From 6f1cbe45c01a1a1a03332286a7c873de9b4e6a7a Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Fri, 23 Jul 2010 08:26:47 -0800
Subject: [PATCH] Many fixes for Shorewall-init

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:

	Shorewall-init/ifupdown.sh
	Shorewall-lite/shorewall-lite
	Shorewall6-lite/shorewall6-lite

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall-init/init.debian.sh | 21 +++++++++++++++++++--
 Shorewall-init/init.sh        | 30 ++++++++++++++++--------------
 2 files changed, 35 insertions(+), 16 deletions(-)

diff --git a/Shorewall-init/init.debian.sh b/Shorewall-init/init.debian.sh
index fa3d4c987..cfd027da7 100755
--- a/Shorewall-init/init.debian.sh
+++ b/Shorewall-init/init.debian.sh
@@ -84,7 +84,20 @@ shorewall_start () {
       VARDIR=/var/lib/$product
       [ -f /etc/$product/vardir ] && . /etc/$product/vardir
       if [ -x ${VARDIR}/firewall ]; then
-	  ${VARDIR}/firewall stop || echo_notdone
+	  #
+	  # Run in a sub-shell to avoid name collisions
+	  #
+	  ( 
+	      . /usr/share/$product/lib.base
+	      #
+	      # Get mutex so the firewall state is stable
+	      #
+	      mutex_on
+	      if ! ${VARDIR}/firewall status > /dev/null 2>&1; then
+		  ${VARDIR}/firewall stop || echo_notdone
+	      fi
+	      mutex_off
+	  )
       fi
   done
 
@@ -103,7 +116,11 @@ shorewall_stop () {
       VARDIR=/var/lib/$product
       [ -f /etc/$product/vardir ] && . /etc/$product/vardir
       if [ -x ${VARDIR}/firewall ]; then
-	  ${VARDIR}/firewall clear || echo_notdone
+	  ( . /usr/share/$product/lib.base
+	    mutex_on
+	    ${VARDIR}/firewall clear || echo_notdone
+	    mutex_off
+	  )
       fi
   done
 
diff --git a/Shorewall-init/init.sh b/Shorewall-init/init.sh
index df211ecfc..8d6428f57 100755
--- a/Shorewall-init/init.sh
+++ b/Shorewall-init/init.sh
@@ -55,15 +55,17 @@ fi
 
 # Initialize the firewall
 shorewall_start () {
-  local product
-  local vardir
+  local PRODUCT
+  local VARDIR
 
   echo -n "Initializing \"Shorewall-based firewalls\": "
-  for product in $PRODUCTS; do
-      vardir=/var/lib/$product
-      [ -f /etc/$product/vardir ] && . /etc/$product/vardir 
-      if [ -x ${vardir}/firewall ]; then
-	  ${vardir}/firewall stop || exit 1
+  for PRODUCT in $PRODUCTS; do
+      VARDIR=/var/lib/$PRODUCT
+      [ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir 
+      if [ -x ${VARDIR}/firewall ]; then
+	  if ! /sbin/$PRODUCT status > /dev/null 2>&1; then
+	      ${VARDIR}/firewall stop || echo_notdone
+	  fi
       fi
   done
 
@@ -72,15 +74,15 @@ shorewall_start () {
 
 # Clear the firewall
 shorewall_stop () {
-  local product
-  local vardir
+  local PRODUCT
+  local VARDIR
 
   echo -n "Clearing \"Shorewall-based firewalls\": "
-  for product in $PRODUCTS; do
-      vardir=/var/lib/$PRODUCT
-      [ -f /etc/$product/vardir ] && . /etc/$product/vardir 
-      if [ -x ${vardir}/firewall ]; then
-	  ${vardir}/firewall clear || exit 1
+  for PRODUCT in $PRODUCTS; do
+      VARDIR=/var/lib/$PRODUCT
+      [ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir 
+      if [ -x ${VARDIR}/firewall ]; then
+	  ${VARDIR}/firewall clear || exit 1
       fi
   done