Implement 'restart -c'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-05-23 06:39:26 -07:00
parent e95003b82a
commit 485a7fb29d
6 changed files with 49 additions and 5 deletions

View File

@ -4,6 +4,8 @@ Changes in Shorewall 4.4.20 Beta 4
2) Implement LEGACY_FASTSTART option. 2) Implement LEGACY_FASTSTART option.
3) Add a '-c' option to the restart command.
Changes in Shorewall 4.4.20 Beta 3 Changes in Shorewall 4.4.20 Beta 3
1) Add auditing support. 1) Add auditing support.

View File

@ -147,6 +147,14 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
LEGACY_FASTSTART=No, 'start -f' and 'restart -f' compare with LEGACY_FASTSTART=No, 'start -f' and 'restart -f' compare with
/var/lib/shorewall[6]/firewall. /var/lib/shorewall[6]/firewall.
7) A '-c' (compile) option has been added to the 'restart'
command in both Shorewall and Shorewall6. It overrides the setting
of AUTOMAKE and unconditionally forces a recompilation of the
configuration.
When both -c and -f are specified, the result is determined by the
option that appears last.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
I V. R E L E A S E 4 . 4 H I G H L I G H T S I V. R E L E A S E 4 . 4 H I G H L I G H T S
---------------------------------------------------------------------------- ----------------------------------------------------------------------------

View File

@ -724,6 +724,10 @@ restart_command() {
g_fast=Yes g_fast=Yes
option=${option#f} option=${option#f}
;; ;;
c*)
AUTOMAKE=
option=${option#c}
;;
n*) n*)
g_noroutes=Yes g_noroutes=Yes
option=${option#n} option=${option#n}
@ -1385,7 +1389,7 @@ usage() # $1 = exit status
echo " reject <address> ..." echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>" echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
echo " reset [ <chain> ... ]" echo " reset [ <chain> ... ]"
echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]" echo " restart [ -n ] [ -p ] [-d] [ -f ] [ -c ][ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]" echo " show [ -x ] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]"

View File

@ -651,6 +651,10 @@ restart_command() {
g_fast=Yes g_fast=Yes
option=${option#f} option=${option#f}
;; ;;
c*)
AUTOMAKE=
option=${option#c}
;;
n*) n*)
g_noroutes=Yes g_noroutes=Yes
option=${option#n} option=${option#n}
@ -1310,7 +1314,7 @@ usage() # $1 = exit status
echo " reject <address> ..." echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>" echo " reload [ -s ] [ -c ] [ -r <root user> ] [ <directory> ] <system>"
echo " reset [ <chain> ... ]" echo " reset [ <chain> ... ]"
echo " restart [ -n ] [ -f ] [ <directory> ]" echo " restart [ -n ] [ -p ] [-d] [ -f ] [ -c ][ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log [<regex>]|macros|mangle|nat|policies|raw|routing|tc|vardir|zones} ]" echo " show [ -x ] [ -m ] [-f] [ -t {filter|mangle} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log [<regex>]|macros|mangle|nat|policies|raw|routing|tc|vardir|zones} ]"

View File

@ -377,10 +377,12 @@
<arg><option>-n</option></arg> <arg><option>-n</option></arg>
<arg><option>-p</option></arg> <arg><option>-p</option><arg><option>-d</option></arg></arg>
<arg><option>-f</option></arg> <arg><option>-f</option></arg>
<arg><option>-c</option></arg>
<arg><replaceable>directory</replaceable></arg> <arg><replaceable>directory</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
@ -1114,9 +1116,18 @@
table to be flushed; the <command>conntrack</command> utility must table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para> be installed to use this option.</para>
<para>The <option>-d </option>option causes the compiler to run
under the Perl debugger.</para>
<para>The <option>-f</option> option suppresses the compilation step <para>The <option>-f</option> option suppresses the compilation step
and simply reused the compiled script which last started/restarted and simply reused the compiled script which last started/restarted
Shorewall.</para> Shorewall, provided that /etc/shorewall and its contents have not
been modified since the last start/restart.</para>
<para>The <option>-c</option> option was added in Shorewall 4.4.20
and performs the compilation step unconditionally, overriding the
AUTOMAKE setting in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5).</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

View File

@ -922,9 +922,24 @@
<para>The <option>-n</option> option causes Shorewall6 to avoid <para>The <option>-n</option> option causes Shorewall6 to avoid
updating the routing table(s).</para> updating the routing table(s).</para>
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
<para>The <option>-d </option>option causes the compiler to run
under the Perl debugger.</para>
<para>The <option>-f</option> option suppresses the compilation step <para>The <option>-f</option> option suppresses the compilation step
and simply reused the compiled script which last started/restarted and simply reused the compiled script which last started/restarted
Shorewall6.</para> Shorewall, provided that /etc/shorewall6 and its contents have not
been modified since the last start/restart.</para>
<para>The <option>-c</option> option was added in Shorewall 4.4.20
and performs the compilation step unconditionally, overriding the
AUTOMAKE setting in <ulink
url="shorewall6.conf.html">shorewall6.conf</ulink>(5). When both
<option>-f</option> and <option>-c </option>are present, the result
is determined by the option that appears last.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>