diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite
index 0c11d60b3..45e5f48de 100755
--- a/Shorewall-lite/shorewall-lite
+++ b/Shorewall-lite/shorewall-lite
@@ -153,7 +153,7 @@ get_config() {
export VERBOSITY
- [ -n "${HOSTNAME:=$(hostname)}" ]
+ g_hostname=$(hostname 2> /dev/null)
}
@@ -577,7 +577,7 @@ else
exit 1
fi
-banner="Shorewall Lite $SHOREWALL_VERSION Status at $HOSTNAME -"
+banner="Shorewall Lite $SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@@ -627,7 +627,7 @@ case "$COMMAND" in
status)
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
- echo "Shorewall Lite $SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
+ echo "Shorewall Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall_is_started ; then
echo "Shorewall Lite is running"
diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli
index 6a349d7f7..b08a35054 100644
--- a/Shorewall/lib.cli
+++ b/Shorewall/lib.cli
@@ -217,7 +217,7 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
# an 'interesting' packet count changes
{
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
oldrejects=$($IPTABLES -L -v -n | grep 'LOG')
if [ $1 -lt 0 ]; then
@@ -514,56 +514,56 @@ show_command() {
[ $# -gt 1 ] && usage 1
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
- echo "$PRODUCT $SHOREWALL_VERSION Connections ($count out of $max) at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Connections ($count out of $max) at $g_hostname - $(date)"
echo
[ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack
;;
nat)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION NAT Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION NAT Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t nat -L $g_ipt_options
;;
raw)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION RAW Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION RAW Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t raw -L $g_ipt_options
;;
tos|mangle)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t mangle -L $g_ipt_options
;;
log)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)"
echo
show_reset
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
packet_log 20
;;
tc)
[ $# -gt 2 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $g_hostname - $(date)"
echo
shift
show_tc $1
;;
classifiers|filters)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $g_hostname - $(date)"
echo
show_classifiers
;;
zones)
[ $# -gt 1 ] && usage 1
if [ -f ${VARDIR}/zones ]; then
- echo "$PRODUCT $SHOREWALL_VERSION Zones at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Zones at $g_hostname - $(date)"
echo
while read zone type hosts; do
echo "$zone ($type)"
@@ -596,13 +596,13 @@ show_command() {
;;
ip)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION IP at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION IP at $g_hostname - $(date)"
echo
ip -4 addr list
;;
routing)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Routing at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Routing at $g_hostname - $(date)"
echo
show_routing
;;
@@ -613,7 +613,7 @@ show_command() {
;;
chain)
shift
- echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $g_hostname - $(date)"
echo
show_reset
if [ $# -gt 0 ]; then
@@ -630,7 +630,7 @@ show_command() {
;;
policies)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Policies at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Policies at $g_hostname - $(date)"
echo
[ -f ${VARDIR}/policies ] && cat ${VARDIR}/policies;
;;
@@ -665,7 +665,7 @@ show_command() {
[ $# -ne 2 ] && usage 1
for directory in $(split $CONFIG_PATH); do
if [ -f ${directory}/macro.$2 ]; then
- echo "Shorewall $SHOREWALL_VERSION Macro $2 at $HOSTNAME - $(date)"
+ echo "Shorewall $SHOREWALL_VERSION Macro $2 at $g_hostname - $(date)"
cat ${directory}/macro.$2
return
fi
@@ -715,7 +715,7 @@ show_command() {
fi
done
- echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $g_hostname - $(date)"
echo
show_reset
for chain in $*; do
@@ -723,7 +723,7 @@ show_command() {
echo
done
else
- echo "$PRODUCT $SHOREWALL_VERSION $table Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $table Table at $g_hostname - $(date)"
