diff --git a/Shorewall/fallback.sh b/Shorewall/fallback.sh index 9eed75d3b..d965af188 100755 --- a/Shorewall/fallback.sh +++ b/Shorewall/fallback.sh @@ -49,15 +49,15 @@ restore_file() # $1 = file to restore fi } -if [ ! -f /etc/shorewall/version-${VERSION}.bkout ]; then - echo "Seattle Firewall Version $VERSION is not installed" +if [ ! -f /var/lib/shorewall/version-${VERSION}.bkout ]; then + echo "Shorewall Version $VERSION is not installed" exit 1 fi echo "Backing Out Installation of Shorewall $VERSION" -if [ -L /etc/shorewall/firewall ]; then - FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'` +if [ -L /var/lib/shorewall/firewall ]; then + FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'` restore_file $FIREWALL fi @@ -68,6 +68,7 @@ restore_file /sbin/shorewall restore_file /etc/shorewall/shorewall.conf restore_file /etc/shorewall/functions +restore_file /var/lib/shorewall/functions restore_file /etc/shorewall/common.def @@ -106,8 +107,9 @@ restore_file /etc/shorewall/whitelist restore_file /etc/shorewall/rfc1918 restore_file /etc/shorewall/version +restore_file /var/lib/shorewall/version -oldversion="`cat /etc/shorewall/version`" +oldversion="`cat /var/lib/shorewall/version`" echo "Shorewall Restored to Version $oldversion" diff --git a/Shorewall/firewall b/Shorewall/firewall index 629be20dc..54ef1de9f 100755 --- a/Shorewall/firewall +++ b/Shorewall/firewall @@ -73,9 +73,9 @@ list_search() # $1 = element to search for , $2-$n = list ############################################################################### # Mutual exclusion -- These functions are jackets for the mutual exclusion # -# routines in /etc/shorewall/functions. They invoke the # -# corresponding function in that file if the user did not # -# specify "nolock" on the runeline. # +# routines in /var/lib/shorewall/functions. They invoke # +# the corresponding function in that file if the user did # +# not specify "nolock" on the runline. # ############################################################################### my_mutex_on() { [ -n "$nolock" ] || { mutex_on; have_mutex=Yes; } @@ -3138,18 +3138,15 @@ do_initialize() { trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9 - functions=/etc/shorewall/functions - - [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/functions ] && \ - functions=$SHOREWALL_DIR/functions + functions=/var/lib/shorewall/functions if [ -f $functions ]; then . $functions else - startup_error "/etc/shorewall/functions does not exist!" + startup_error "$functions does not exist!" fi - version_file=`find_file version` + version_file=/var/lib/shorewall/version [ -f $version_file ] && version=`cat $version_file` # diff --git a/Shorewall/functions b/Shorewall/functions index 6e3bf64b2..c5bcd7b57 100755 --- a/Shorewall/functions +++ b/Shorewall/functions @@ -1,5 +1,5 @@ # -# Shorewall 1.3 -- /etc/shorewall/functions +# Shorewall 1.3 -- /var/lib/shorewall/functions # # Suppress all output for a command diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 06775f94e..1bd2924c5 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -152,7 +152,7 @@ while [ $# -gt 0 ] ; do usage 1 fi - echo "Seattle Firewall Installer Version $VERSION" + echo "Shorewall Firewall Installer Version $VERSION" exit 0 ;; *) @@ -254,11 +254,10 @@ fi echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL" # -# Create /etc/shorewall if needed +# Create /etc/shorewall and /var/shorewall if needed # -if [ ! -d ${PREFIX}/etc/shorewall ]; then - mkdir ${PREFIX}/etc/shorewall -fi +mkdir -p ${PREFIX}/etc/shorewall +mkdir -p ${PREFIX}/var/lib/shorewall # # Install the config file # @@ -281,9 +280,9 @@ fi # # Install the functions file # -install_file_with_backup functions ${PREFIX}/etc/shorewall/functions 0444 +install_file_with_backup functions ${PREFIX}/var/lib/shorewall/functions 0444 -echo -e "\nCommon functions installed in ${PREFIX}/etc/shorewall/functions" +echo -e "\nCommon functions installed in ${PREFIX}/var/lib/shorewall/functions" # # Install the common.def file # @@ -435,31 +434,32 @@ fi # Backup the version file # if [ -z "$PREFIX" ]; then - if [ -f /etc/shorewall/version ]; then - backup_file /etc/shorewall/version + if [ -f /var/lib/shorewall/version ]; then + backup_file /var/lib/shorewall/version elif [ -n "$oldversion" ]; then - echo $oldversion > /etc/shorewall/version-${VERSION}.bkout + echo $oldversion > /var/lib/shorewall/version-${VERSION}.bkout else - echo "Unknown" > /etc/shorewall/version-${VERSION}.bkout + echo "Unknown" > /var/lib/shorewall/version-${VERSION}.bkout fi fi # # Create the version file # -echo "$VERSION" > ${PREFIX}/etc/shorewall/version -chmod 644 ${PREFIX}/etc/shorewall/version +echo "$VERSION" > ${PREFIX}/var/lib/shorewall/version +chmod 644 ${PREFIX}/var/lib/shorewall/version # # Remove and create the symbolic link to the firewall script # if [ -z "$PREFIX" ]; then rm -f /etc/shorewall/firewall - ln -s ${DEST}/${FIREWALL} /etc/shorewall/firewall + rm -f /var/lib/shorewall/firewall + ln -s ${DEST}/${FIREWALL} /var/lib/shorewall/firewall else - pushd ${PREFIX}/etc/shorewall/ >> /dev/null && ln -s ../..${DEST}/${FIREWALL} firewall && popd >> /dev/null + pushd ${PREFIX}/var/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null fi -echo -e "\n${PREFIX}/etc/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL" +echo -e "\n${PREFIX}/var/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL" if [ -z "$PREFIX" -a -n "$first_install" ]; then if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 9f2a12469..8fde89db2 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -480,21 +480,18 @@ if [ $# -eq 0 ]; then usage 1 fi -functions=/etc/shorewall/functions +[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR -if [ -n "$SHOREWALL_DIR" ]; then - export SHOREWALL_DIR - [ -f $SHOREWALL_DIR/functions ] && functions=$SHOREWALL_DIR/functions -fi +functions=/var/lib/shorewall/functions if [ -f $functions ]; then . $functions else - echo "/etc/shorewall/functions does not exist!" >&2 + echo "$functions does not exist!" >&2 exit 2 fi -firewall=`find_file firewall` +firewall=/var/lib/shorewall/firewall if [ ! -f $firewall ]; then echo "ERROR: Shorewall is not properly installed" @@ -502,7 +499,7 @@ if [ ! -f $firewall ]; then echo " $firewall is a symbolic link to a" echo " non-existant file" else - echo " The file /etc/shorewall/firewall does not exist" + echo " The file /var/lib/shorewall/firewall does not exist" fi exit 2 @@ -510,13 +507,13 @@ fi PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin -version_file=`find_file version` +version_file=/var/lib/shorewall/version if [ -f $version_file ]; then version=`cat $version_file` else - echo "ERROR: Shoreline Firewall is not properly installed" - echo " The file /etc/shorewall/version does not exist" + echo "ERROR: Shorewall is not properly installed" + echo " The file /var/lib/shorewall/version does not exist" exit 1 fi diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index f217a5377..818d01d7a 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -52,7 +52,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s %files /etc/init.d/shorewall %attr(0700,root,root) %dir /etc/shorewall -%attr(0600,root,root) /etc/shorewall/version +%attr(0700,root,root) %dir /var/lib/shorewall +%attr(0600,root,root) /var/lib/shorewall/version %attr(0600,root,root) /etc/shorewall/common.def %attr(0600,root,root) /etc/shorewall/icmp.def %attr(0600,root,root) %config(noreplace) /etc/shorewall/shorewall.conf @@ -72,8 +73,8 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s %attr(0600,root,root) %config(noreplace) /etc/shorewall/blacklist %attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918 %attr(0544,root,root) /sbin/shorewall -%attr(0444,root,root) /etc/shorewall/functions -/etc/shorewall/firewall +%attr(0444,root,root) /var/lib/shorewall/functions +/var/lib/shorewall/firewall %doc documentation %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index a027a0e5f..40f4879d2 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -35,6 +35,11 @@ usage() # $1 = exit status exit $1 } +qt() +{ + "$@" >/dev/null 2>&1 +} + restore_file() # $1 = file to restore { if [ -f ${1}-shorewall.bkout ]; then @@ -55,22 +60,26 @@ remove_file() # $1 = file to restore fi } -if [ -f /etc/shorewall/version ]; then - INSTALLED_VERSION="`cat /etc/shorewall/version`" +if [ -f /var/lib/shorewall/version ]; then + INSTALLED_VERSION="`cat /var/lib/shorewall/version`" if [ "$INSTALLED_VERSION" != "$VERSION" ]; then - echo "WARNING: Shoreline Firewall Version $INSTALLED_VERSION is installed" + echo "WARNING: Shorewall Version $INSTALLED_VERSION is installed" echo " and this is the $VERSION uninstaller." VERSION="$INSTALLED_VERSION" fi else - echo "WARNING: Shoreline Firewall Version $VERSION is not installed" + echo "WARNING: Shorewall Version $VERSION is not installed" VERSION="" fi -echo "Uninstalling Shoreline Firewall $VERSION" +echo "Uninstalling Shorewall $VERSION" -if [ -L /etc/shorewall/firewall ]; then - FIREWALL=`ls -l /etc/shorewall/firewall | sed 's/^.*> //'` +if qt iptables -L shorewall -n; then + /sbin/shorewall clear +fi + +if [ -L /var/lib/shorewall/firewall ]; then + FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'` if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then insserv -r $FIREWALL @@ -85,74 +94,11 @@ remove_file /sbin/shorewall if [ -n "$VERSION" ]; then restore_file /etc/rc.d/rc.local - remove_file /etc/shorewall/shorewall.conf-${VERSION}.bkout - remove_file /etc/shorewall/zones-${VERSION}.bkout - remove_file /etc/shorewall/policy-${VERSION}.bkout - remove_file /etc/shorewall/interfaces-${VERSION}.bkout - remove_file /etc/shorewall/rules-${VERSION}.bkout - remove_file /etc/shorewall/nat-${VERSION}.bkout - remove_file /etc/shorewall/params-${VERSION}.bkout - remove_file /etc/shorewall/proxyarp-${VERSION}.bkout - remove_file /etc/shorewall/masq-${VERSION}.bkout - remove_file /etc/shorewall/version-${VERSION}.bkout - remove_file /etc/shorewall/functions-${VERSION}.bkout - remove_file /etc/shorewall/common.def-${VERSION}.bkout - remove_file /etc/shorewall/icmp.def-${VERSION}.bkout - remove_file /etc/shorewall/tunnels-${VERSION}.bkout - remove_file /etc/shorewall/tcrules-${VERSION}.bkout - remove_file /etc/shorewall/tos-${VERSION}.bkout - remove_file /etc/shorewall/modules-${VERSION}.bkout - remove_file /etc/shorewall/blacklist-${VERSION}.bkout - remove_file /etc/shorewall/whitelist-${VERSION}.bkout - remove_file /etc/shorewall/rfc1918-${VERSION}.bkout fi -remove_file /etc/shorewall/firewall +rm -rf /etc/shorewall +rm -rf /var/lib/shorewall -remove_file /etc/shorewall/functions - -remove_file /etc/shorewall/common.def - -remove_file /etc/shorewall/icmp.def - -remove_file /etc/shorewall/zones - -remove_file /etc/shorewall/policy - -remove_file /etc/shorewall/interfaces - -remove_file /etc/shorewall/hosts - -remove_file /etc/shorewall/rules - -remove_file /etc/shorewall/nat - -remove_file /etc/shorewall/params - -remove_file /etc/shorewall/proxyarp - -remove_file /etc/shorewall/masq - -remove_file /etc/shorewall/modules - -remove_file /etc/shorewall/tcrules - -remove_file /etc/shorewall/tos - -remove_file /etc/shorewall/tunnels - -remove_file /etc/shorewall/blacklist - -remove_file /etc/shorewall/whitelist - -remove_file /etc/shorewall/rfc1918 - -remove_file /etc/shorewall/shorewall.conf - -remove_file /etc/shorewall/version - -rmdir /etc/shorewall - -echo "Shoreline Firewall Uninstalled" +echo "Shorewall Uninstalled"