Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code

This commit is contained in:
Tom Eastep 2015-05-08 09:49:42 -07:00
commit 7195ee708e
6 changed files with 66 additions and 58 deletions

View File

@ -1683,7 +1683,7 @@ restore_command() {
if [ -z "$STARTUP_ENABLED" ]; then
error_message "ERROR: Startup is disabled"
exit 2
exit 6
fi
g_restorepath=${VARDIR}/$RESTOREFILE
@ -3680,7 +3680,7 @@ start_command() {
else
error_message "${VARDIR}/firewall is missing or is not executable"
logger -p kern.err "ERROR:$g_product start failed"
rc=2
rc=6
fi
[ -n "$g_nolock" ] || mutex_off
@ -3813,7 +3813,7 @@ restart_command() {
else
error_message "${VARDIR}/firewall is missing or is not executable"
logger -p kern.err "ERROR:$g_product restart failed"
rc=2
rc=6
fi
[ -n "$g_nolock" ] || mutex_off

View File

@ -74,7 +74,9 @@ setstatedir() {
[ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then
${SBINDIR}/$PRODUCT ${OPTIONS} compile -c || echo_notdone
${SBINDIR}/$PRODUCT ${OPTIONS} compile -c
else
return 0
fi
}
@ -103,21 +105,17 @@ shorewall_start () {
echo -n "Initializing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x ${STATEDIR}/firewall ]; then
#
# Run in a sub-shell to avoid name collisions
#
(
if ! ${STATEDIR}/firewall status > /dev/null 2>&1; then
${STATEDIR}/firewall ${OPTIONS} stop || echo_notdone
else
echo_notdone
${STATEDIR}/firewall ${OPTIONS} stop
fi
)
else
echo_notdone
fi
fi
done
@ -144,10 +142,10 @@ shorewall_stop () {
echo -n "Clearing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x ${STATEDIR}/firewall ]; then
${STATEDIR}/firewall ${OPTIONS} clear || echo_notdone
${STATEDIR}/firewall ${OPTIONS} clear
fi
fi
done

View File

@ -69,10 +69,10 @@ setstatedir() {
[ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
if [ ! -x $STATEDIR/firewall ]; then
if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then
${SBINDIR}/$PRODUCT ${OPTIONS} compile $STATEDIR/firewall
fi
else
return 0
fi
}
@ -83,11 +83,11 @@ shorewall_start () {
echo -n "Initializing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x ${STATEDIR}/firewall ]; then
if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then
${STATEDIR}/firewall ${OPTIONS} stop || exit 1
${STATEDIR}/firewall ${OPTIONS} stop
fi
fi
fi
done
@ -106,10 +106,10 @@ shorewall_stop () {
echo -n "Clearing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x ${STATEDIR}/firewall ]; then
${STATEDIR}/firewall ${OPTIONS} clear || exit 1
${STATEDIR}/firewall ${OPTIONS} clear
fi
fi
done

View File

@ -80,7 +80,9 @@ setstatedir() {
[ -n "$statedir" ] && STATEDIR=${statedir} || STATEDIR=${VARLIB}/${PRODUCT}
if [ $PRODUCT = shorewall -o $PRODUCT = shorewall6 ]; then
${SBINDIR}/$PRODUCT ${OPTIONS} compile -c || exit
${SBINDIR}/$PRODUCT ${OPTIONS} compile -c
else
return 0
fi
}
@ -91,14 +93,12 @@ shorewall_start () {
echo -n "Initializing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x $STATEDIR/firewall ]; then
if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then
$STATEDIR/$PRODUCT/firewall ${OPTIONS} stop || exit
$STATEDIR/$PRODUCT/firewall ${OPTIONS} stop
fi
fi
else
exit 6
fi
done
@ -114,12 +114,10 @@ shorewall_stop () {
echo -n "Clearing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
setstatedir
if setstatedir; then
if [ -x ${STATEDIR}/firewall ]; then
${STATEDIR}/firewall ${OPTIONS} clear || exit
else
exit 6
${STATEDIR}/firewall ${OPTIONS} clear
fi
fi
done

View File

@ -169,7 +169,7 @@ get_config() {
*)
if [ -n "$STARTUP_ENABLED" ]; then
fatal_error "Invalid Value for STARTUP_ENABLED: $STARTUP_ENABLED"
exit 2
exit 6
fi
;;
esac

View File

@ -24,6 +24,8 @@
<year>2012</year>
<year>2015</year>
<holder>Thomas M. Eastep</holder>
</copyright>
@ -93,13 +95,16 @@
<section id="Shorewall">
<title>Shorewall</title>
<para>The Shorewall package includes a large number of files which are
installed in <filename class="directory">/sbin</filename>, <filename
class="directory">/usr/share/shorewall</filename>, <filename
<para>The Shorewall package includes a large number of files which were
traditionally installed in <filename class="directory">/sbin</filename>,
<filename class="directory">/usr/share/shorewall</filename>, <filename
class="directory">/etc/shorewall</filename>,
<filename>/etc/init.d</filename> and <filename
class="directory">/var/lib/shorewall/</filename>. These are described in
the sub-sections that follow.</para>
the sub-sections that follow. Since Shorewall 4.5.2, each of these
directories is now relocatable using the <ulink
url="Install.htm#idp8774904608">configure scripts included with Shorewall
Core</ulink>.</para>
<section id="sbin">
<title>/sbin</title>
@ -170,7 +175,8 @@
<listitem>
<para><filename>lib.*</filename> - Shell function libraries used by
the other shell programs.</para>
the other shell programs. Most of these are actually provided by
Shorewall-core.</para>
</listitem>
<listitem>
@ -194,6 +200,12 @@
containing the Shorewall Perl modules used by the compiler.</para>
</listitem>
<listitem>
<para><filename>shorewallrc</filename> - A file that specifies where
all of the other installed components (from all packages) are
installed.</para>
</listitem>
<listitem>
<para><filename>version</filename> - A file containing the currently
install version of Shorewall.</para>
@ -504,8 +516,8 @@
<section id="sbin-lite">
<title>/sbin</title>
<para>The <filename>/sbin/shorewall-lite</filename> shell program is used
to interact with Shorewall lite. See <ulink
<para>The <filename>/sbin/shorewall-lite</filename> shell program is
used to interact with Shorewall lite. See <ulink
url="manpages/shorewall-lite.html">shorewall-lite</ulink>(8).</para>
</section>