST = debian ]; then
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/$PRODUCT.conf to enable"
fi
@@ -582,7 +579,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
echo "$PRODUCT will start automatically at boot"
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
update-rc.d $PRODUCT enable
elif mywhich rc-update ; then
if rc-update add $PRODUCT default; then
@@ -590,7 +587,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
if [ $HOST = debian ]; then
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/$PRODUCT.conf to enable"
fi
diff --git a/Shorewall-lite/manpages/shorewall-lite.conf.xml b/Shorewall-lite/manpages/shorewall-lite.conf.xml
index 325789d1a..692ccba86 100644
--- a/Shorewall-lite/manpages/shorewall-lite.conf.xml
+++ b/Shorewall-lite/manpages/shorewall-lite.conf.xml
@@ -133,20 +133,6 @@
-
- SUBSYSLOCK=[pathname]
-
-
- This parameter should be set to the name of a file that the
- firewall should create if it starts successfully and remove when it
- stops. Creating and removing this file allows Shorewall to work with
- your distribution's initscripts. For RedHat, this should be set to
- /var/lock/subsys/shorewall. For Debian, the value is
- /var/state/shorewall and in LEAF it is /var/run/shorewall.
-
-
-
VERBOSITY=[number]
diff --git a/Shorewall-lite/shorewall-lite.conf b/Shorewall-lite/shorewall-lite.conf
index 83caf10fd..7387fb519 100644
--- a/Shorewall-lite/shorewall-lite.conf
+++ b/Shorewall-lite/shorewall-lite.conf
@@ -40,8 +40,6 @@ PATH=
SHOREWALL_SHELL=
-SUBSYSLOCK=
-
RESTOREFILE=
#LAST LINE -- DO NOT REMOVE
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 8e2fa583e..d1ca4a64f 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -315,7 +315,7 @@ our %renamed = ( AUTO_COMMENT => 'AUTOCOMMENT', BLACKLIST_LOGLEVEL => 'BLACKLIST
#
# Config options and global settings that are to be copied to output script
#
-our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY LOCKFILE SUBSYSLOCK LOG_VERBOSITY RESTART/;
+our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY LOCKFILE LOG_VERBOSITY RESTART/;
#
# From parsing the capabilities file or detecting capabilities
#
@@ -636,14 +636,15 @@ our %converted = (
# Eliminated options
#
our %eliminated = ( LOGRATE => 1,
- LOGBURST => 1,
+ LOGBURST => 1,
EXPORTPARAMS => 1,
LEGACY_FASTSTART => 1,
- IPSECFILE => 1,
+ IPSECFILE => 1,
WIDE_TC_MARKS => 1,
HIGH_ROUTE_MARKS => 1,
BLACKLISTNEWONLY => 1,
CHAIN_SCRIPTS => 1,
+ SUBSYSLOCK => 1,
);
#
# Variables involved in ?IF, ?ELSE ?ENDIF processing
@@ -801,7 +802,6 @@ sub initialize( $;$$) {
PERL => undef,
PATH => undef,
SHOREWALL_SHELL => undef,
- SUBSYSLOCK => undef,
MODULESDIR => undef,
CONFIG_PATH => undef,
RESTOREFILE => undef,
@@ -6805,7 +6805,7 @@ sub generate_aux_config() {
emit "#\n# Shorewall auxiliary configuration file created by Shorewall version $globals{VERSION} - $date\n#";
- for my $option ( qw(VERBOSITY LOGFILE LOGFORMAT ARPTABLES IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL SUBSYSLOCK LOCKFILE RESTOREFILE WORKAROUNDS RESTART DYNAMIC_BLACKLIST) ) {
+ for my $option ( qw(VERBOSITY LOGFILE LOGFORMAT ARPTABLES IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL LOCKFILE RESTOREFILE WORKAROUNDS RESTART DYNAMIC_BLACKLIST) ) {
conditionally_add_option $option;
}
diff --git a/Shorewall/Perl/prog.footer b/Shorewall/Perl/prog.footer
index e5c81f5e7..38cce0c9e 100644
--- a/Shorewall/Perl/prog.footer
+++ b/Shorewall/Perl/prog.footer
@@ -49,7 +49,6 @@ start_command() {
define_firewall
status=$?
if [ $status -eq 0 ]; then
- [ -n "$SUBSYSLOCK" ] && touch $SUBSYSLOCK
progress_message3 "done."
fi
fi
@@ -61,7 +60,6 @@ stop_command() {
progress_message3 "Stopping $g_product...."
detect_configuration
stop_firewall
- [ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
progress_message3 "done."
return 0
}
@@ -78,9 +76,6 @@ reload_command() {
detect_configuration
define_firewall
status=$?
