diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index f0acfd644..c2dadd370 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -5147,6 +5147,7 @@ sub unsupported_yes_no_warning( $ ) {
#
sub get_params( $ ) {
my $export = $_[0];
+ my $cygwin = ( $shorewallrc{HOST} eq 'cygwin' );
my $fn = find_file 'params';
@@ -5188,14 +5189,16 @@ sub get_params( $ ) {
$shell = BASH;
for ( @params ) {
- if ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
+ chomp;
+ if ( $cygwin && /^declare -x (.*?)="(.*)"$/ ) {
+ $params{$1} = $2 unless $1 eq '_';
+ } elsif ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
$params{$1} = $2 unless $1 eq '_';
} elsif ( /^declare -x (.*?)="(.*)$/ ) {
$params{$variable=$1} = $2 eq '"' ? '' : "${2}\n";
} elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) {
$params{$1} = '';
} else {
- chomp;
if ($variable) {
s/"$//;
$params{$variable} .= $_;
@@ -5216,14 +5219,16 @@ sub get_params( $ ) {
$shell = OLDBASH;
for ( @params ) {
- if ( /^export (.*?)="(.*[^\\])"$/ ) {
+ chomp;
+ if ( $cygwin && /^export (.*?)="(.*)"$/ ) {
+ $params{$1} = $2 unless $1 eq '_';
+ } elsif ( /^export (.*?)="(.*[^\\])"$/ ) {
$params{$1} = $2 unless $1 eq '_';
} elsif ( /^export (.*?)="(.*)$/ ) {
$params{$variable=$1} = $2 eq '"' ? '' : "${2}\n";
} elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) {
$params{$1} = '';
} else {
- chomp;
if ($variable) {
s/"$//;
$params{$variable} .= $_;
@@ -5243,6 +5248,7 @@ sub get_params( $ ) {
$shell = ASH;
for ( @params ) {
+ chomp;
if ( /^export (.*?)='(.*'"'"')$/ ) {
$params{$variable=$1}="${2}\n";
} elsif ( /^export (.*?)='(.*)'$/ ) {
@@ -5250,7 +5256,6 @@ sub get_params( $ ) {
} elsif ( /^export (.*?)='(.*)$/ ) {
$params{$variable=$1}="${2}\n";
} else {
- chomp;
if ($variable) {
s/'$//;
$params{$variable} .= $_;
@@ -5262,9 +5267,17 @@ sub get_params( $ ) {
}
for ( keys %params ) {
- unless ( $_ eq 'SHOREWALL_INIT_SCRIPT' ) {
- fatal_error "The variable name $_ is reserved and may not be set in the params file"
- if /^SW_/ || /^SHOREWALL_/ || ( exists $config{$_} && ! exists $ENV{$_} ) || exists $reserved{$_};
+ if ( /[^\w]/ ) {
+ delete $params{$_};
+ } elsif ( /^(?:SHLVL|OLDPWD)$/ ) {
+ delete $params{$_};
+ } else {
+ unless ( $_ eq 'SHOREWALL_INIT_SCRIPT' ) {
+ fatal_error "The variable name $_ is reserved and may not be set in the params file"
+ if /^SW_/ || /^SHOREWALL_/ || ( exists $config{$_} && ! exists $ENV{$_} ) || exists $reserved{$_};
+ }
+
+ $params{$_} = '' unless defined $params{$_};
}
}
@@ -5314,6 +5327,8 @@ sub export_params() {
next if exists $compiler_params{$param};
my $value = $params{$param};
+
+ chomp $value;
#
# Values in %params are generated from the output of 'export -p'.
# The different shells have different conventions for delimiting
@@ -5324,19 +5339,27 @@ sub export_params() {
$value =~ s/\\"/"/g;
} elsif ( $shell == OLDBASH ) {
$value =~ s/\\'/'/g;
+ $value =~ s/\\"/"/g;
+ $value =~ s/\\\\/\\/g;
} else {
$value =~ s/'"'"'/'/g;
}
#
# Don't export pairs from %ENV
#
- next if defined $ENV{$param} && $value eq $ENV{$param};
+ if ( defined $ENV{$param} ) {
+ next if $value eq $ENV{$param};
+ } elsif ( exists $ENV{$param} ) {
+ next unless supplied $value;
+ }
emit "#\n# From the params file\n#" unless $count++;
