Move firewall, functions and version to /var/lib/shorewall

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@73 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-21 23:23:13 +01:00 · 2002-06-15 17:27:41 +00:00 · 2002-06-15 17:27:41 +00:00 · 65e4f035b0
commit 65e4f035b0
parent 158eb15cec
7 changed files with 61 additions and 118 deletions
--- a/Shorewall/fallback.sh
+++ b/Shorewall/fallback.sh
@ -49,15 +49,15 @@ restore_file() # $1 = file to restore
    fi	
 }

-if [ ! -f /etc/shorewall/version-${VERSION}.bkout ]; then
-    echo "Seattle Firewall Version $VERSION is not installed"
+if [ ! -f /var/lib/shorewall/version-${VERSION}.bkout ]; then
+    echo "Shorewall Version $VERSION is not installed"
    exit 1
 fi

 echo "Backing Out Installation of Shorewall $VERSION"

-if [ -L /etc/shorewall/firewall ]; then
-    FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'`
+if [ -L /var/lib/shorewall/firewall ]; then
+    FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
    restore_file $FIREWALL
 fi

@ -68,6 +68,7 @@ restore_file /sbin/shorewall
 restore_file /etc/shorewall/shorewall.conf
    
 restore_file /etc/shorewall/functions
+restore_file /var/lib/shorewall/functions

 restore_file /etc/shorewall/common.def

@ -106,8 +107,9 @@ restore_file /etc/shorewall/whitelist
 restore_file /etc/shorewall/rfc1918

 restore_file /etc/shorewall/version
+restore_file /var/lib/shorewall/version

-oldversion="`cat /etc/shorewall/version`"
+oldversion="`cat /var/lib/shorewall/version`"

 echo "Shorewall Restored to Version $oldversion"

--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@ -73,9 +73,9 @@ list_search() # $1 = element to search for , $2-$n = list

 ###############################################################################
 # Mutual exclusion -- These functions are jackets for the mutual exclusion    #
-#                     routines in /etc/shorewall/functions. They invoke the   #
-#                     corresponding function in that file if the user did not #
-#                     specify "nolock" on the runeline.                       #
+#                     routines in /var/lib/shorewall/functions. They invoke   #
+#                     the corresponding function in that file if the user did #
+#                     not specify "nolock" on the runline.                    #
 ###############################################################################
 my_mutex_on() {
    [ -n "$nolock" ] || { mutex_on; have_mutex=Yes; }
@ -3138,18 +3138,15 @@ do_initialize() {

    trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9

-    functions=/etc/shorewall/functions
-
-    [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/functions ] && \
-        functions=$SHOREWALL_DIR/functions
+    functions=/var/lib/shorewall/functions

    if [ -f $functions ]; then
        . $functions
    else
-        startup_error "/etc/shorewall/functions does not exist!"
+        startup_error "$functions does not exist!"
    fi

-    version_file=`find_file version`
+    version_file=/var/lib/shorewall/version

    [ -f $version_file ] && version=`cat $version_file`
    #
--- a/Shorewall/functions
+++ b/Shorewall/functions
@ -1,5 +1,5 @@
 #
-# Shorewall 1.3 -- /etc/shorewall/functions
+# Shorewall 1.3 -- /var/lib/shorewall/functions

 #
 # Suppress all output for a command
--- a/Shorewall/install.sh
+++ b/Shorewall/install.sh
@ -152,7 +152,7 @@ while [ $# -gt 0 ] ; do
 		usage 1
            fi

-	    echo "Seattle Firewall Installer Version $VERSION"
+	    echo "Shorewall Firewall Installer Version $VERSION"
 	    exit 0
 	    ;;
 	*)
@ -254,11 +254,10 @@ fi
 echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL"

 #
-# Create /etc/shorewall if needed
+# Create /etc/shorewall and /var/shorewall if needed
 #
-if [ ! -d ${PREFIX}/etc/shorewall ]; then
-    mkdir ${PREFIX}/etc/shorewall
-fi
+mkdir -p ${PREFIX}/etc/shorewall
+mkdir -p ${PREFIX}/var/lib/shorewall
 #
 # Install the config file
 #
@ -281,9 +280,9 @@ fi
 #
 # Install the functions file
 #
-install_file_with_backup functions ${PREFIX}/etc/shorewall/functions 0444
+install_file_with_backup functions ${PREFIX}/var/lib/shorewall/functions 0444

