From 48502e75bbbecfcbcd8b07111ad58a7da86a5131 Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 28 Jul 2005 20:22:25 +0000 Subject: [PATCH] Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/firewall | 11 ++++++++++- Shorewall/releasenotes.txt | 34 ++++++++++++++++++---------------- 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/Shorewall/firewall b/Shorewall/firewall index aa6a80a93..1d443fbee 100755 --- a/Shorewall/firewall +++ b/Shorewall/firewall @@ -8758,9 +8758,18 @@ case "$COMMAND" in status) [ $# -ne 1 ] && usage + do_initialize echo "Shorewall-$version Status at $HOSTNAME - $(date)" echo - $IPTABLES -L -n -v + if chain_exists shorewall; then + echo "Shorewall is started" + echo + [ -f /var/lib/shorewall/restarted ] && \ + echo "Counters reset $(cat /var/lib/shorewall/restarted)" && \ + echo + else + echo "Shorewall is not started" + fi ;; reset) diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 517a16c1f..9604a8a21 100755 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -31,7 +31,24 @@ Migration Considerations: 2) The "DISPLAY" and "COMMENTS" columns in the /etc/shorewall/zones file have been removed and have been replaced by the former columns of the /etc/shorewall/ipsec file. The latter file has been - removed. As a result, the columns in the /etc/shorewall/zones file + removed. + + To attempt to adhere to the principle of least astonishment, the + old /etc/shorewall/ipsec file will continue to be supported. A new + IPSECFILE variable in /etc/shorewall/shorewall.conf determines the + name of the file that Shorewall looks in for IPSEC information. If + that variable is not set or is set to the empty value then + IPSECFILE=ipsec is assumed. So if you simply upgrade and don't do + something idiotic like replace your current shorewall.conf file with + the new one, your old configuration will continue to work. A dummy + 'ipsec' file is included in the release so that your package manager + (e.g., rpm) won't remove your existing file. + + The shorewall.conf file included in this release sets + IPSECFILE=zones so that new users are expected to use the new zone + file format. + + As a result, the columns in the /etc/shorewall/zones file are now as follows: ZONE Short name of the zone (5 Characters or less in @@ -95,21 +112,6 @@ Migration Considerations: THE ORDER OF THE ENTRIES IN THIS FILE IS IMPORTANT IF YOU HAVE NESTED OR OVERLAPPING ZONES DEFINED THROUGH /etc/shorewall/hosts. - To attempt to adhere to the principle of least astonishment, the - old /etc/shorewall/ipsec file will continue to be supported. A new - IPSECFILE variable in /etc/shorewall/shorewall.conf determines the - name of the file that Shorewall looks in for IPSEC information. If - that variable is not set or is set to the empty value then - IPSECFILE=ipsec is assumed. So if you simply upgrade and don't do - something idiotic like replace your current shorewall.conf file with - the new one, your old configuration will continue to work. A dummy - 'ipsec' file is included in the release so that your package manager - (e.g., rpm) won't remove your existing file. - - The shorewall.conf file included in this release sets - IPSECFILE=zones so that new users are expected to use the new zone - file format. - 3) The DROPINVALID option has been removed from shorewall.conf. The behavior will be as if DROPINVALID=No had been specified. If you