diff --git a/Shorewall-core/install.sh b/Shorewall-core/install.sh
index c40b8a2f8..445136f08 100755
--- a/Shorewall-core/install.sh
+++ b/Shorewall-core/install.sh
@@ -66,15 +66,6 @@ mywhich() {
return 2
}
-run_install()
-{
- if ! install $*; then
- echo
- echo "ERROR: Failed to install $*" >&2
- exit 1
- fi
-}
-
cant_autostart()
{
echo
@@ -88,7 +79,20 @@ delete_file() # $1 = file to delete
install_file() # $1 = source $2 = target $3 = mode
{
- run_install $T $OWNERSHIP -m $3 $1 ${2}
+ if cp -f $1 $2; then
+ if chmod $3 $2; then
+ if [ -n "$OWNER" ]; then
+ if chown $OWNER:$GROUP $2; then
+ return
+ fi
+ else
+ return 0
+ fi
+ fi
+ fi
+
+ echo "ERROR: Failed to install $2" >&2
+ exit 1
}
require()
@@ -133,8 +137,6 @@ while [ $finished -eq 0 ]; do
esac
done
-[ -n $(mywhich install) ] || fatal_error "This installer requires the 'install' utility"
-
#
# Read the RC file
#
@@ -183,10 +185,6 @@ done
[ "${INITFILE}" != 'none/' ] && require INITSOURCE && require INITDIR
-T="-T"
-
-INSTALLD='-D'
-
if [ -z "$BUILD" ]; then
case $(uname) in
cygwin*|CYGWIN*)
@@ -228,6 +226,8 @@ if [ -z "$BUILD" ]; then
BUILD=suse
elif [ -f /etc/arch-release ] ; then
BUILD=archlinux
+ elif [ -f ${CONFDIR}/openwrt-release ] ; then
+ BUILD=openwrt
else
BUILD=linux
fi
@@ -254,17 +254,15 @@ case $BUILD in
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=wheel
- INSTALLD=
- T=
;;
*)
- [ -z "$OWNER" ] && OWNER=root
- [ -z "$GROUP" ] && GROUP=root
+ if [ $(id -n) -eq 0 ]; then
+ [ -z "$OWNER" ] && OWNER=root
+ [ -z "$GROUP" ] && GROUP=root
+ fi
;;
esac
-OWNERSHIP="-o $OWNER -g $GROUP"
-
#
# Determine where to install the firewall script
#
@@ -307,7 +305,6 @@ if [ -n "$DESTDIR" ]; then
if [ $BUILD != cygwin ]; then
if [ `id -u` != 0 ] ; then
echo "Not setting file owner/group permissions, not running as root."
- OWNERSHIP=""
fi
fi
fi
diff --git a/Shorewall-core/shorewallrc b/Shorewall-core/shorewallrc
new file mode 100644
index 000000000..db2b7c840
--- /dev/null
+++ b/Shorewall-core/shorewallrc
@@ -0,0 +1,26 @@
+#
+# Created by Shorewall Core version 4.6.12 configure - Wed Nov 4 12:18:09 PST 2015
+#
+# Input: HOST=openwrt
+#
+HOST=openwrt
+PREFIX=/usr
+SHAREDIR=${PREFIX}/share
+LIBEXECDIR=${PREFIX}/share
+PERLLIBDIR=${PREFIX}/share/shorewall
+CONFDIR=/etc
+SBINDIR=/sbin
+MANDIR=${PREFIX}/man
+INITDIR=/etc/init.d
+INITSOURCE=init.openwrt.sh
+INITFILE=$PRODUCT
+AUXINITSOURCE=
+AUXINITFILE=
+SERVICEDIR=
+SERVICEFILE=
