From 8056b6fd854336a828534ab91e424c44b0ef2afe Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 14 Feb 2018 10:37:05 -0800 Subject: [PATCH] Create the 'show saves' command. Signed-off-by: Tom Eastep --- Shorewall-core/lib.cli | 27 +++++++++++++++++++++++++++ Shorewall-core/manpages/shorewall.xml | 24 +++++++++++++++++++----- 2 files changed, 46 insertions(+), 5 deletions(-) diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli index 240a2d3f1..82ee78000 100644 --- a/Shorewall-core/lib.cli +++ b/Shorewall-core/lib.cli @@ -87,6 +87,8 @@ showchain() # $1 = name of chain # validate_restorefile() # $* = label { + [ -n "$RESTOREFILE" ] || RESTOREFILE=restore + case $RESTOREFILE in */*) error_message "ERROR: $@ must specify a simple file name: $RESTOREFILE" @@ -1189,6 +1191,26 @@ show_ipsec_command() { show_ipsec } +show_saves_command() { + local f + local fn + local mtime + + echo "$g_product $SHOREWALL_VERSION Saves at $g_hostname - $(date)" + echo "Saved snapshots are:" + echo + + for f in ${VARDIR}/*-iptables; do + fn=$(basename $f) + fn=${fn%-iptables} + mtime=$(ls -lt $f | tail -n 1 | cut -d ' ' -f '6 7 8' ) + [ $fn = "$RESTOREFILE" ] && fn="$fn (default)" + echo " $mtime ${fn%-iptables}" + done + + echo +} + # # Show Command Executor # @@ -1478,6 +1500,10 @@ show_command() { only_root eval show_ipsec_command $g_pager ;; + saves) + [ $# -gt 1 ] && too_many_arguments $2 + show_saves_command + ;; *) case "$PRODUCT" in *-lite) @@ -4348,6 +4374,7 @@ usage() # $1 = exit status echo " [ show | list | ls ] opens" echo " [ show | list | ls ] policies" echo " [ show | list | ls ] routing" + echo " [ show | list | ls ] saves" echo " [ show | list | ls ] tc [ device ]" echo " [ show | list | ls ] vardir" echo " [ show | list | ls ] zones" diff --git a/Shorewall-core/manpages/shorewall.xml b/Shorewall-core/manpages/shorewall.xml index 17aff8762..b1a844a5d 100644 --- a/Shorewall-core/manpages/shorewall.xml +++ b/Shorewall-core/manpages/shorewall.xml @@ -799,7 +799,7 @@ - + @@ -2359,11 +2359,11 @@ filename ] - The dynamic blacklist is stored in /var/lib/shorewall/save. - The state of the firewall is stored in + Creates a snapshot of the currently running firewall. The + dynamic blacklist is stored in /var/lib/shorewall/save. The state of + the firewall is stored in /var/lib/shorewall/filename for use by the - shorewall restore and shorewall -f start commands. If + shorewall restore command. If filename is not given then the state is saved in the file specified by the RESTOREFILE option in shorewall.conf(5) @@ -2691,6 +2691,20 @@ + + saves + + + Added in Shorewall 5.2.0. Lists snapshots created by the + save command. Each snapshot is listed with + the date and time when it was taken. If there is a snapshot + with the name specified in the RESTOREFILE option in shorewall.conf(5), that + snapshot is listed as the default + snapshot for the restore command. + + + tc