- if [ -n "$SUBSYSLOCK" ]; then
- [ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
- fi
[ $status -eq 0 ] && progress_message3 "done."
}
@@ -339,9 +334,6 @@ case "$COMMAND" in
detect_configuration
define_firewall
status=$?
- if [ -n "$SUBSYSLOCK" ]; then
- [ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
- fi
[ $status -eq 0 ] && progress_message3 "done."
;;
clear)
@@ -349,9 +341,6 @@ case "$COMMAND" in
progress_message3 "Clearing $g_product...."
clear_firewall
status=0
- if [ -n "$SUBSYSLOCK" ]; then
- rm -f $SUBSYSLOCK
- fi
progress_message3 "done."
;;
status)
diff --git a/Shorewall/Samples/Universal/shorewall.conf b/Shorewall/Samples/Universal/shorewall.conf
index ed9a3c0c5..7009cdb62 100644
--- a/Shorewall/Samples/Universal/shorewall.conf
+++ b/Shorewall/Samples/Universal/shorewall.conf
@@ -99,8 +99,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall/Samples/one-interface/shorewall.conf b/Shorewall/Samples/one-interface/shorewall.conf
index 5aaf63567..414d401e0 100644
--- a/Shorewall/Samples/one-interface/shorewall.conf
+++ b/Shorewall/Samples/one-interface/shorewall.conf
@@ -110,8 +110,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall/Samples/three-interfaces/shorewall.conf b/Shorewall/Samples/three-interfaces/shorewall.conf
index a6320090b..d803c4192 100644
--- a/Shorewall/Samples/three-interfaces/shorewall.conf
+++ b/Shorewall/Samples/three-interfaces/shorewall.conf
@@ -107,8 +107,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall/Samples/two-interfaces/shorewall.conf b/Shorewall/Samples/two-interfaces/shorewall.conf
index 6f8ba4cd5..92378ce2f 100644
--- a/Shorewall/Samples/two-interfaces/shorewall.conf
+++ b/Shorewall/Samples/two-interfaces/shorewall.conf
@@ -110,8 +110,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall/configfiles/shorewall.conf b/Shorewall/configfiles/shorewall.conf
index b124e251f..a6bbdf6fa 100644
--- a/Shorewall/configfiles/shorewall.conf
+++ b/Shorewall/configfiles/shorewall.conf
@@ -99,8 +99,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=/var/lock/subsys/shorewall
-
TC=
###############################################################################
diff --git a/Shorewall/install.sh b/Shorewall/install.sh
index cc9ef41d9..50f94667a 100755
--- a/Shorewall/install.sh
+++ b/Shorewall/install.sh
@@ -540,9 +540,6 @@ if [ ! -f ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf ]; then
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf
elif [ $HOST = debian ]; then
perl -p -w -i -e 's|^STARTUP_ENABLED=.*|STARTUP_ENABLED=Yes|;' ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf${suffix}
- elif [ $HOST = gentoo ]; then
- # Adjust SUBSYSLOCK path (see https://bugs.gentoo.org/show_bug.cgi?id=459316)
- perl -p -w -i -e "s|^SUBSYSLOCK=.*|SUBSYSLOCK=/run/lock/$PRODUCT|;" ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf${suffix}
fi
echo "Config file installed as ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf"
@@ -1222,7 +1219,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
if [ $HOST = debian ]; then
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/$PRODUCT.conf to enable"
fi
@@ -1241,7 +1238,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
echo "$PRODUCT will start automatically at boot"
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
update-rc.d $PRODUCT enable
elif mywhich rc-update ; then
if rc-update add $PRODUCT default; then
@@ -1249,7 +1246,7 @@ if [ $configure -eq 1 -a -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${
if [ $HOST = debian ]; then
echo "Set startup=1 in ${CONFDIR}/default/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
- perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
+ perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;' ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/$PRODUCT.conf to enable"
fi
diff --git a/Shorewall/manpages/shorewall.conf.xml b/Shorewall/manpages/shorewall.conf.xml
index 6104edfe6..1ba950276 100644
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@@ -2562,20 +2562,6 @@ INLINE - - - ;; -j REJECT
-
- SUBSYSLOCK=[pathname]
-
-
- This parameter should be set to the name of a file that the
- firewall should create if it starts successfully and remove when it
- stops. Creating and removing this file allows Shorewall to work with
- your distribution's initscripts. For RedHat and OpenSuSE, this
- should be set to /var/lock/subsys/shorewall. For Debian, the value
- is /var/lock/shorewall and in LEAF it is /var/run/shorewall.
