extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-23 08:03:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Save/Restore working again...

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3376 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-01-25 04:18:52 +00:00
parent 2d600cf6fc
commit 5727afc83b
3 changed files with 67 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Shorewall/compiler
View File

@ -105,13 +105,6 @@ append_file() # $1 = File Name
save_command_unindented __EOF__
}
append_file1() # $1 = File Name
{
save_command "cat > /var/lib/shorewall/$1 << _EOF_"
cat $STATEDIR/$1 >> $OUTPUT
save_command_unindented _EOF_
}
#
# Generate a command to run iptables
#
@ -8569,13 +8562,6 @@ __EOF__
append_file $file
done
# Logical break between restore-base and restore-tail
if [ $COMMAND = compile ]; then
mv -f $OUTPUT $STATEDIR/restore-base
OUTPUT=$(mktempfile $STATEDIR)
fi
save_command "date > /var/lib/shorewall/restarted"
run_user_exit start
@ -8588,17 +8574,15 @@ __EOF__
run_user_exit started
save_command "cp -f \$SCRIPT /var/lib/shorewall/.restore"
if [ $COMMAND = check ]; then
echo "Shorewall configuration verified"
else
cp $OUTPUT $STATEDIR/restore-tail
append_file1 restore-base
append_file1 restore-tail
INDENT=
save_command "}"
cat $(find_file prog.header) $STATEDIR/restore-base $OUTPUT $(find_file prog.footer) > $outfile
cat $(find_file prog.header) $OUTPUT $(find_file prog.footer) > $outfile
chmod 700 $outfile
rm -f $STATEDIR/restore-base rm -f $STATEDIR/restore-tail
progress_message2 "Shorewall configuration compiled to $outfile"
fi

37
Shorewall/prog.footer
View File

@ -1,3 +1,23 @@
restore_firewall()
{
fatal_error()
{
echo " ERROR: $@" >&2
}
startup_error() # foo = Error Message
{
echo " ERROR: $@" >&2
}
define_firewall
}
current_command() {
cd $(dirname $0)
echo $PWD/$(basename $0)
}
################################################################################
# Give Usage Information #
################################################################################
@ -8,6 +28,8 @@ usage() {
################################################################################
# E X E C U T I O N B E G I N S H E R E #
################################################################################
SCRIPT=$(current_command)
initialize
finished=0
@ -48,11 +70,7 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
done
if [ $# -eq 0 ]; then
if shorewall_is_started; then
COMMAND=restart
else
COMMAND=start
fi
COMMAND=restore
elif [ $# -gt 1 ]; then
usage 2
else
@ -99,7 +117,11 @@ case "$COMMAND" in
define_firewall
status=$?
echo "done."
progress_message3 "done."
;;
restore)
restore_firewall
status=$?
;;
clear)
progress_message3 "Clearing Shorewall...."
@ -138,9 +160,6 @@ case "$COMMAND" in
help)
usage 0
;;
restore)
restore_command
;;
*)
usage 2
;;

81
Shorewall/shorewall
View File

@ -429,56 +429,47 @@ save_config() {
*)
if $IPTABLES -L dynamic -n > /var/lib/shorewall/save; then
echo " Dynamic Rules Saved"
if [ -f /var/lib/shorewall/restore-base ]; then
cp -f /var/lib/shorewall/restore-base /var/lib/shorewall/restore-$$
if iptables-save | iptablesbug >> /var/lib/shorewall/restore-$$ ; then
echo __EOF__ >> /var/lib/shorewall/restore-$$
[ -f /var/lib/shorewall/restore-tail ] && \
cat /var/lib/shorewall/restore-tail >> /var/lib/shorewall/restore-$$
mv -f /var/lib/shorewall/restore-$$ $RESTOREPATH
chmod +x $RESTOREPATH
echo " Currently-running Configuration Saved to $RESTOREPATH"
if [ -f /var/lib/shorewall/.restore ]; then
cp -f /var/lib/shorewall/.restore $RESTOREPATH
chmod +x $RESTOREPATH
echo " Currently-running Configuration Saved to $RESTOREPATH"
rm -f ${RESTOREPATH}-ipsets
rm -f ${RESTOREPATH}-ipsets
case ${SAVE_IPSETS:-No} in
[Yy][Ee][Ss])
RESTOREPATH=${RESTOREPATH}-ipsets
case ${SAVE_IPSETS:-No} in
[Yy][Ee][Ss])
RESTOREPATH=${RESTOREPATH}-ipsets
f=/var/lib/shorewall/restore-$$
f=/var/lib/shorewall/restore-$$
echo "#!/bin/sh" > $f
echo "#This ipset restore file generated $(date) by Shorewall $version" >> $f
echo >> $f
echo ". /usr/share/shorewall/functions" >> $f
echo >> $f
grep '^MODULE' /var/lib/shorewall/restore-base >> $f
echo "reload_kernel_modules << __EOF__" >> $f
grep 'loadmodule ip_set' /var/lib/shorewall/restore-base >> $f
echo "__EOF__" >> $f
echo >> $f
echo "ipset -U :all: :all:" >> $f
echo "ipset -F" >> $f
echo "ipset -X" >> $f
echo "ipset -R << __EOF__" >> $f
ipset -S >> $f
echo "__EOF__" >> $f
mv -f $f $RESTOREPATH
chmod +x $RESTOREPATH
echo " Current Ipset Contents Saved to $RESTOREPATH"
;;
[Nn][Oo])
;;
*)
echo " WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved"
;;
esac
else
rm -f /var/lib/shorewall/restore-$$
echo " ERROR: Currently-running Configuration Not Saved"
fi
echo "#!/bin/sh" > $f
echo "#This ipset restore file generated $(date) by Shorewall $version" >> $f
echo >> $f
echo ". /usr/share/shorewall/functions" >> $f
echo >> $f
grep '^MODULE' /var/lib/shorewall/restore-base >> $f
echo "reload_kernel_modules << __EOF__" >> $f
grep 'loadmodule ip_set' /var/lib/shorewall/restore-base >> $f
echo "__EOF__" >> $f
echo >> $f
echo "ipset -U :all: :all:" >> $f
echo "ipset -F" >> $f
echo "ipset -X" >> $f
echo "ipset -R << __EOF__" >> $f
ipset -S >> $f
echo "__EOF__" >> $f
mv -f $f $RESTOREPATH
chmod +x $RESTOREPATH
echo " Current Ipset Contents Saved to $RESTOREPATH"
;;
[Nn][Oo])
;;
*)
echo " WARNING: Invalid value ($SAVE_IPSETS) for SAVE_IPSETS. Ipset contents not saved"
;;
esac
else
echo " ERROR: /var/lib/shorewall/restore-base does not exist"
echo " ERROR: /var/lib/shorewall/.restoredoes not exist"
fi
else
echo "Error Saving the Dynamic Rules"