mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 06:38:53 +01:00
Add 'routestopped' file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
0665db84e1
commit
45e4750219
@ -91,6 +91,8 @@ restore_file /etc/shorewall/params
|
||||
|
||||
restore_file /etc/shorewall/proxyarp
|
||||
|
||||
restore_file /etc/shorewall/routestopped
|
||||
|
||||
restore_file /etc/shorewall/masq
|
||||
|
||||
restore_file /etc/shorewall/modules
|
||||
|
@ -1015,6 +1015,12 @@ stop_firewall() {
|
||||
|
||||
hosts="`find_hosts_by_option routestopped`"
|
||||
|
||||
strip_file routestopped
|
||||
|
||||
while read interface host; do
|
||||
hosts="$hosts $interface:${host:-0.0.0.0/0}"
|
||||
done < $TMP_DIR/routestopped
|
||||
|
||||
for host in $hosts; do
|
||||
interface=${host%:*}
|
||||
subnet=${host#*:}
|
||||
|
@ -30,7 +30,9 @@
|
||||
# OPTIONS - A comma-separated list of options. Currently-defined
|
||||
# options are:
|
||||
#
|
||||
# routestopped - route messages to and from this
|
||||
# routestopped - (Deprecated -- use
|
||||
# /etc/shorewall/routestopped)
|
||||
# route messages to and from this
|
||||
# member when the firewall is in the
|
||||
# stopped state
|
||||
#
|
||||
|
@ -360,6 +360,15 @@ else
|
||||
echo -e "\nProxy ARP file installed as ${PREFIX}/etc/shorewall/proxyarp"
|
||||
fi
|
||||
#
|
||||
# Install the Stopped Routing file
|
||||
#
|
||||
if [ -f ${PREFIX}/etc/shorewall/routestopped ]; then
|
||||
backup_file /etc/shorewall/routestopped
|
||||
else
|
||||
run_install -o $OWNER -g $GROUP -m 0600 routestopped ${PREFIX}/etc/shorewall/routestopped
|
||||
echo -e "\nStopped Routing file installed as ${PREFIX}/etc/shorewall/routestopped"
|
||||
fi
|
||||
#
|
||||
# Install the Masq file
|
||||
#
|
||||
if [ -f ${PREFIX}/etc/shorewall/masq ]; then
|
||||
|
@ -48,7 +48,9 @@
|
||||
# requests. 'filterping' takes
|
||||
# precedence over 'noping' if both are
|
||||
# given.
|
||||
# routestopped - When the firewall is stopped, allow
|
||||
# routestopped - (Deprecated -- use
|
||||
# /etc/shorewall/routestopped)
|
||||
# When the firewall is stopped, allow
|
||||
# and route traffic to and from this
|
||||
# interface.
|
||||
# norfc1918 - This interface should not receive
|
||||
|
21
Shorewall/routestopped
Normal file
21
Shorewall/routestopped
Normal file
@ -0,0 +1,21 @@
|
||||
##############################################################################
|
||||
#
|
||||
# Shorewall 1.3 -- Hosts Accessible when the Firewall is Stopped
|
||||
#
|
||||
# /etc/shorewall/routestopped
|
||||
#
|
||||
# This file is used to define the hosts that are accessible when the firewall is stopped
|
||||
#
|
||||
# Columns must be separated by white space and are:
|
||||
#
|
||||
# INTERFACE - Interface through which host(s) communicate with the firewall
|
||||
# HOST(S) - Comma-separated list of IP/subnet addresses.
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# INTERFACE HOST(S)
|
||||
# eth2 192.168.1.0/24
|
||||
# eth0 192.0.2.44
|
||||
##############################################################################
|
||||
#INTERFACE HOST(S)
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
@ -64,6 +64,7 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/nat
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/params
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/proxyarp
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/routestopped
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/masq
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/modules
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/tcrules
|
||||
@ -79,6 +80,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
|
||||
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
|
||||
|
||||
%changelog
|
||||
* Web Jul 10 2002 Tom Eastep <tom@shorewall.net>
|
||||
- Added 'routestopped' configuration file.
|
||||
* Fri Jul 05 2002 Tom Eastep <tom@shorewall.net>
|
||||
- Changed version to 1.3.3
|
||||
* Sat Jun 15 2002 Tom Eastep <tom@shorewall.net>
|
||||
|
Loading…
Reference in New Issue
Block a user