+SYSCONFFILE=default.openwrt
+SYSCONFDIR=${CONFDIR}/sysconfig
+SPARSE=
+ANNOTATED=
+VARLIB=/lib
+VARDIR=${VARLIB}/$PRODUCT
diff --git a/Shorewall-core/shorewallrc.openwrt b/Shorewall-core/shorewallrc.openwrt
new file mode 100644
index 000000000..249862076
--- /dev/null
+++ b/Shorewall-core/shorewallrc.openwrt
@@ -0,0 +1,26 @@
+#
+# Created by Shorewall Core version 5.0.2-Beta2 configure - Mon, Nov 02, 2015 8:13:14 AM
+#
+# Input: host=default initsource=init.openwrt.sh sysconfdir=${CONFDIR}/sysconfig sysconffile=default.openwrt varlib=/lib
+#
+HOST=linux
+PREFIX=/usr
+SHAREDIR=${PREFIX}/share
+LIBEXECDIR=${PREFIX}/share
+PERLLIBDIR=${PREFIX}/share/shorewall
+CONFDIR=/etc
+SBINDIR=/sbin
+MANDIR=${PREFIX}/man
+INITDIR=/etc/init.d
+INITSOURCE=init.openwrt.sh
+INITFILE=$PRODUCT
+AUXINITSOURCE=
+AUXINITFILE=
+SERVICEDIR=
+SERVICEFILE=
+SYSCONFFILE=default.openwrt
+SYSCONFDIR=${CONFDIR}/sysconfig
+SPARSE=
+ANNOTATED=
+VARLIB=/lib
+VARDIR=${VARLIB}/$PRODUCT
diff --git a/Shorewall-lite/default.openwrt b/Shorewall-lite/default.openwrt
new file mode 100644
index 000000000..df4440bf9
--- /dev/null
+++ b/Shorewall-lite/default.openwrt
@@ -0,0 +1,25 @@
+# sysV init file script configuration(/etc/sysconfdir/shorewall-lite)
+
+# startup option(default "-vvv")
+OPTIONS=
+
+# change default start run level(if none empty; /etc/init.d/shorewall-lite enable)
+START=50
+
+# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable)
+STOP=
+
+# option to pass when shorewall start is executed
+STARTOPTIONS=
+
+# option to pass when shorewall restart is executed
+RESTARTOPTIONS=
+
+# option to pass when shorewall reload is executed
+RELOADOPTIONS=
+
+# option to pass when shorewall stop is executed
+STOPOPTIONS=
+
+# option to pass when shorewall status is executed
+STATUSOPTIONS=
diff --git a/Shorewall-lite/init.openwrt.sh b/Shorewall-lite/init.openwrt.sh
new file mode 100755
index 000000000..68c2c73ab
--- /dev/null
+++ b/Shorewall-lite/init.openwrt.sh
@@ -0,0 +1,98 @@
+#!/bin/sh /etc/rc.common
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012,2014 - Tom Eastep (teastep@shorewall.net)
+# (c) 2015 - Matt Darfeuille - (matdarf@gmail.com)
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is part of Shorewall.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by the
+# Free Software Foundation, either version 2 of the license or, at your
+# option, any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see .
