diff --git a/Shorewall-init/ifupdown.sh b/Shorewall-init/ifupdown.sh index 263007119..cdd125449 100644 --- a/Shorewall-init/ifupdown.sh +++ b/Shorewall-init/ifupdown.sh @@ -102,40 +102,106 @@ if [ -f /etc/debian_version ]; then ;; esac elif [ -f /etc/SuSE-release ]; then - # - # SuSE ifupdown system - # - INTERFACE="$2" - case $0 in - *if-up.d*) - COMMAND=up - ;; - *if-down.d*) - COMMAND=down + /etc/ppp*) + # + # SUSE ppp + # + INTERFACE="$1" + + case $0 in + *ip-*) + # + # IPv4 + # + for product in $SAVEPRODUCTS; do + case $product in + shorewall|shorewall-lite) + PRODUCTS="$PRODUCTS $product"; + ;; + esac + done + ;; + *) + # + # IPv6 + # + for product in $SAVEPRODUCTS; do + case $product in + shorewall6|shorewall6-lite) + PRODUCTS="$PRODUCTS $product"; + ;; + esac + done + ;; + esac + + case $0 in + *up/*) + COMMAND=up + ;; + *) + COMMAND=down + ;; + esac ;; + *) - exit 0 + # + # SuSE ifupdown system + # + INTERFACE="$2" + + case $0 in + *if-up.d*) + COMMAND=up + ;; + *if-down.d*) + COMMAND=down + ;; + *) + exit 0 + ;; + esac ;; esac else # # Assume RedHat/Fedora/CentOS/Foobar/... # - INTERFACE="$1" - - case $0 in - *ifup*) - COMMAND=up - ;; - *ifdown*) - COMMAND=down - ;; - *dispatcher.d*) - COMMAND="$2" + case $0 in + /etc/ppp*) + INTERFACE="$1" + + case $0 in + *ip-up.local) + COMMAND=up + ;; + *) + COMMAND=down + ;; + esac ;; *) - exit 0 + # + # RedHat ifup/down system + # + INTERFACE="$1" + + case $0 in + *ifup*) + COMMAND=up + ;; + *ifdown*) + COMMAND=down + ;; + *dispatcher.d*) + COMMAND="$2" + ;; + *) + exit 0 + ;; + esac ;; esac fi diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh index 75e2c4c52..52772a170 100755 --- a/Shorewall-init/install.sh +++ b/Shorewall-init/install.sh @@ -289,12 +289,6 @@ if [ -z "$DESTDIR" ]; then update-rc.d shorewall-init defaults echo "Shorewall Init will start automatically at boot" - - if [ -d /etc/ppp ]; then - for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do - [ -d /etc/ppp/$directory ] && ln -sf /usr/share/shorewall-init/ifupdown /etc/ppp/$directory/shorewall - done - fi else if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then if insserv /etc/init.d/shorewall-init ; then @@ -318,12 +312,7 @@ if [ -z "$DESTDIR" ]; then elif [ "$INIT" != rc.firewall ]; then #Slackware starts this automatically cant_autostart fi - fi - elif [ -n "$DEBIAN" ]; then - if [ -d /etc/ppp ]; then - for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do - [ -d /etc/ppp/$directory ] && ln -sf /usr/share/shorewall-init/ifupdown /etc/ppp/$directory/shorewall - done + fi fi else @@ -337,10 +326,30 @@ else echo "Shorewall Init will start automatically at boot" fi fi +fi - if [ -n "$DEBIAN" ] -a -d ${DESTDIR}/etc/ppp ]; then +if [ -f ${DESTDIR}/etc/ppp ]; then + if [ -n "$DEBIAN" ] -o -n "$SUSE" ]; then for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do - [ -d /etc/ppp/$directory ] && ln -sf /usr/share/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall + mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories + cp -fp ${DESTDIR}/usr/share/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall + done + elif [ -n "$REDHAT" ]; then + # + # Must use the dreaded ip_xxx.local file + # + for file in ip-up.local ip-down.local; do + FILE=${DESTDIR}/etc/ppp/$file + if [ -f $FILE ]; then + if fgrep -q Shorewall-based $FILE ; then + cp -fp ${DESTDIR}/usr/share/shorewall-init/ifupdown $FILE + else + echo "$FILE already exists -- ppp devices will not be handled" + break + fi + else + cp -fp ${DESTDIR}/usr/share/shorewall-init/ifupdown $FILE + fi done fi fi diff --git a/Shorewall-init/shorewall-init.spec b/Shorewall-init/shorewall-init.spec index 059a9ac7b..84415bc51 100644 --- a/Shorewall-init/shorewall-init.spec +++ b/Shorewall-init/shorewall-init.spec @@ -53,6 +53,11 @@ fi if [ -f /etc/SuSE-release ]; then cp -pf /usr/share/shorewall-init/ifupdown /etc/sysconfig/network/if-up.d/shorewall cp -pf /usr/share/shorewall-init/ifupdown /etc/sysconfig/network/if-down.d/shorewall + if [ -d /etc/ppp ]; then + for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do + cp -pf /usr/share/shorewall-init/ifupdown /etc/ppp/$directory/shorewall + done + fi else if [ -f /sbin/ifup-local -o -f /sbin/ifdown-local ]; then if ! grep -q Shorewall /sbin/ifup-local || ! grep -q Shorewall /sbin/ifdown-local; then @@ -66,6 +71,19 @@ else cp -pf /usr/share/shorewall-init/ifupdown /sbin/ifdown-local fi + if [ -d /etc/ppp ]; then + if [ -f /etc/ppp/ip-up.local -o -f /etc/ppp/ip-down.local ]; then + if ! grep -q Shorewall-based /etc/ppp/ip-up.local || ! grep -q Shorewall-based /etc/ppp//ip-down.local; then + echo "WARNING: /etc/ppp/ip-up.local and/or /etc/ppp/ip-down.local already exist; ppp devices will not be handled" >&2 + else + cp -pf /usr/share/shorewall-init/ifupdown /etc/ppp/ip-up.local + cp -pf /usr/share/shorewall-init/ifupdown /etc/ppp/ip-down.local + fi + else + cp -pf /usr/share/shorewall-init/ifupdown /etc/ppp/ip-up.local + cp -pf /usr/share/shorewall-init/ifupdown /etc/ppp/ip-down.local + fi + if [ -d /etc/NetworkManager/dispatcher.d/ ]; then cp -pf /usr/share/shorewall-init/ifupdown /etc/NetworkManager/dispatcher.d/01-shorewall fi @@ -83,6 +101,9 @@ if [ $1 -eq 0 ]; then [ -f /sbin/ifup-local ] && grep -q Shorewall /sbin/ifup-local && rm -f /sbin/ifup-local [ -f /sbin/ifdown-local ] && grep -q Shorewall /sbin/ifdown-local && rm -f /sbin/ifdown-local + [ -f /etc/ppp/ip-up.local ] && grep -q Shorewall-based /etc/ppp/ip-up.local && rm -f /etc/ppp/ip-up.local + [ -f /etc/ppp/ip-down.local ] && grep -q Shorewall-based /etc/ppp/ip-down.local && rm -f /etc/ppp/ip-down.local + rm -f /etc/NetworkManager/dispatcher.d/01-shorewall fi diff --git a/Shorewall-init/uninstall.sh b/Shorewall-init/uninstall.sh index 6d4d23692..dd35c7708 100755 --- a/Shorewall-init/uninstall.sh +++ b/Shorewall-init/uninstall.sh @@ -94,6 +94,12 @@ if [ -d /etc/ppp ]; then for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do remove_file /etc/ppp/$directory/shorewall done + + for file in if-up.local if-down.local; do + if fgrep -q Shorewall-based /etc/ppp/$FILE; then + remove_file /etc/ppp/$FILE + fi + done fi rm -rf /usr/share/shorewall-init diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index f29333c59..5490c8eb1 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,9 @@ +Changes in Shorewall 4.4.16 Beta 4 + +1) Only issue get_params() warnings under 'trace' + +2) Add ppp support to Shorewall-init + Changes in Shorewall 4.4.16 Beta 3 1) Integrate bug catcher into 'trace' and correct handling of diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 499dbc9d5..0cfb3125c 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -47,7 +47,7 @@ Beta 1 I I I. N E W F E A T U R E S I N T H I S R E L E A S E ---------------------------------------------------------------------------- -None. +1) Shorewall-init now handles ppp devices. ---------------------------------------------------------------------------- I V. R E L E A S E 4 . 4 H I G H L I G H T S