-
-
-
TC=[pathname]
diff --git a/Shorewall6-lite/manpages/shorewall6-lite.conf.xml b/Shorewall6-lite/manpages/shorewall6-lite.conf.xml
index bf846770a..9840a6fbb 100644
--- a/Shorewall6-lite/manpages/shorewall6-lite.conf.xml
+++ b/Shorewall6-lite/manpages/shorewall6-lite.conf.xml
@@ -133,20 +133,6 @@
-
- SUBSYSLOCK=[pathname]
-
-
- This parameter should be set to the name of a file that the
- firewall should create if it starts successfully and remove when it
- stops. Creating and removing this file allows Shorewall6 to work
- with your distribution's initscripts. For RedHat, this should be set
- to /var/lock/subsys/shorewall6. For Debian, the value is
- /var/state/shorewall6 and in LEAF it is /var/run/shorewall.
-
-
-
VERBOSITY=[number]
diff --git a/Shorewall6-lite/shorewall6-lite.conf b/Shorewall6-lite/shorewall6-lite.conf
index 3a9159da8..b057c0cd1 100644
--- a/Shorewall6-lite/shorewall6-lite.conf
+++ b/Shorewall6-lite/shorewall6-lite.conf
@@ -40,8 +40,6 @@ PATH=
SHOREWALL_SHELL=
-SUBSYSLOCK=
-
RESTOREFILE=
#LAST LINE -- DO NOT REMOVE
diff --git a/Shorewall6/Samples6/Universal/shorewall6.conf b/Shorewall6/Samples6/Universal/shorewall6.conf
index f04b486b2..c95a2c049 100644
--- a/Shorewall6/Samples6/Universal/shorewall6.conf
+++ b/Shorewall6/Samples6/Universal/shorewall6.conf
@@ -96,8 +96,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall6/Samples6/one-interface/shorewall6.conf b/Shorewall6/Samples6/one-interface/shorewall6.conf
index 45fbbda26..eb1ea68a2 100644
--- a/Shorewall6/Samples6/one-interface/shorewall6.conf
+++ b/Shorewall6/Samples6/one-interface/shorewall6.conf
@@ -97,8 +97,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall6/Samples6/three-interfaces/shorewall6.conf b/Shorewall6/Samples6/three-interfaces/shorewall6.conf
index 57231364e..f7002b1c4 100644
--- a/Shorewall6/Samples6/three-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/three-interfaces/shorewall6.conf
@@ -96,8 +96,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall6/Samples6/two-interfaces/shorewall6.conf b/Shorewall6/Samples6/two-interfaces/shorewall6.conf
index 92b0744e7..eb6cae488 100644
--- a/Shorewall6/Samples6/two-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/two-interfaces/shorewall6.conf
@@ -96,8 +96,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=
-
TC=
###############################################################################
diff --git a/Shorewall6/configfiles/shorewall6.conf b/Shorewall6/configfiles/shorewall6.conf
index 0ad266ca8..9b8a9bb59 100644
--- a/Shorewall6/configfiles/shorewall6.conf
+++ b/Shorewall6/configfiles/shorewall6.conf
@@ -96,8 +96,6 @@ RESTOREFILE=restore
SHOREWALL_SHELL=/bin/sh
-SUBSYSLOCK=/var/lock/subsys/shorewall6
-
TC=
###############################################################################
diff --git a/Shorewall6/manpages/shorewall6.conf.xml b/Shorewall6/manpages/shorewall6.conf.xml
index 5978725a2..22fff0f4c 100644
--- a/Shorewall6/manpages/shorewall6.conf.xml
+++ b/Shorewall6/manpages/shorewall6.conf.xml
@@ -2197,20 +2197,6 @@ INLINE - - - ;; -j REJECT
-
- SUBSYSLOCK=[pathname]
-
-
- This parameter should be set to the name of a file that the
- firewall should create if it starts successfully and remove when it
- stops. Creating and removing this file allows Shorewall6 to work
- with your distribution's initscripts. For RedHat, this should be set
- to /var/lock/subsys/shorewall6. For Debian, the value is
- /var/lock/shorewall6 and in LEAF it is /var/run/shorewall.
-
-
-
TC=[pathname]