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall-lite start Starts the firewall
+# shorewall-lite restart Restarts the firewall
+# shorewall-lite reload Reload the firewall
+# (same as restart)
+# shorewall-lite stop Stops the firewall
+# shorewall-lite status Displays firewall status
+#
+
+# description: Packet filtering firewall
+
+# openwrt stuph
+# start and stop runlevel variable
+#START=21
+#STOP=91
+# variable to display what the status command do when /etc/init.d/shorewall-lite is invoke without argument
+EXTRA_COMMANDS="status"
+EXTRA_HELP="Displays shorewall status"
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS="-vvv"
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+if [ -f ${SYSCONFDIR}/shorewall-lite ]; then
+ . ${SYSCONFDIR}/shorewall-lite
+fi
+
+START=${START:-21}
+STOP=${STOP:-91}
+
+SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+# arg1 of init script is arg2 when rc.common is sourced; set to action variable
+command="$action"
+
+start() {
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STARTOPTIONS:-$@}
+}
+
+boot() {
+local command="start"
+start
+}
+
+restart() {
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${RESTARTOPTIONS:-$@}
+}
+
+reload() {
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${RELOADOPTION:-$@}
+}
+
+stop() {
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STOPOPTIONS:-$@}
+}
+
+status() {
+ exec ${SBINDIR}/shorewall-lite $OPTIONS $command ${STATUSOPTIONS:-$@}
+}
diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh
index 239a2be0e..291aa79bf 100755
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@@ -67,15 +67,6 @@ mywhich() {
return 2
}
-run_install()
-{
- if ! install $*; then
- echo
- echo "ERROR: Failed to install $*" >&2
- exit 1
- fi
-}
-
cant_autostart()
{
echo
@@ -89,7 +80,28 @@ delete_file() # $1 = file to delete
install_file() # $1 = source $2 = target $3 = mode
{
- run_install $T $OWNERSHIP -m $3 $1 ${2}
+ if cp -f $1 $2; then
+ if chmod $3 $2; then
+ if [ -n "$OWNER" ]; then
+ if chown $OWNER:$GROUP $2; then
+ return
+ fi
+ else
+ return 0
+ fi
+ fi
+ fi
+
+ echo "ERROR: Failed to install $2" >&2
+ exit 1
+}
+
+make_directory() # $1 = directory , $2 = mode
+{
+ mkdir -p $1
+ chmod 755 $1
+ [ -n "$OWNERSHIP" ] && chown $OWNERSHIP $1
+
}
require()
@@ -151,8 +163,6 @@ while [ $finished -eq 0 ] ; do
esac
done
-[ -n $(mywhich install) ] || fatal_error "This installer requires the 'install' utility"
-
#
# Read the RC file
#
@@ -203,8 +213,6 @@ PATH=${SBINDIR}:/bin:/usr${SBINDIR}:/usr/bin:/usr/local/bin:/usr/local${SBINDIR}
# Determine where to install the firewall script
#
cygwin=
-INSTALLD='-D'
-T='-T'
if [ -z "$BUILD" ]; then
case $(uname) in
@@ -247,6 +255,8 @@ if [ -z "$BUILD" ]; then
BUILD=slackware
elif [ -f ${CONFDIR}/arch-release ] ; then
BUILD=archlinux
+ elif [ -f ${CONFDIR}/openwrt-release ] ; then
+ BUILD=openwrt
else
BUILD=linux
fi
@@ -262,16 +272,16 @@ case $BUILD in
apple)
[ -z "$OWNER" ] && OWNER=root
[ -z "$GROUP" ] && GROUP=wheel
- INSTALLD=
- T=
;;
*)
- [ -z "$OWNER" ] && OWNER=root
- [ -z "$GROUP" ] && GROUP=root
+ if [ $(id -n) -eq 0 ]; then
+ [ -z "$OWNER" ] && OWNER=root
+ [ -z "$GROUP" ] && GROUP=root
+ fi
;;
esac
-OWNERSHIP="-o $OWNER -g $GROUP"
+[ -n "$OWNER" ] && OWNERSHIP="$OWNER:$GROUP"
[ -n "$HOST" ] || HOST=$BUILD
@@ -302,6 +312,9 @@ case "$HOST" in
suse)
echo "Installing Suse-specific configuration..."
;;
+ openwrt)
+ echo "Installing OpenWRT-specific configuration..."
