Don't export globals when the script is 4.4.8 or later

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-22 07:33:43 +01:00 · 2010-03-03 08:51:40 -08:00 · 2010-03-03 08:51:40 -08:00 · 7457f643ee
commit 7457f643ee
parent 70296b4bd6
4 changed files with 157 additions and 46 deletions
--- a/Shorewall-lite/shorewall-lite
+++ b/Shorewall-lite/shorewall-lite
@ -166,35 +166,6 @@ verify_firewall_script() {
    fi
 }

-#
-# Do required exports and run $SHOREWALL_SHELL
-#
-do_exports() {
-    export RESTOREFILE
-    export VERBOSITY
-    export NOROUTES
-    export PURGE
-    export TIMESTAMP
-    export PATH
-    export RECOVERING
-
-    export LOGFORMAT
-    export IPTABLES
-}
-
-#
-# Do required exports and run or exec $SHOREWALL_SHELL
-#
-run_it() {
-    do_exports
-    $SHOREWALL_SHELL $@
-}
-
-exec_it() {
-    do_exports
-    exec $SHOREWALL_SHELL $@
-}
-
 #
 # Start Command Executor
 #
@ -608,11 +579,11 @@ case "$COMMAND" in
    stop|clear)
 	[ $# -ne 1 ] && usage 1
 	verify_firewall_script
-	exec_it $g_firewall $debugging $nolock $COMMAND
+	run_it $g_firewall $debugging $nolock $COMMAND
 	;;
    reset)
 	verify_firewall_script
-	exec_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
+	run_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
 	;;
    restart)
 	shift
--- a/Shorewall/Perl/prog.header
+++ b/Shorewall/Perl/prog.header
@ -1172,6 +1172,84 @@ startup_error() # $* = Error Message
    exit 2
 }

+#
+# Get the Shorewall version of the passed script
+#
+get_script_version() { # $1 = script
+    local temp
+    local version
+    local ifs
+
+    temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
+
+    if [ $? -ne 0 ]; then
+	version=0
+    else
+	ifs=$IFS
+	IFS=.
+	temp=$(echo $temp)
+	IFS=$ifs
+	
+	for temp in $temp; do
+	    version=${version}$(printf '%02d' $temp)
+	done
+    fi
+    
+    echo $version
+}
+ 
+    
+#
+# Do required exports or create the required option string and run the passed script using
+# $SHOREWALL_SHELL
+#
+run_it() {
+    local script
+    local options
+    local version
+
+    script=$1
+    shift
+
+    version=$(get_script_version $script)
+
+    if [ $version -lt 040408 ]; then
+	#
+	# Old script that doesn't understand 4.4.8 script options
+	#
+	export RESTOREFILE
+	export VERBOSITY
+	export NOROUTES
+	export PURGE
+	export TIMESTAMP
+	export RECOVERING
+ 
+	if [ "$g_product" != Shorewall ]; then
+	    #
+	    # Shorewall Lite
+	    #
+	    export LOGFORMAT
+	    export IPTABLES
+	fi
+    else
+	#
+	# 4.4.8 or later -- no exports required
+	#
+	options='-'
+
+	[ -n "$NOROUTES" ]  && options=${options}n
+	[ -n "$TIMESTAMP" ] && options=${options}t
+	[ -n "$PURGE" ]     && options=${options}p
+	[ -n "$RECOVERING" ] && options=${options}r
+
+	options="${options}V $VERBOSITY"
+
+	[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
+    fi
+	
+    $SHOREWALL_SHELL $script $options $@
+}
+
 #
 # Run iptables and if an error occurs, stop/restore the firewall
 #
--- a/Shorewall/lib.cli
+++ b/Shorewall/lib.cli
@ -34,6 +34,83 @@ fatal_error() # $@ = Message
    exit 2
 }

+#
+# Get the Shorewall version of the passed script
+#
+get_script_version() { # $1 = script
+    local temp
+    local version
+    local ifs
+
+    temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
+
+    if [ $? -ne 0 ]; then
+	version=0
+    else
+	ifs=$IFS
+	IFS=.
+	temp=$(echo $temp)
+	IFS=$ifs
+	
+	for temp in $temp; do
+	    version=${version}$(printf '%02d' $temp)
+	done
+    fi
+    
+    echo $version
+}
+  
+#
+# Do required exports or create the required option string and run the passed script using
+# $SHOREWALL_SHELL
+#
+run_it() {
+    local script
+    local options
+    local version
+
+    script=$1
+    shift
+
+    version=$(get_script_version $script)
+
+    if [ $version -lt 040408 ]; then
+	#
+	# Old script that doesn't understand 4.4.8 script options
+	#
+	export RESTOREFILE
+	export VERBOSITY
+	export NOROUTES
+	export PURGE
+	export TIMESTAMP
+	export RECOVERING
+ 
+	if [ "$g_product" != Shorewall ]; then
+	    #
+	    # Shorewall Lite
+	    #
+	    export LOGFORMAT
+	    export IPTABLES
+	fi
+    else
+	#
+	# 4.4.8 or later -- no exports required
+	#
+	options='-'
+
+	[ -n "$NOROUTES" ]  && options=${options}n
+	[ -n "$TIMESTAMP" ] && options=${options}t
+	[ -n "$PURGE" ]     && options=${options}p
+	[ -n "$RECOVERING" ] && options=${options}r
+
+	options="${options}V $VERBOSITY"
+
+	[ -n "$RESTOREFILE" ] && options="${options} -R $RESTOREFILE"
+    fi
+	
+    $SHOREWALL_SHELL $script $options $@
+}
+
 # Display a chain if it exists
 #

--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@ -358,21 +358,6 @@ compiler() {
    perl $debugflags /usr/share/shorewall/compiler.pl $options $@
 }

-#
-# Do required exports and run $SHOREWALL_SHELL
-#
-run_it() {
-    export RESTOREFILE
-    export VERBOSITY
-    export NOROUTES
-    export PURGE
-    export TIMESTAMP
-    export PATH
-    export RECOVERING
-
-    $SHOREWALL_SHELL $@
-}
-
 #
 # Start Command Executor
 #