echo
show_reset
$IPTABLES -t $table -L $g_ipt_options
@@ -783,11 +783,11 @@ dump_command() {
[ -n "$g_debugging" ] && set -x
[ $# -eq 0 ] || usage 1
clear_term
- echo "$PRODUCT $SHOREWALL_VERSION Dump at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Dump at $g_hostname - $(date)"
echo
show_reset
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
$IPTABLES -L $g_ipt_options
heading "Log ($LOGFILE)"
@@ -1276,7 +1276,7 @@ hits_command() {
[ $# -eq 0 ] || usage 1
clear_term
- echo "$PRODUCT $SHOREWALL_VERSION Hits at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Hits at $g_hostname - $(date)"
echo
timeout=30
diff --git a/Shorewall/shorewall b/Shorewall/shorewall
index 7504613f3..e0c597917 100755
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@@ -269,7 +269,7 @@ get_config() {
export VERBOSITY
- [ -n "${HOSTNAME:=$(hostname)}" ]
+ g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
[ -n "$RCP_COMMAND" ] || RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
@@ -1615,7 +1615,7 @@ else
exit 1
fi
-banner="Shorewall-$SHOREWALL_VERSION Status at $HOSTNAME -"
+banner="Shorewall-$SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@@ -1702,7 +1702,7 @@ case "$COMMAND" in
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
get_config
- echo "Shorewall-$SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
+ echo "Shorewall-$SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall_is_started ; then
echo "Shorewall is running"
@@ -1748,7 +1748,7 @@ case "$COMMAND" in
;;
logwatch)
get_config Yes Yes Yes
- banner="Shorewall-$SHOREWALL_VERSION Logwatch at $HOSTNAME -"
+ banner="Shorewall-$SHOREWALL_VERSION Logwatch at $g_hostname -"
logwatch_command $@
;;
drop)
diff --git a/Shorewall6-lite/shorewall6-lite b/Shorewall6-lite/shorewall6-lite
index 416672141..ad3f04410 100755
--- a/Shorewall6-lite/shorewall6-lite
+++ b/Shorewall6-lite/shorewall6-lite
@@ -153,7 +153,7 @@ get_config() {
export VERBOSITY
- [ -n "${HOSTNAME:=$(hostname)}" ]
+ g_hostname=$(hostname 2> /dev/null)
}
@@ -563,7 +563,7 @@ else
exit 1
fi
-banner="Shorewall6 Lite $SHOREWALL_VERSION Status at $HOSTNAME -"
+banner="Shorewall6 Lite $SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@@ -609,7 +609,7 @@ case "$COMMAND" in
status)
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
- echo "Shorewall6 Lite $SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
+ echo "Shorewall6 Lite $SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall6_is_started ; then
echo "Shorewall6 Lite is running"
diff --git a/Shorewall6/lib.cli b/Shorewall6/lib.cli
index ef63e329e..148da519f 100644
--- a/Shorewall6/lib.cli
+++ b/Shorewall6/lib.cli
@@ -198,7 +198,7 @@ logwatch() # $1 = timeout -- if negative, prompt each time that
# an 'interesting' packet count changes
{
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
oldrejects=$($IP6TABLES -L -v -n | grep 'LOG')
if [ $1 -lt 0 ]; then
@@ -427,48 +427,48 @@ show_command() {
[ $# -gt 1 ] && usage 1
local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
- echo "$PRODUCT $SHOREWALL_VERSION Connections ($count of $max) at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
echo
grep '^ipv6' /proc/net/nf_conntrack
;;
tos|mangle)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Mangle Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t mangle -L $g_ipt_options
;;
raw)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION raw Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION raw Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t raw -L $g_ipt_options
;;
log)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Log ($LOGFILE) at $g_hostname - $(date)"
echo
show_reset
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
packet_log 20
;;
tc)
[ $# -gt 2 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Traffic Control at $g_hostname - $(date)"
echo
show_tc
;;
classifiers|filters)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Classifiers at $g_hostname - $(date)"
echo
show_classifiers
;;
zones)
[ $# -gt 1 ] && usage 1
if [ -f ${VARDIR}/zones ]; then
- echo "$PRODUCT $SHOREWALL_VERSION Zones at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Zones at $g_hostname - $(date)"