+ ;;
linux)
;;
*)
@@ -318,8 +331,9 @@ if [ -n "$DESTDIR" ]; then
OWNERSHIP=""
fi
- install -d $OWNERSHIP -m 755 ${DESTDIR}${SBINDIR}
- install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
+ make_directory ${DESTDIR}${SBINDIR} 755
+ make_directory ${DESTDIR}${INITDIR} 755
+
else
if [ ! -f ${SHAREDIR}/shorewall/coreversion ]; then
echo "$PRODUCT $VERSION requires Shorewall Core which does not appear to be installed" >&2
@@ -359,7 +373,7 @@ fi
delete_file ${DESTDIR}/usr/share/$PRODUCT/xmodules
install_file $PRODUCT ${DESTDIR}${SBINDIR}/$PRODUCT 0544
-[ -n "${INITFILE}" ] && install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
+[ -n "${INITFILE}" ] && make_directory ${DESTDIR}${INITDIR} 755
echo "$Product control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT"
@@ -401,7 +415,7 @@ fi
if [ -n "$SERVICEDIR" ]; then
mkdir -p ${DESTDIR}${SERVICEDIR}
[ -z "$SERVICEFILE" ] && SERVICEFILE=$PRODUCT.service
- run_install $OWNERSHIP -m 644 $SERVICEFILE ${DESTDIR}${SERVICEDIR}/$PRODUCT.service
+ install_file $SERVICEFILE ${DESTDIR}${SERVICEDIR}/$PRODUCT.service 644
[ ${SBINDIR} != /sbin ] && eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${SERVICEDIR}/$PRODUCT.service
echo "Service file $SERVICEFILE installed as ${DESTDIR}${SERVICEDIR}/$PRODUCT.service"
fi
@@ -423,7 +437,7 @@ fi
#
# Install the Makefile
#
-run_install $OWNERSHIP -m 0600 Makefile ${DESTDIR}${CONFDIR}/$PRODUCT
+install_file Makefile ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile 0600
[ $SHAREDIR = /usr/share ] || eval sed -i \'s\|/usr/share/\|${SHAREDIR}/\|\' ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile
[ $SBINDIR = /sbin ] || eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile
echo "Makefile installed as ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile"
@@ -463,17 +477,17 @@ echo "Capability file builder installed in ${DESTDIR}${LIBEXECDIR}/$PRODUCT/shor
#
if [ -f modules ]; then
- run_install $OWNERSHIP -m 0600 modules ${DESTDIR}${SHAREDIR}/$PRODUCT
+ install_file modules ${DESTDIR}${SHAREDIR}/$PRODUCT/modules 0600
echo "Modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/modules"
fi
if [ -f helpers ]; then
- run_install $OWNERSHIP -m 0600 helpers ${DESTDIR}${SHAREDIR}/$PRODUCT
+ install_file helpers ${DESTDIR}${SHAREDIR}/$PRODUCT/helpers 600
echo "Helper modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/helpers"
fi
for f in modules.*; do
- run_install $OWNERSHIP -m 0644 $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f
+ install_file $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f 644
echo "Module file $f installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/$f"
done
@@ -484,17 +498,17 @@ done
if [ -d manpages ]; then
cd manpages
- [ -n "$INSTALLD" ] || mkdir -p ${DESTDIR}${MANDIR}/man5/ ${DESTDIR}${MANDIR}/man8/
+ mkdir -p ${DESTDIR}${MANDIR}/man5/ ${DESTDIR}${MANDIR}/man8/
for f in *.5; do
gzip -c $f > $f.gz
- run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz
+ install_file $f.gz ${DESTDIR}${MANDIR}/man5/$f.gz 644
echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man5/$f.gz"
done
for f in *.8; do
gzip -c $f > $f.gz
- run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz
+ install_file $f.gz ${DESTDIR}${MANDIR}/man8/$f.gz 644
echo "Man page $f.gz installed to ${DESTDIR}${MANDIR}/man8/$f.gz"
done
@@ -504,7 +518,7 @@ if [ -d manpages ]; then
fi
if [ -d ${DESTDIR}${CONFDIR}/logrotate.d ]; then
- run_install $OWNERSHIP -m 0644 logrotate ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT
+ install_file logrotate ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT 644
echo "Logrotate file installed as ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT"
fi
@@ -535,7 +549,7 @@ if [ -n "$SYSCONFFILE" -a -f "$SYSCONFFILE" -a ! -f ${DESTDIR}${SYSCONFDIR}/${PR
chmod 755 ${DESTDIR}${SYSCONFDIR}
fi
