Add SAFESTOP setting to /etc/default/shorewall*.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-18 11:38:14 +01:00 · 2010-05-25 07:16:02 -07:00 · 2010-05-25 07:16:02 -07:00 · 3db31f2f65
commit 3db31f2f65
parent b972de959e
9 changed files with 61 additions and 5 deletions
--- a/Shorewall-lite/default.debian
+++ b/Shorewall-lite/default.debian
@ -26,4 +26,11 @@ OPTIONS=""
 #
 INITLOG=/dev/null
 #
 # Set this to 1 to cause '/etc/init.d/shorewall-lite stop' to place the firewall in
 # a safe state rather than to open it
 #
 SAFESTOP=0
 # EOF
--- a/Shorewall-lite/init.debian.sh
+++ b/Shorewall-lite/init.debian.sh
@ -88,7 +88,11 @@ shorewall_start () {
 # stop the firewall
 shorewall_stop () {
  echo -n "Stopping \"Shorewall firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
 }
--- a/Shorewall/default.debian
+++ b/Shorewall/default.debian
@ -26,4 +26,11 @@ OPTIONS=""
 #
 INITLOG=/dev/null
 #
 # Set this to 1 to cause '/etc/init.d/shorewall stop' to place the firewall in
 # a safe state rather than to open it
 #
 SAFESTOP=0
 # EOF
--- a/Shorewall/init.debian.sh
+++ b/Shorewall/init.debian.sh
@ -93,7 +93,11 @@ shorewall_start () {
 # stop the firewall
 shorewall_stop () {
  echo -n "Stopping \"Shorewall firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
 }
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -358,6 +358,13 @@ None.
    Shorewall-init may be installed on Debian-based systems, SuSE-based
    systems and RedHat-based systems.
    On Debian-based systems, during system shutdown the firewall is
    opened prior to network shutdown (/etc/init.d/shorewall stop
    performs a 'clear' operation rather than a 'stop'). This is
    required by Debian standards. You can change this default behavior
    by setting SAFESTOP=1 in /etc/default/shorewall
    (/etc/default/shorewall6, ...).
 ----------------------------------------------------------------------------
 V I.  P R O B L E M S  C O R R E C T E D  A N D  N E W   F E A T U R E S
      I N   P R I O R  R E L E A S E S
--- a/Shorewall6-lite/default.debian
+++ b/Shorewall6-lite/default.debian
@ -26,4 +26,11 @@ OPTIONS=""
 #
 INITLOG=/dev/null
 #
 # Set this to 1 to cause '/etc/init.d/shorewall6-lite stop' to place the firewall in
 # a safe state rather than to open it
 #
 SAFESTOP=0
 # EOF
--- a/Shorewall6-lite/init.debian.sh
+++ b/Shorewall6-lite/init.debian.sh
@ -88,7 +88,11 @@ shorewall6_start () {
 # stop the firewall
 shorewall6_stop () {
  echo -n "Stopping \"Shorewall6 Lite firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
 }
--- a/Shorewall6/default.debian
+++ b/Shorewall6/default.debian
@ -21,4 +21,16 @@ startup=0
 OPTIONS=""
 #
 # Init Log -- if /dev/null, use the STARTUP_LOG defined in shorewall.conf
 #
 INITLOG=/dev/null
 #
 # Set this to 1 to cause '/etc/init.d/shorewall6 stop' to place the firewall in
 # a safe state rather than to open it
 #
 SAFESTOP=0
 # EOF
--- a/Shorewall6/init.debian.sh
+++ b/Shorewall6/init.debian.sh
@ -93,7 +93,11 @@ shorewall6_start () {
 # stop the firewall
 shorewall6_stop () {
  echo -n "Stopping \"Shorewall6 firewall\": "
  if [ "$SAFESTOP" = 1 ]; then
      $SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
  else
      $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
  fi
  return 0
 }