From 402e155148abb428d80b6b3205d5edbf2df9fee3 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Fri, 1 Jun 2012 14:01:58 -0700
Subject: [PATCH] More Shorewall-init fixes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall-init/ifupdown.sh            |  6 -----
 Shorewall/Perl/Shorewall/Providers.pm | 32 ++++++++++++++++-----------
 Shorewall/Perl/Shorewall/Zones.pm     | 17 ++++++++++++++
 3 files changed, 36 insertions(+), 19 deletions(-)

diff --git a/Shorewall-init/ifupdown.sh b/Shorewall-init/ifupdown.sh
index 933dca20c..f58a41d09 100644
--- a/Shorewall-init/ifupdown.sh
+++ b/Shorewall-init/ifupdown.sh
@@ -106,12 +106,6 @@ if [ -f /etc/debian_version ]; then
 	    else
 		exit 0
 	    fi
-
-	    case "$PHASE" in
-		post-*)
-		    exit 0
-		    ;;
-	    esac
 	    ;;
     esac
 elif [ -f /etc/SuSE-release ]; then
diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm
index f88d121b3..15d3cec67 100644
--- a/Shorewall/Perl/Shorewall/Providers.pm
+++ b/Shorewall/Perl/Shorewall/Providers.pm
@@ -1539,19 +1539,25 @@ sub compile_updown() {
 	}
     }
 
-    emit( "*)",
-	  '    case $state in',
-	  '        started)',
-	  '            COMMAND=restart',
-	  '            progress_message3 "$g_product attempting restart"',
-	  '            detect_configuration',
-	  '            define_firewall',
-	  '            ;;',
-	  '        *)',
-	  '            progress_message3 "$COMMAND on interface $1 ignored"',
-	  '            ;;',
-	  '    esac',
-	);
+    if ( my @plain_interfaces = all_plain_interfaces ) {
+	my $interfaces = join ( '|', map get_physical( $_ ), @plain_interfaces );
+
+	$interfaces =~ s/\+/*/g;
+	
+	emit( "$interfaces)",
+	      '    case $state in',
+	      '        started)',
+	      '            COMMAND=restart',
+	      '            progress_message3 "$g_product attempting restart"',
+	      '            detect_configuration',
+	      '            define_firewall',
+	      '            ;;',
+	      '        *)',
+	      '            progress_message3 "$COMMAND on interface $1 ignored"',
+	      '            ;;',
+	      '    esac',
+	    );
+    }
 
     pop_indent;
 
diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm
index 46c718dfa..be033475d 100644
--- a/Shorewall/Perl/Shorewall/Zones.pm
+++ b/Shorewall/Perl/Shorewall/Zones.pm
@@ -62,6 +62,7 @@ our @EXPORT = qw( NOTHING
 		  validate_interfaces_file
 		  all_interfaces
 		  all_real_interfaces
+		  all_plain_interfaces
 		  all_bridges
 		  interface_number
 		  find_interface
@@ -72,6 +73,7 @@ our @EXPORT = qw( NOTHING
 		  port_to_bridge
 		  source_port_to_bridge
 		  interface_is_optional
+		  interface_is_required
 		  find_interfaces_by_option
 		  find_interfaces_by_option1
 		  get_interface_option
@@ -1417,6 +1419,21 @@ sub interface_is_optional($) {
     $optionsref && $optionsref->{optional};
 }
 
+#
+# Return the 'required' setting of the passed interface
+#
+sub interface_is_required($) {
+    my $optionsref = $interfaces{$_[0]}{options};
+    $optionsref && $optionsref->{required};
+}
+
+#
+# Return a list of real interfaces that are neither 
+#
+sub all_plain_interfaces() {
+    grep ! ( $_ eq '%vserver%' || interface_is_optional($_) || interface_is_required($_) ), @interfaces;
+}
+
 #
 # Returns reference to array of interfaces with the passed option
 #