Many fixes for Shorewall-init

Signed-off-by: Tom Eastep <teastep@shorewall.net> Conflicts: Shorewall-init/ifupdown.sh Shorewall-lite/shorewall-lite Shorewall6-lite/shorewall6-lite Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-22 07:33:43 +01:00 · 2010-07-23 08:26:47 -08:00 · 2010-07-23 08:26:47 -08:00 · 6f1cbe45c0
commit 6f1cbe45c0
parent 5ec35bcdc2
2 changed files with 35 additions and 16 deletions
--- a/Shorewall-init/init.debian.sh
+++ b/Shorewall-init/init.debian.sh
@ -84,7 +84,20 @@ shorewall_start () {
      VARDIR=/var/lib/$product
      [ -f /etc/$product/vardir ] && . /etc/$product/vardir
      if [ -x ${VARDIR}/firewall ]; then
-	  ${VARDIR}/firewall stop || echo_notdone
+	  #
+	  # Run in a sub-shell to avoid name collisions
+	  #
+	  ( 
+	      . /usr/share/$product/lib.base
+	      #
+	      # Get mutex so the firewall state is stable
+	      #
+	      mutex_on
+	      if ! ${VARDIR}/firewall status > /dev/null 2>&1; then
+		  ${VARDIR}/firewall stop || echo_notdone
+	      fi
+	      mutex_off
+	  )
      fi
  done

@ -103,7 +116,11 @@ shorewall_stop () {
      VARDIR=/var/lib/$product
      [ -f /etc/$product/vardir ] && . /etc/$product/vardir
      if [ -x ${VARDIR}/firewall ]; then
-	  ${VARDIR}/firewall clear || echo_notdone
+	  ( . /usr/share/$product/lib.base
+	    mutex_on
+	    ${VARDIR}/firewall clear || echo_notdone
+	    mutex_off
+	  )
      fi
  done

--- a/Shorewall-init/init.sh
+++ b/Shorewall-init/init.sh
@ -55,15 +55,17 @@ fi

 # Initialize the firewall
 shorewall_start () {
-  local product
-  local vardir
+  local PRODUCT
+  local VARDIR

  echo -n "Initializing \"Shorewall-based firewalls\": "
-  for product in $PRODUCTS; do
-      vardir=/var/lib/$product
-      [ -f /etc/$product/vardir ] && . /etc/$product/vardir 
-      if [ -x ${vardir}/firewall ]; then
-	  ${vardir}/firewall stop || exit 1
+  for PRODUCT in $PRODUCTS; do
+      VARDIR=/var/lib/$PRODUCT
+      [ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir 
+      if [ -x ${VARDIR}/firewall ]; then
+	  if ! /sbin/$PRODUCT status > /dev/null 2>&1; then
+	      ${VARDIR}/firewall stop || echo_notdone
+	  fi
      fi
  done

@ -72,15 +74,15 @@ shorewall_start () {

 # Clear the firewall
 shorewall_stop () {
-  local product
-  local vardir
+  local PRODUCT
+  local VARDIR

  echo -n "Clearing \"Shorewall-based firewalls\": "
-  for product in $PRODUCTS; do
-      vardir=/var/lib/$PRODUCT
-      [ -f /etc/$product/vardir ] && . /etc/$product/vardir 
-      if [ -x ${vardir}/firewall ]; then
-	  ${vardir}/firewall clear || exit 1
+  for PRODUCT in $PRODUCTS; do
+      VARDIR=/var/lib/$PRODUCT
+      [ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir 
+      if [ -x ${VARDIR}/firewall ]; then
+	  ${VARDIR}/firewall clear || exit 1
      fi
  done