From 6c018f478cab6e86d2cf43403a01b7ff4fb1231f Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 18 Dec 2017 10:25:56 -0800 Subject: [PATCH] Avoid unnecessary recompilation by Shorewall-init Signed-off-by: Tom Eastep --- Shorewall-init/init.debian.sh | 26 ++++++++++++-------------- Shorewall-init/init.fedora.sh | 30 ++++++++++++------------------ Shorewall-init/init.openwrt.sh | 20 +++++++++++--------- Shorewall-init/init.sh | 16 +++++++--------- Shorewall-init/init.suse.sh | 16 +++++++--------- Shorewall-init/shorewall-init | 28 ++++++++++++---------------- 6 files changed, 61 insertions(+), 75 deletions(-) mode change 100644 => 100755 Shorewall-init/init.openwrt.sh diff --git a/Shorewall-init/init.debian.sh b/Shorewall-init/init.debian.sh index f5e4cd985..6c15570b2 100755 --- a/Shorewall-init/init.debian.sh +++ b/Shorewall-init/init.debian.sh @@ -73,12 +73,14 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} + if [ -x ${STATEDIR}/firewall ]; then + return 0; if [ $PRODUCT = shorewall ]; then ${SBINDIR}/shorewall compile elif [ $PRODUCT = shorewall6 ]; then ${SBINDIR}/shorewall -6 compile else - return 0 + return 1 fi } @@ -108,16 +110,14 @@ shorewall_start () { for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - # - # Run in a sub-shell to avoid name collisions - # - ( - if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then - ${STATEDIR}/firewall ${OPTIONS} stop - fi - ) - fi + # + # Run in a sub-shell to avoid name collisions + # + ( + if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then + ${STATEDIR}/firewall ${OPTIONS} stop + fi + ) fi done @@ -145,9 +145,7 @@ shorewall_stop () { printf "Clearing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear - fi + ${STATEDIR}/firewall ${OPTIONS} clear fi done diff --git a/Shorewall-init/init.fedora.sh b/Shorewall-init/init.fedora.sh index 37269e199..79365c224 100755 --- a/Shorewall-init/init.fedora.sh +++ b/Shorewall-init/init.fedora.sh @@ -44,12 +44,14 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} - if [ $PRODUCT = shorewall ]; then + if [ -x ${STATEDIR}/firewall ]; then + return 0 + elif [ $PRODUCT = shorewall ]; then ${SBINDIR}/shorewall compile elif [ $PRODUCT = shorewall6 ]; then ${SBINDIR}/shorewall -6 compile else - return 0 + return 1; fi } @@ -75,15 +77,11 @@ start () { retval=$? if [ $retval -eq 0 ]; then - if [ -x "${STATEDIR}/firewall" ]; then - ${STATEDIR}/firewall ${OPTIONS} stop 2>&1 | $logger - retval=${PIPESTATUS[0]} - [ $retval -ne 0 ] && break - else - retval=6 #Product not configured - break - fi + ${STATEDIR}/firewall ${OPTIONS} stop 2>&1 | $logger + retval=${PIPESTATUS[0]} + [ $retval -ne 0 ] && break else + retval=6 #Product not configured break fi done @@ -110,15 +108,11 @@ stop () { retval=$? if [ $retval -eq 0 ]; then - if [ -x "${STATEDIR}/firewall" ]; then - ${STATEDIR}/firewall ${OPTIONS} clear 2>&1 | $logger - retval=${PIPESTATUS[0]} - [ $retval -ne 0 ] && break - else - retval=6 #Product not configured - break - fi + ${STATEDIR}/firewall ${OPTIONS} clear 2>&1 | $logger + retval=${PIPESTATUS[0]} + [ $retval -ne 0 ] && break else + retval=6 #Product not configured break fi done diff --git a/Shorewall-init/init.openwrt.sh b/Shorewall-init/init.openwrt.sh old mode 100644 new mode 100755 index 21b9f989f..f32bc2b61 --- a/Shorewall-init/init.openwrt.sh +++ b/Shorewall-init/init.openwrt.sh @@ -75,12 +75,14 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} - if [ $PRODUCT = shorewall ]; then + if [ -x ${STATEDIR}/firewall ]; then + return 0 + elif [ $PRODUCT = shorewall ]; then ${SBINDIR}/shorewall compile elif [ $PRODUCT = shorewall6 ]; then ${SBINDIR}/shorewall -6 compile else - return 0 + return 1 fi } @@ -92,10 +94,8 @@ start () { printf "Initializing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then - ${STATEDIR}/firewall ${OPTIONS} stop - fi + if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then + ${STATEDIR}/firewall ${OPTIONS} stop fi fi done @@ -103,6 +103,8 @@ start () { if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then ipset -R < "$SAVE_IPSETS" fi + + return 0 } boot () { @@ -117,9 +119,7 @@ stop () { printf "Clearing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear - fi + ${STATEDIR}/firewall ${OPTIONS} clear fi done @@ -131,5 +131,7 @@ stop () { rm -f "${SAVE_IPSETS}.tmp" fi fi + + return 0 } diff --git a/Shorewall-init/init.sh b/Shorewall-init/init.sh index 340995ab0..75c78e8f5 100755 --- a/Shorewall-init/init.sh +++ b/Shorewall-init/init.sh @@ -69,10 +69,12 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} - if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then + if [ -x ${STATEDIR}/firewall ]; then + return 0 + elif [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then ${SBINDIR}/$PRODUCT ${OPTIONS} compile $STATEDIR/firewall else - return 0 + return 1 fi } @@ -84,10 +86,8 @@ shorewall_start () { printf "Initializing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then - ${STATEDIR}/firewall ${OPTIONS} stop - fi + if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then + ${STATEDIR}/firewall ${OPTIONS} stop fi fi done @@ -107,9 +107,7 @@ shorewall_stop () { printf "Clearing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear - fi + ${STATEDIR}/firewall ${OPTIONS} clear fi done diff --git a/Shorewall-init/init.suse.sh b/Shorewall-init/init.suse.sh index c517dad9c..09258792e 100755 --- a/Shorewall-init/init.suse.sh +++ b/Shorewall-init/init.suse.sh @@ -79,12 +79,14 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} - if [ $PRODUCT = shorewall ]; then + if [ -x ${STATEDIR}/firewall ]; then + return 0 + elif [ $PRODUCT = shorewall ]; then ${SBINDIR}/shorewall compile elif [ $PRODUCT = shorewall6 ]; then ${SBINDIR}/shorewall -6 compile else - return 0 + return 6 fi } @@ -96,10 +98,8 @@ shorewall_start () { printf "Initializing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x $STATEDIR/firewall ]; then - if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then - $STATEDIR/$PRODUCT/firewall ${OPTIONS} stop - fi + if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then + $STATEDIR/$PRODUCT/firewall ${OPTIONS} stop fi fi done @@ -117,9 +117,7 @@ shorewall_stop () { printf "Clearing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear - fi + ${STATEDIR}/firewall ${OPTIONS} clear fi done diff --git a/Shorewall-init/shorewall-init b/Shorewall-init/shorewall-init index 75bb651e3..90266257c 100644 --- a/Shorewall-init/shorewall-init +++ b/Shorewall-init/shorewall-init @@ -33,12 +33,12 @@ setstatedir() { [ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT} - if [ $PRODUCT = shorewall ]; then + if [ -x ${STATEDIR}/firewall ]; then + return 0 + elif [ $PRODUCT = shorewall ]; then ${SBINDIR}/shorewall compile elif [ $PRODUCT = shorewall6 ]; then ${SBINDIR}/shorewall -6 compile - else - return 0 fi } @@ -67,16 +67,14 @@ shorewall_start () { printf "Initializing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - # - # Run in a sub-shell to avoid name collisions - # - ( - if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then - ${STATEDIR}/firewall ${OPTIONS} stop - fi - ) - fi + # + # Run in a sub-shell to avoid name collisions + # + ( + if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then + ${STATEDIR}/firewall ${OPTIONS} stop + fi + ) fi done @@ -95,9 +93,7 @@ shorewall_stop () { printf "Clearing \"Shorewall-based firewalls\": " for PRODUCT in $PRODUCTS; do if setstatedir; then - if [ -x ${STATEDIR}/firewall ]; then - ${STATEDIR}/firewall ${OPTIONS} clear - fi + ${STATEDIR}/firewall ${OPTIONS} clear fi done