Add 'routestopped' file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-07-11 00:01:45 +00:00
parent 0665db84e1
commit 45e4750219
7 changed files with 47 additions and 2 deletions

View File

@ -91,6 +91,8 @@ restore_file /etc/shorewall/params
restore_file /etc/shorewall/proxyarp
restore_file /etc/shorewall/routestopped
restore_file /etc/shorewall/masq
restore_file /etc/shorewall/modules

View File

@ -1015,6 +1015,12 @@ stop_firewall() {
hosts="`find_hosts_by_option routestopped`"
strip_file routestopped
while read interface host; do
hosts="$hosts $interface:${host:-0.0.0.0/0}"
done < $TMP_DIR/routestopped
for host in $hosts; do
interface=${host%:*}
subnet=${host#*:}

View File

@ -30,7 +30,9 @@
# OPTIONS - A comma-separated list of options. Currently-defined
# options are:
#
# routestopped - route messages to and from this
# routestopped - (Deprecated -- use
# /etc/shorewall/routestopped)
# route messages to and from this
# member when the firewall is in the
# stopped state
#

View File

@ -360,6 +360,15 @@ else
echo -e "\nProxy ARP file installed as ${PREFIX}/etc/shorewall/proxyarp"
fi
#
# Install the Stopped Routing file
#
if [ -f ${PREFIX}/etc/shorewall/routestopped ]; then
backup_file /etc/shorewall/routestopped
else
run_install -o $OWNER -g $GROUP -m 0600 routestopped ${PREFIX}/etc/shorewall/routestopped
echo -e "\nStopped Routing file installed as ${PREFIX}/etc/shorewall/routestopped"
fi
#
# Install the Masq file
#
if [ -f ${PREFIX}/etc/shorewall/masq ]; then

View File

@ -48,7 +48,9 @@
# requests. 'filterping' takes
# precedence over 'noping' if both are
# given.
# routestopped - When the firewall is stopped, allow
# routestopped - (Deprecated -- use
# /etc/shorewall/routestopped)
# When the firewall is stopped, allow
# and route traffic to and from this
# interface.
# norfc1918 - This interface should not receive

21
Shorewall/routestopped Normal file
View File

@ -0,0 +1,21 @@
##############################################################################
#
# Shorewall 1.3 -- Hosts Accessible when the Firewall is Stopped
#
# /etc/shorewall/routestopped
#
# This file is used to define the hosts that are accessible when the firewall is stopped
#
# Columns must be separated by white space and are:
#
# INTERFACE - Interface through which host(s) communicate with the firewall
# HOST(S) - Comma-separated list of IP/subnet addresses.
#
# Example:
#
# INTERFACE HOST(S)
# eth2 192.168.1.0/24
# eth0 192.0.2.44
##############################################################################
#INTERFACE HOST(S)
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

View File

@ -64,6 +64,7 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
%attr(0600,root,root) %config(noreplace) /etc/shorewall/nat
%attr(0600,root,root) %config(noreplace) /etc/shorewall/params
%attr(0600,root,root) %config(noreplace) /etc/shorewall/proxyarp
%attr(0600,root,root) %config(noreplace) /etc/shorewall/routestopped
%attr(0600,root,root) %config(noreplace) /etc/shorewall/masq
%attr(0600,root,root) %config(noreplace) /etc/shorewall/modules
%attr(0600,root,root) %config(noreplace) /etc/shorewall/tcrules
@ -79,6 +80,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog
* Web Jul 10 2002 Tom Eastep <tom@shorewall.net>
- Added 'routestopped' configuration file.
* Fri Jul 05 2002 Tom Eastep <tom@shorewall.net>
- Changed version to 1.3.3
* Sat Jun 15 2002 Tom Eastep <tom@shorewall.net>