-echo -e "\nCommon functions installed in ${PREFIX}/etc/shorewall/functions"
+echo -e "\nCommon functions installed in ${PREFIX}/var/lib/shorewall/functions"
 #
 # Install the common.def file
 #
@ -435,31 +434,32 @@ fi
 # Backup the version file
 #
 if [ -z "$PREFIX" ]; then
-    if [ -f /etc/shorewall/version ]; then
-	backup_file /etc/shorewall/version
+    if [ -f /var/lib/shorewall/version ]; then
+	backup_file /var/lib/shorewall/version
    elif [ -n "$oldversion" ]; then
-	echo $oldversion > /etc/shorewall/version-${VERSION}.bkout
+	echo $oldversion > /var/lib/shorewall/version-${VERSION}.bkout
    else
-	echo "Unknown" > /etc/shorewall/version-${VERSION}.bkout
+	echo "Unknown" > /var/lib/shorewall/version-${VERSION}.bkout
    fi
 fi
 #
 # Create the version file
 #
-echo "$VERSION" > ${PREFIX}/etc/shorewall/version
-chmod 644 ${PREFIX}/etc/shorewall/version
+echo "$VERSION" > ${PREFIX}/var/lib/shorewall/version
+chmod 644 ${PREFIX}/var/lib/shorewall/version
 #
 # Remove and create the symbolic link to the firewall script
 #

 if [ -z "$PREFIX" ]; then
    rm -f /etc/shorewall/firewall
-    ln -s ${DEST}/${FIREWALL} /etc/shorewall/firewall
+    rm -f /var/lib/shorewall/firewall
+    ln -s ${DEST}/${FIREWALL} /var/lib/shorewall/firewall
 else
-    pushd ${PREFIX}/etc/shorewall/ >> /dev/null && ln -s ../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
+    pushd ${PREFIX}/var/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
 fi

-echo -e "\n${PREFIX}/etc/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"
+echo -e "\n${PREFIX}/var/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"

 if [ -z "$PREFIX" -a -n "$first_install" ]; then
    if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@ -480,21 +480,18 @@ if [ $# -eq 0 ]; then
    usage 1
 fi

-functions=/etc/shorewall/functions
+[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR

-if [ -n "$SHOREWALL_DIR" ]; then
-   export SHOREWALL_DIR
-   [ -f $SHOREWALL_DIR/functions ] && functions=$SHOREWALL_DIR/functions
-fi
+functions=/var/lib/shorewall/functions

 if [ -f $functions ]; then
    . $functions
 else
-    echo "/etc/shorewall/functions does not exist!" >&2
+    echo "$functions does not exist!" >&2
    exit 2
 fi

-firewall=`find_file firewall`
+firewall=/var/lib/shorewall/firewall

 if [ ! -f $firewall ]; then
    echo "ERROR: Shorewall is not properly installed"
@ -502,7 +499,7 @@ if [ ! -f $firewall ]; then
 	echo "       $firewall is a symbolic link to a"
 	echo "       non-existant file"
    else
-	echo "       The file /etc/shorewall/firewall does not exist"
+	echo "       The file /var/lib/shorewall/firewall does not exist"
    fi

    exit 2
@ -510,13 +507,13 @@ fi

 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin

-version_file=`find_file version`
+version_file=/var/lib/shorewall/version

 if [ -f $version_file ]; then
    version=`cat $version_file`
 else
-    echo "ERROR: Shoreline Firewall is not properly installed"
-    echo "       The file /etc/shorewall/version does not exist"
+    echo "ERROR: Shorewall is not properly installed"
+    echo "       The file /var/lib/shorewall/version does not exist"
    exit 1
 fi

--- a/Shorewall/shorewall.spec
+++ b/Shorewall/shorewall.spec
@ -52,7 +52,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
 %files 
 /etc/init.d/shorewall
 %attr(0700,root,root) %dir /etc/shorewall
-%attr(0600,root,root) /etc/shorewall/version
+%attr(0700,root,root) %dir /var/lib/shorewall
+%attr(0600,root,root) /var/lib/shorewall/version
 %attr(0600,root,root) /etc/shorewall/common.def
 %attr(0600,root,root) /etc/shorewall/icmp.def
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/shorewall.conf
@ -72,8 +73,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/blacklist
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918
 %attr(0544,root,root) /sbin/shorewall
-%attr(0444,root,root) /etc/shorewall/functions
-/etc/shorewall/firewall
+%attr(0444,root,root) /var/lib/shorewall/functions
+/var/lib/shorewall/firewall
 %doc documentation
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel

--- a/Shorewall/uninstall.sh
+++ b/Shorewall/uninstall.sh
@ -35,6 +35,11 @@ usage() # $1 = exit status
    exit $1
 }

