diff --git a/Shorewall/functions b/Shorewall/functions index 54051140d..499ff952f 100644 --- a/Shorewall/functions +++ b/Shorewall/functions @@ -576,7 +576,7 @@ mktempdir() { # Not all versions of the BSD mktemp support the -d option under Linux # qt rm -rf /tmp/shorewall-$$ - mkdir -p /tmp/shorewall-$$ chmod 700 /tmp/shorewall-$$ && echo /tmp/shorewall-$$ + mkdir -p /tmp/shorewall-$$ && chmod 700 /tmp/shorewall-$$ && echo /tmp/shorewall-$$ ;; *) error_message "ERROR:Internal error in mktempdir" diff --git a/Shorewall/help b/Shorewall/help index 230ecddc3..da87a9e43 100755 --- a/Shorewall/help +++ b/Shorewall/help @@ -121,6 +121,27 @@ dump) When -x is given, that option is also passed to iptables to display actual packet and byte counts." ;; +export) + echo "export: export [ ] + + If is omitted, then the current working directory is assumed. + + Causes the shorewall configuration in to be compiled into a + program called '/firewall'. If compilation is successful, + the '/firewall' script is copied via scp to the specified + + + is of the form [user@]:[] + + Example: + + shorewall export admin@gateway:~ + + This command would compile the configuration in the current working directory + then copy the 'firewall' (and firewall.conf) files to admin's home directory + on system 'gateway'" + ;; + forget) echo "forget: forget [ ] Deletes /var/lib/shorewall/. If no is given then diff --git a/Shorewall/install.sh b/Shorewall/install.sh index a432c5a28..fc46e7696 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -266,7 +266,7 @@ chmod 755 ${PREFIX}/usr/share/shorewall/configfiles # run_install $OWNERSHIP -m 0644 shorewall.conf ${PREFIX}/usr/share/shorewall/configfiles/shorewall.conf -qt mywhich perl && perl -p -w -i -e 's|^CONFIG_PATH=.*|CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall|;' /usr/share/shorewall/configfiles/shorewall.conf +qt mywhich perl && perl -p -w -i -e 's|^CONFIG_PATH=.*|CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall|;' ${PREFIX}/usr/share/shorewall/configfiles/shorewall.conf if [ ! -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then run_install $OWNERSHIP -m 0644 shorewall.conf ${PREFIX}/etc/shorewall/shorewall.conf diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 066284f72..a697efab9 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -1377,6 +1377,71 @@ reload_command() # $* = original arguments less the command. fi fi } + +# +# Export command executor +# +export_command() # $* = original arguments less the command. +{ + local verbose=$(make_verbose) file= finished=0 directory target + + while [ $finished -eq 0 -a $# -gt 0 ]; do + option=$1 + case $option in + -*) + option=${option#-} + + while [ -n "$option" ]; do + case $option in + -) + finished=1 + option= + ;; + *) + usage 1 + ;; + esac + done + shift + ;; + *) + finished=1 + ;; + esac + done + + case $# in + 1) + directory="." + target=$1 + ;; + 2) + directory=$1 + target=$2 + ;; + *) + usage 1 + ;; + esac + + case $target in + *:*) + ;; + *) + fatal_error "Target must be of the form [user@]:[]" + ;; + esac + + file=$(resolve_file $directory/firewall) + + if shorewall $debugging $verbose compile -e $directory $directory/firewall && \ + echo "Copying $file and ${file}.conf to ${target#*@}..." && \ + scp $directory/firewall $directory/firewall.conf $target + then + progress_message3 "Copy complete" + fi +} + # # Help information # @@ -1399,6 +1464,7 @@ usage() # $1 = exit status echo " compile [ -e ] [ ] " echo " drop
..." echo " dump [ -x ]" + echo " export [ ] [@]:[]" echo " forget [ ]" echo " help [ | host | address ]" echo " hits" @@ -1717,6 +1783,10 @@ case "$COMMAND" in shift reload_command $@ ;; + export) + shift + export_command $@ + ;; status) [ $# -eq 1 ] || usage 1 echo "Shorewall-$version Status at $HOSTNAME - $(date)"