extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-31 18:09:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove all reliance on HOSTNAME

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-02 11:59:38 -08:00
parent 68f5215f07
commit 5613d0105a
9 changed files with 58 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-lite/shorewall-lite
View File

@ -153,7 +153,7 @@ get_config() {
export VERBOSITY
[ -n "${HOSTNAME:=$(hostname)}" ]
g_hostname=$(hostname 2> /dev/null)
}
@ -577,7 +577,7 @@ else
exit 1
fi
banner="Shorewall Lite $SHOREWALL_VERSION Status at $HOSTNAME -"
banner="Shorewall Lite $SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@ -627,7 +627,7 @@ case "$COMMAND" in
status)
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
echo "Shorewall Lite $SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
echo "Shorewall Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall_is_started ; then
echo "Shorewall Lite is running"

40
Shorewall/lib.cli
View File

@ -217,7 +217,7 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
# an 'interesting' packet count changes
{
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
oldrejects=$($IPTABLES -L -v -n | grep 'LOG')
if [ $1 -lt 0 ]; then
@ -514,56 +514,56 @@ show_command() {
[ $# -gt 1 ] && usage 1
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
echo "$PRODUCT $SHOREWALL_VERSION Connections ($count out of $max) at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Connections ($count out of $max) at $g_hostname - $(date)"
echo
[ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack
;;
nat)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION NAT Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION NAT Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t nat -L $g_ipt_options
;;
raw)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION RAW Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION RAW Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t raw -L $g_ipt_options
;;
tos|mangle)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t mangle -L $g_ipt_options
;;
log)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)"
echo
show_reset
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
packet_log 20
;;
tc)
[ $# -gt 2 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $g_hostname - $(date)"
echo
shift
show_tc $1
;;
classifiers|filters)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $g_hostname - $(date)"
echo
show_classifiers
;;
zones)
[ $# -gt 1 ] && usage 1
if [ -f ${VARDIR}/zones ]; then
echo "$PRODUCT $SHOREWALL_VERSION Zones at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Zones at $g_hostname - $(date)"
echo
while read zone type hosts; do
echo "$zone ($type)"
@ -596,13 +596,13 @@ show_command() {
;;
ip)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION IP at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION IP at $g_hostname - $(date)"
echo
ip -4 addr list
;;
routing)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Routing at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Routing at $g_hostname - $(date)"
echo
show_routing
;;
@ -613,7 +613,7 @@ show_command() {
;;
chain)
shift
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $g_hostname - $(date)"
echo
show_reset
if [ $# -gt 0 ]; then
@ -630,7 +630,7 @@ show_command() {
;;
policies)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Policies at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Policies at $g_hostname - $(date)"
echo
[ -f ${VARDIR}/policies ] && cat ${VARDIR}/policies;
;;
@ -665,7 +665,7 @@ show_command() {
[ $# -ne 2 ] && usage 1
for directory in $(split $CONFIG_PATH); do
if [ -f ${directory}/macro.$2 ]; then
echo "Shorewall $SHOREWALL_VERSION Macro $2 at $HOSTNAME - $(date)"
echo "Shorewall $SHOREWALL_VERSION Macro $2 at $g_hostname - $(date)"
cat ${directory}/macro.$2
return
fi
@ -715,7 +715,7 @@ show_command() {
fi
done
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $g_hostname - $(date)"
echo
show_reset
for chain in $*; do
@ -723,7 +723,7 @@ show_command() {
echo
done
else
echo "$PRODUCT $SHOREWALL_VERSION $table Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $table Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t $table -L $g_ipt_options
@ -783,11 +783,11 @@ dump_command() {
[ -n "$g_debugging" ] && set -x
[ $# -eq 0 ] || usage 1
clear_term
echo "$PRODUCT $SHOREWALL_VERSION Dump at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Dump at $g_hostname - $(date)"
echo
show_reset
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
$IPTABLES -L $g_ipt_options
heading "Log ($LOGFILE)"
@ -1276,7 +1276,7 @@ hits_command() {
[ $# -eq 0 ] || usage 1
clear_term
echo "$PRODUCT $SHOREWALL_VERSION Hits at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Hits at $g_hostname - $(date)"
echo
timeout=30

8
Shorewall/shorewall
View File

@ -269,7 +269,7 @@ get_config() {
export VERBOSITY
[ -n "${HOSTNAME:=$(hostname)}" ]
g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
[ -n "$RCP_COMMAND" ] || RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
@ -1615,7 +1615,7 @@ else
exit 1
fi
banner="Shorewall-$SHOREWALL_VERSION Status at $HOSTNAME -"
banner="Shorewall-$SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@ -1702,7 +1702,7 @@ case "$COMMAND" in
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
get_config
echo "Shorewall-$SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
echo "Shorewall-$SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall_is_started ; then
echo "Shorewall is running"
@ -1748,7 +1748,7 @@ case "$COMMAND" in
;;
logwatch)
get_config Yes Yes Yes
banner="Shorewall-$SHOREWALL_VERSION Logwatch at $HOSTNAME -"
banner="Shorewall-$SHOREWALL_VERSION Logwatch at $g_hostname -"
logwatch_command $@
;;
drop)