echo
while read zone type hosts; do
echo "$zone ($type)"
@@ -501,13 +501,13 @@ show_command() {
;;
ip)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION IP at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION IP at $g_hostname - $(date)"
echo
ip -6 addr list
;;
routing)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Routing at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Routing at $g_hostname - $(date)"
echo
show_routing
;;
@@ -518,7 +518,7 @@ show_command() {
;;
chain)
shift
- echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || [ $# -gt 0 ] && echo "Chain " || echo $table Table)$* at $g_hostname - $(date)"
echo
show_reset
if [ $# -gt 0 ]; then
@@ -534,7 +534,7 @@ show_command() {
;;
policies)
[ $# -gt 1 ] && usage 1
- echo "$PRODUCT $SHOREWALL_VERSION Policies at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Policies at $g_hostname - $(date)"
echo
[ -f ${VARDIR}/policies ] && cat ${VARDIR}/policies;
;;
@@ -592,14 +592,14 @@ show_command() {
fi
done
- echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $([ $# -gt 1 ] && echo "Chains " || echo "Chain ")$* at $g_hostname - $(date)"
echo
show_reset
for chain in $*; do
$IP6TABLES -t $table -L $chain $g_ipt_options
done
else
- echo "$PRODUCT $SHOREWALL_VERSION $table Table at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION $table Table at $g_hostname - $(date)"
echo
show_reset
$IP6TABLES -t $table -L $g_ipt_options
@@ -659,7 +659,7 @@ dump_command() {
[ -n "$g_debugging" ] && set -x
[ $# -eq 0 ] || usage 1
clear_term
- echo "$PRODUCT $SHOREWALL_VERSION Dump at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Dump at $g_hostname - $(date)"
echo
if [ -f /usr/share/shorewall/version ]; then
@@ -668,7 +668,7 @@ dump_command() {
fi
show_reset
- host=$(echo $HOSTNAME | sed 's/\..*$//')
+ host=$(echo $g_hostname | sed 's/\..*$//')
$IP6TABLES -L $g_ipt_options
heading "Log ($LOGFILE)"
@@ -974,7 +974,7 @@ hits_command() {
[ $# -eq 0 ] || usage 1
clear_term
- echo "$PRODUCT $SHOREWALL_VERSION Hits at $HOSTNAME - $(date)"
+ echo "$PRODUCT $SHOREWALL_VERSION Hits at $g_hostname - $(date)"
echo
timeout=30
diff --git a/Shorewall6/shorewall6 b/Shorewall6/shorewall6
index c7f82090d..f0275127e 100755
--- a/Shorewall6/shorewall6
+++ b/Shorewall6/shorewall6
@@ -188,7 +188,7 @@ get_config() {
export VERBOSITY
- [ -n "${HOSTNAME:=$(hostname)}" ]
+ g_hostname=$(hostname 2> /dev/null)
[ -n "$RSH_COMMAND" ] || RSH_COMMAND='ssh ${root}@${system} ${command}'
[ -n "$RCP_COMMAND" ] || RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
@@ -1528,7 +1528,7 @@ else
exit 1
fi
-banner="Shorewall6-$SHOREWALL_VERSION Status at $HOSTNAME -"
+banner="Shorewall6-$SHOREWALL_VERSION Status at $g_hostname -"
case $(echo -e) in
-e*)
@@ -1615,7 +1615,7 @@ case "$COMMAND" in
[ $# -eq 1 ] || usage 1
[ "$(id -u)" != 0 ] && fatal_error "ERROR: The status command may only be run by root"
get_config
- echo "Shorewall6-$SHOREWALL_VERSION Status at $HOSTNAME - $(date)"
+ echo "Shorewall6-$SHOREWALL_VERSION Status at $g_hostname - $(date)"
echo
if shorewall6_is_started ; then
echo "Shorewall6 is running"
@@ -1655,7 +1655,7 @@ case "$COMMAND" in
;;
logwatch)
get_config Yes Yes Yes
- banner="Shorewall6-$SHOREWALL_VERSION Logwatch at $HOSTNAME -"
+ banner="Shorewall6-$SHOREWALL_VERSION Logwatch at $g_hostname -"
logwatch_command $@
;;
drop)
diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml
index 48404483b..95716e1fa 100644
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@@ -635,6 +635,8 @@ SHELL cat /etc/shorewall/rules.d/*.rules
FAST
+ HOSTNAME
+
IPT_OPTIONS
NOROUTES
diff --git a/manpages/shorewall-params.xml b/manpages/shorewall-params.xml
index 184cb974c..70761d3c2 100644
--- a/manpages/shorewall-params.xml
+++ b/manpages/shorewall-params.xml
@@ -52,6 +52,8 @@
FAST
+ HOSTNAME
+
IPT_OPTIONS
NOROUTES
diff --git a/manpages6/shorewall6-params.xml b/manpages6/shorewall6-params.xml
index 90802da9a..c2af9a4b6 100644
--- a/manpages6/shorewall6-params.xml
+++ b/manpages6/shorewall6-params.xml
@@ -53,6 +53,8 @@
FAST
+ HOSTNAME
+
IPT_OPTIONS
NOROUTES