#
# We will use double quotes and escape embedded quotes with \.
#
- if ( $value =~ /[\s()['"]/ ) {
+ if ( $value =~ /^"[^"]*"$/ ) {
+ emit "$param=$value";
+ } elsif ( $value =~ /[\s()['"]/ ) {
$value =~ s/"/\\"/g;
emit "$param='$value'";
} else {
diff --git a/Shorewall/manpages/shorewall.xml b/Shorewall/manpages/shorewall.xml
index 570c46985..d808a5ce6 100644
--- a/Shorewall/manpages/shorewall.xml
+++ b/Shorewall/manpages/shorewall.xml
@@ -424,7 +424,7 @@
-options
-
+
@@ -448,7 +448,7 @@
-options
-
+
@@ -472,7 +472,7 @@
-options
-
+
@@ -1522,7 +1522,7 @@
This command was re-implemented in Shorewall 5.0.0. The
pre-5.0.0 reload command is now called
- remote_restart (see below).
+ remote-restart (see below).
Reload is similar to shorewall
start except that it assumes that the firewall is already
@@ -1575,7 +1575,7 @@
- remote_start
+ remote-start
[-] [-] [-
root-user-name] [-]
[-] [ directory ]
@@ -1637,7 +1637,7 @@
- remote_reload
+ remote-reload
[-] [-]
[- root-user-name]
[-] [-] [
@@ -1699,7 +1699,7 @@
- remote_restart
+ remote-restart
[-] [-]
[- root-user-name]
[-] [-] [
diff --git a/Shorewall6/manpages/shorewall6.xml b/Shorewall6/manpages/shorewall6.xml
index 16fa452b2..9ec51fa37 100644
--- a/Shorewall6/manpages/shorewall6.xml
+++ b/Shorewall6/manpages/shorewall6.xml
@@ -378,7 +378,7 @@
-options
-
+
@@ -402,7 +402,7 @@
-options
-
+
@@ -426,7 +426,7 @@
-options
-
+
@@ -1457,7 +1457,7 @@
This command was re-implemented in Shorewall 5.0.0. The
pre-5.0.0 reload command is now called
- remote_restart (see below).
+ remote-restart (see below).
Reload is similar to shorewall6 start
except that it assumes that the firewall is already started.
@@ -1511,7 +1511,7 @@
- remote_reload
+ remote-reload
[-] [-]
[- root-user-name]
[-] [-] [
@@ -1573,7 +1573,7 @@
- remote_ restart
+ remote- restart
[-] [-]
[- root-user-name]
[-] [-] [
@@ -1636,7 +1636,7 @@
- remote_start
+ remote-start
[-] [-] [-
root-user-name] [-]
[-] [ directory ]
diff --git a/docs/Shorewall-5.xml b/docs/Shorewall-5.xml
index 2b50eeb3a..5b27dc171 100644
--- a/docs/Shorewall-5.xml
+++ b/docs/Shorewall-5.xml
@@ -323,7 +323,7 @@
load
The function performed by the Shorewall-4 load
- command is now performed by the remote_start
+ command is now performed by the remote-start
command.
@@ -334,7 +334,7 @@
the same function as the restart command did in
Shorewall 4. The action taken by the Shorewall-4
reload command is now performed by the
- remote_restart command.
+ remote-restart command.
For those that can't get used to the idea of using
reload in place of restart, a
diff --git a/docs/upgrade_issues.xml b/docs/upgrade_issues.xml
index 91c00e3e6..7241bd244 100644
--- a/docs/upgrade_issues.xml
+++ b/docs/upgrade_issues.xml
@@ -37,7 +37,7 @@
Thomas M. Eastep
-
+
@@ -78,6 +78,13 @@
zones.
+
+ Version >= 5.0.0
+
+ See the Shorewall 5
+ documentation.
+
+
Version >= 4.6.0
@@ -85,7 +92,7 @@
Beginning with Shorewall 4.6.0, ection headers are now preceded
by '?' (e.g., '?SECTION ...'). If your configuration contains any bare
- 'SECTION' entries, the following warning is issued:
+ 'SECTION' entries, the following warning is issued:
WARNING: 'SECTION' is deprecated in favor of '?SECTION' - consider running 'shorewall update -D' ...
@@ -111,7 +118,7 @@
- Beginning with Shorewall 4.5.0, FORMAT-1 actions and macros are
+ Beginning with Shorewall 4.5.0, FORMAT-1 actions and macros are
deprecated and a warning will be issued for each FORMAT-1 action or
macro found.
@@ -119,8 +126,8 @@
WARNING: FORMAT-1 macros are deprecated and support will be dropped in a future release.
- To eliminate these warnings, add the following line before the
- first rule in the action or macro:
+ To eliminate these warnings, add the following line before the
+ first rule in the action or macro:
?FORMAT 2
@@ -325,7 +332,7 @@
?ENDIF.
-
+