6
Shorewall6-lite/shorewall6-lite
View File

@ -153,7 +153,7 @@ get_config() {
export VERBOSITY
[ -n "${HOSTNAME:=$(hostname)}" ]
g_hostname=$(hostname 2> /dev/null)
}
@ -563,7 +563,7 @@ else
exit 1
fi
banner="Shorewall6 Lite $SHOREWALL_VERSION Status at $HOSTNAME -"
banner="Shorewall6 Lite $SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@ -609,7 +609,7 @@ case "$COMMAND" in
status)
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
echo "Shorewall6 Lite $SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
echo "Shorewall6 Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall6_is_started ; then
echo "Shorewall6 Lite is running"

36
Shorewall6/lib.cli
View File

@ -198,7 +198,7 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
# an 'interesting' packet count changes
{
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
oldrejects=$($IP6TABLES -L -v -n | grep 'LOG')
if [ $1 -lt 0 ]; then
@ -427,48 +427,48 @@ show_command() {
[ $# -gt 1 ] && usage 1
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
echo "$PRODUCT $SHOREWALL_VERSION Connections ($count of $max) at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
echo
grep '^ipv6' /proc/net/nf_conntrack
;;
tos|mangle)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t mangle -L $g_ipt_options
;;
raw)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION raw Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION raw Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t raw -L $g_ipt_options
;;
log)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)"
echo
show_reset
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
packet_log 20
;;
tc)
[ $# -gt 2 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $g_hostname - $(date)"
echo
show_tc
;;
classifiers|filters)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $g_hostname - $(date)"
echo
show_classifiers
;;
zones)
[ $# -gt 1 ] && usage 1
if [ -f ${VARDIR}/zones ]; then
echo "$PRODUCT $SHOREWALL_VERSION Zones at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Zones at $g_hostname - $(date)"
echo
while read zone type hosts; do
echo "$zone ($type)"
@ -501,13 +501,13 @@ show_command() {
;;
ip)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION IP at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION IP at $g_hostname - $(date)"
echo
ip -6 addr list
;;
routing)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Routing at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Routing at $g_hostname - $(date)"
echo
show_routing
;;
@ -518,7 +518,7 @@ show_command() {
;;
chain)
shift
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $g_hostname - $(date)"
echo
show_reset
if [ $# -gt 0 ]; then
@ -534,7 +534,7 @@ show_command() {
;;
policies)
[ $# -gt 1 ] && usage 1
echo "$PRODUCT $SHOREWALL_VERSION Policies at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Policies at $g_hostname - $(date)"
echo
[ -f ${VARDIR}/policies ] && cat ${VARDIR}/policies;
;;
@ -592,14 +592,14 @@ show_command() {
fi
done
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $g_hostname - $(date)"
echo
show_reset
for chain in $*; do
$IP6TABLES -t $table -L $chain $g_ipt_options
done
else
echo "$PRODUCT $SHOREWALL_VERSION $table Table at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION $table Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t $table -L $g_ipt_options
@ -659,7 +659,7 @@ dump_command() {
[ -n "$g_debugging" ] && set -x
[ $# -eq 0 ] || usage 1
clear_term
echo "$PRODUCT $SHOREWALL_VERSION Dump at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Dump at $g_hostname - $(date)"
echo
if [ -f /usr/share/shorewall/version ]; then
@ -668,7 +668,7 @@ dump_command() {
fi
show_reset
host=$(echo $HOSTNAME | sed 's/\..*$//')
host=$(echo $g_hostname | sed 's/\..*$//')
$IP6TABLES -L $g_ipt_options
heading "Log ($LOGFILE)"
@ -974,7 +974,7 @@ hits_command() {
[ $# -eq 0 ] || usage 1
clear_term
echo "$PRODUCT $SHOREWALL_VERSION Hits at $HOSTNAME - $(date)"
echo "$PRODUCT $SHOREWALL_VERSION Hits at $g_hostname - $(date)"
echo
timeout=30

8
Shorewall6/shorewall6
View File

@ -188,7 +188,7 @@ get_config() {
export VERBOSITY
[ -n "${HOSTNAME:=$(hostname)}" ]
g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
[ -n "$RCP_COMMAND" ] || RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
@ -1528,7 +1528,7 @@ else
exit 1
fi
banner="Shorewall6-$SHOREWALL_VERSION Status at $HOSTNAME -"
banner="Shorewall6-$SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@ -1615,7 +1615,7 @@ case "$COMMAND" in
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
get_config
echo "Shorewall6-$SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
echo "Shorewall6-$SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall6_is_started ; then
echo "Shorewall6 is running"
@ -1655,7 +1655,7 @@ case "$COMMAND" in
;;
logwatch)
get_config Yes Yes Yes
banner="Shorewall6-$SHOREWALL_VERSION Logwatch at $HOSTNAME -"
banner="Shorewall6-$SHOREWALL_VERSION Logwatch at $g_hostname -"
logwatch_command $@
;;
drop)

2
docs/configuration_file_basics.xml
View File

@ -635,6 +635,8 @@ SHELL cat /etc/shorewall/rules.d/*.rules</programlisting></para>
<member>FAST</member>
<member>HOSTNAME</member>
<member>IPT_OPTIONS</member>
<member><emphasis role="bold">NOROUTES</emphasis></member>

2
manpages/shorewall-params.xml
View File

@ -52,6 +52,8 @@
<member>FAST</member>
<member>HOSTNAME</member>
<member>IPT_OPTIONS</member>
<member><emphasis role="bold">NOROUTES</emphasis></member>

2
manpages6/shorewall6-params.xml
View File

@ -53,6 +53,8 @@
<member>FAST</member>
<member>HOSTNAME</member>
<member>IPT_OPTIONS</member>
<member><emphasis role="bold">NOROUTES</emphasis></member>