- run_install $OWNERSHIP -m 0644 ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}
+ install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}
echo "$SYSCONFFILE installed in ${DESTDIR}${SYSCONFDIR}/${PRODUCT}"
fi
diff --git a/Shorewall6-lite/default.openwrt b/Shorewall6-lite/default.openwrt
new file mode 100644
index 000000000..df4440bf9
--- /dev/null
+++ b/Shorewall6-lite/default.openwrt
@@ -0,0 +1,25 @@
+# sysV init file script configuration(/etc/sysconfdir/shorewall-lite)
+
+# startup option(default "-vvv")
+OPTIONS=
+
+# change default start run level(if none empty; /etc/init.d/shorewall-lite enable)
+START=50
+
+# change default stop run level(if none empty; /etc/init.d/shorewall-lite enable)
+STOP=
+
+# option to pass when shorewall start is executed
+STARTOPTIONS=
+
+# option to pass when shorewall restart is executed
+RESTARTOPTIONS=
+
+# option to pass when shorewall reload is executed
+RELOADOPTIONS=
+
+# option to pass when shorewall stop is executed
+STOPOPTIONS=
+
+# option to pass when shorewall status is executed
+STATUSOPTIONS=
diff --git a/Shorewall6-lite/init.openwrt.sh b/Shorewall6-lite/init.openwrt.sh
new file mode 100755
index 000000000..29c4b1749
--- /dev/null
+++ b/Shorewall6-lite/init.openwrt.sh
@@ -0,0 +1,98 @@
+#!/bin/sh /etc/rc.common
+#
+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5
+#
+# (c) 1999,2000,2001,2002,2003,2004,2005,2006,2007,2012,2014 - Tom Eastep (teastep@shorewall.net)
+# (c) 2015 - Matt Darfeuille - (matdarf@gmail.com)
+#
+# On most distributions, this file should be called /etc/init.d/shorewall.
+#
+# Complete documentation is available at http://shorewall.net
+#
+# This program is part of Shorewall.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by the
+# Free Software Foundation, either version 2 of the license or, at your
+# option, any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see .
+#
+# If an error occurs while starting or restarting the firewall, the
+# firewall is automatically stopped.
+#
+# Commands are:
+#
+# shorewall6-lite start Starts the firewall
+# shorewall6-lite restart Restarts the firewall
+# shorewall6-lite reload Reload the firewall
+# (same as restart)
+# shorewall6-lite stop Stops the firewall
+# shorewall6-lite status Displays firewall status
+#
+
+# description: Packet filtering firewall
+
+# openwrt stuph
+# start and stop runlevel variable
+#START=21
+#STOP=91
+# variable to display what the status command do when /etc/init.d/shorewall6-lite is invoke without argument
+EXTRA_COMMANDS="status"
+EXTRA_HELP="Displays shorewall status"
+
+################################################################################
+# Get startup options (override default)
+################################################################################
+OPTIONS="-vvv"
+
+#
+# The installer may alter this
+#
+. /usr/share/shorewall/shorewallrc
+
+if [ -f ${SYSCONFDIR}/shorewall6-lite ]; then
+ . ${SYSCONFDIR}/shorewall6-lite
+fi
+
+START=${START:-21}
+STOP=${STOP:-91}
+
+SHOREWALL_INIT_SCRIPT=1
+
+################################################################################
+# E X E C U T I O N B E G I N S H E R E #
+################################################################################
+# arg1 of init script is arg2 when rc.common is sourced; set to action variable
+command="$action"
+
+start() {
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STARTOPTIONS:-$@}
+}
+
+boot() {
+local command="start"
+start
+}
+
+restart() {
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${RESTARTOPTIONS:-$@}
+}
+
+reload() {
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${RELOADOPTION:-$@}
+}
+
+stop() {
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STOPOPTIONS:-$@}
+}
+
+status() {
+ exec ${SBINDIR}/shorewall6-lite $OPTIONS $command ${STATUSOPTIONS:-$@}
+}