From 5655dbb01b851d5c8ff9e3e4f9ec3705658675e2 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 8 Sep 2009 12:54:23 -0700 Subject: [PATCH] Don't call compile_stop_firewall() during 'check'; call process_routestopped() instead --- Shorewall/Perl/Shorewall/Compiler.pm | 8 ++++---- Shorewall/Perl/Shorewall/Rules.pm | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index 4f2e4e036..e9532cd9b 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -795,9 +795,7 @@ sub compiler { # (Produces setup_netfilter(), chainlist_reload() and define_firewall() ) # generate_script_3( $chains ); - } else { - enable_object; - } + } # S T O P _ F I R E W A L L # (Writes the stop_firewall() function to the compiled script) # @@ -806,9 +804,9 @@ sub compiler { # Shorewall::Chains::initialize( $family ); initialize_chain_table; - compile_stop_firewall( $test ); if ( $objectfile ) { + compile_stop_firewall( $test ); # # Copy the footer to the object # @@ -830,6 +828,8 @@ sub compiler { # enable_object, generate_aux_config if $export; } else { + process_routestopped; + if ( $family == F_IPV4 ) { progress_message3 "Shorewall configuration verified"; } else { diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 9c26f1353..087163f75 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -40,6 +40,7 @@ our @EXPORT = qw( process_tos add_common_rules setup_mac_lists process_rules + process_routestopped generate_matrix compile_stop_firewall );