+qt()  
+{ 
+    "$@" >/dev/null 2>&1
+}
+
 restore_file() # $1 = file to restore
 {
    if [ -f ${1}-shorewall.bkout ]; then
@ -55,22 +60,26 @@ remove_file() # $1 = file to restore
    fi
 }

-if [ -f /etc/shorewall/version ]; then
-    INSTALLED_VERSION="`cat /etc/shorewall/version`"
+if [ -f /var/lib/shorewall/version ]; then
+    INSTALLED_VERSION="`cat /var/lib/shorewall/version`"
    if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
-	echo "WARNING: Shoreline Firewall Version $INSTALLED_VERSION is installed"
+	echo "WARNING: Shorewall Version $INSTALLED_VERSION is installed"
 	echo "         and this is the $VERSION uninstaller."
 	VERSION="$INSTALLED_VERSION"
    fi
 else
-    echo "WARNING: Shoreline Firewall Version $VERSION is not installed"
+    echo "WARNING: Shorewall Version $VERSION is not installed"
    VERSION=""
 fi

-echo "Uninstalling Shoreline Firewall $VERSION"
+echo "Uninstalling Shorewall $VERSION"

-if [ -L /etc/shorewall/firewall ]; then
-    FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'`
+if qt iptables -L shorewall -n; then
+   /sbin/shorewall clear
+fi
+
+if [ -L /var/lib/shorewall/firewall ]; then
+    FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`

    if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
        insserv -r $FIREWALL
@ -85,74 +94,11 @@ remove_file /sbin/shorewall

 if [ -n "$VERSION" ]; then
    restore_file /etc/rc.d/rc.local
-    remove_file /etc/shorewall/shorewall.conf-${VERSION}.bkout
-    remove_file /etc/shorewall/zones-${VERSION}.bkout
-    remove_file /etc/shorewall/policy-${VERSION}.bkout
-    remove_file /etc/shorewall/interfaces-${VERSION}.bkout
-    remove_file /etc/shorewall/rules-${VERSION}.bkout
-    remove_file /etc/shorewall/nat-${VERSION}.bkout
-    remove_file /etc/shorewall/params-${VERSION}.bkout
-    remove_file /etc/shorewall/proxyarp-${VERSION}.bkout
-    remove_file /etc/shorewall/masq-${VERSION}.bkout
-    remove_file /etc/shorewall/version-${VERSION}.bkout
-    remove_file /etc/shorewall/functions-${VERSION}.bkout
-    remove_file /etc/shorewall/common.def-${VERSION}.bkout
-    remove_file /etc/shorewall/icmp.def-${VERSION}.bkout
-    remove_file /etc/shorewall/tunnels-${VERSION}.bkout
-    remove_file /etc/shorewall/tcrules-${VERSION}.bkout
-    remove_file /etc/shorewall/tos-${VERSION}.bkout
-    remove_file /etc/shorewall/modules-${VERSION}.bkout
-    remove_file /etc/shorewall/blacklist-${VERSION}.bkout
-    remove_file /etc/shorewall/whitelist-${VERSION}.bkout
-    remove_file /etc/shorewall/rfc1918-${VERSION}.bkout
 fi

-remove_file /etc/shorewall/firewall
+rm -rf /etc/shorewall
+rm -rf /var/lib/shorewall

-remove_file /etc/shorewall/functions
-
-remove_file /etc/shorewall/common.def
-
-remove_file /etc/shorewall/icmp.def
-
-remove_file /etc/shorewall/zones
-
-remove_file /etc/shorewall/policy
-
-remove_file /etc/shorewall/interfaces
-    
-remove_file /etc/shorewall/hosts
-
-remove_file /etc/shorewall/rules
-
-remove_file /etc/shorewall/nat
-
-remove_file /etc/shorewall/params
-
-remove_file /etc/shorewall/proxyarp
-
-remove_file /etc/shorewall/masq
-    
-remove_file /etc/shorewall/modules
-    
-remove_file /etc/shorewall/tcrules
-
-remove_file /etc/shorewall/tos
-
-remove_file /etc/shorewall/tunnels
-
-remove_file /etc/shorewall/blacklist
-
-remove_file /etc/shorewall/whitelist
-
-remove_file /etc/shorewall/rfc1918
-
-remove_file /etc/shorewall/shorewall.conf
-
-remove_file /etc/shorewall/version
-
-rmdir /etc/shorewall
-
-echo "Shoreline Firewall Uninstalled"
+echo "Shorewall Uninstalled"