mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-23 19:21:21 +02:00
Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
This commit is contained in:
commit
894931731b
@ -307,6 +307,16 @@ chmod 755 ${DESTDIR}${SBINDIR}
|
|||||||
mkdir -p ${DESTDIR}${MANDIR}
|
mkdir -p ${DESTDIR}${MANDIR}
|
||||||
chmod 755 ${DESTDIR}${MANDIR}
|
chmod 755 ${DESTDIR}${MANDIR}
|
||||||
|
|
||||||
|
if [ -n "${INITFILE}" ]; then
|
||||||
|
mkdir -p ${DESTDIR}${INITDIR}
|
||||||
|
chmod 755 ${DESTDIR}${INITDIR}
|
||||||
|
|
||||||
|
if [ -n "$AUXINITSOURCE" -a -f "$AUXINITSOURCE" ]; then
|
||||||
|
install_file $AUXINITSOURCE ${DESTDIR}${INITDIR}/$AUXINITFILE 0544
|
||||||
|
[ "${SHAREDIR}" = /usr/share ] || eval sed -i \'s\|/usr/share/\|${SHAREDIR}/\|\' ${DESTDIR}${INITDIR}/$AUXINITFILE
|
||||||
|
echo "$Product script installed in ${DESTDIR}${INITDIR}/$AUXINITFILE"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
#
|
#
|
||||||
# Note: ${VARDIR} is created at run-time since it has always been
|
# Note: ${VARDIR} is created at run-time since it has always been
|
||||||
# a relocatable directory on a per-product basis
|
# a relocatable directory on a per-product basis
|
||||||
|
@ -11,10 +11,10 @@ CONFDIR=/etc #Directory where subsystem configurat
|
|||||||
SBINDIR=/sbin #Directory where system administration programs are installed
|
SBINDIR=/sbin #Directory where system administration programs are installed
|
||||||
MANDIR=${PREFIX}/man #Directory where manpages are installed.
|
MANDIR=${PREFIX}/man #Directory where manpages are installed.
|
||||||
INITDIR=/etc/rc.d #Directory where SysV init scripts are installed.
|
INITDIR=/etc/rc.d #Directory where SysV init scripts are installed.
|
||||||
INITSOURCE=init.slackware.firewall #Name of the distributed file to be installed as the SysV init script
|
AUXINITSOURCE=init.slackware.firewall.sh #Name of the distributed file to be installed as the SysV init script
|
||||||
INITFILE=rc.firewall #Name of the product's installed SysV init script
|
AUXINITFILE=rc.firewall #Name of the product's installed SysV init script
|
||||||
AUXINITSOURCE=init.slackware.$PRODUCT #Name of the distributed file to be installed as a second SysV init script
|
INITSOURCE=init.slackware.$PRODUCT.sh #Name of the distributed file to be installed as a second SysV init script
|
||||||
AUXINITFILE=rc.$PRODUCT #Name of the product's installed second init script
|
INITFILE=rc.$PRODUCT #Name of the product's installed second init script
|
||||||
SYSTEMD= #Name of the directory where .service files are installed (systems running systemd only)
|
SYSTEMD= #Name of the directory where .service files are installed (systems running systemd only)
|
||||||
SYSCONFFILE= #Name of the distributed file to be installed in $SYSCONFDIR
|
SYSCONFFILE= #Name of the distributed file to be installed in $SYSCONFDIR
|
||||||
SYSCONFDIR= #Name of the directory where SysV init parameter files are installed.
|
SYSCONFDIR= #Name of the directory where SysV init parameter files are installed.
|
||||||
|
@ -468,7 +468,7 @@ sub convert_blacklist() {
|
|||||||
open $blrules, '>', $fn1 or fatal_error "Unable to open $fn1: $!";
|
open $blrules, '>', $fn1 or fatal_error "Unable to open $fn1: $!";
|
||||||
print $blrules <<'EOF';
|
print $blrules <<'EOF';
|
||||||
#
|
#
|
||||||
# Shorewall version 5 - Blacklist Rules File
|
# Shorewall version 4.55 - Blacklist Rules File
|
||||||
#
|
#
|
||||||
# For information about entries in this file, type "man shorewall-blrules"
|
# For information about entries in this file, type "man shorewall-blrules"
|
||||||
#
|
#
|
||||||
@ -1477,17 +1477,21 @@ sub generate_matrix() {
|
|||||||
progress_message ' Handling complex zones...';
|
progress_message ' Handling complex zones...';
|
||||||
|
|
||||||
#
|
#
|
||||||
# Special processing for complex configurations
|
# Special processing for configurations with more than 2 off-firewall zones or with other special considerations like IPSEC.
|
||||||
#
|
#
|
||||||
for my $zone ( @zones ) {
|
for my $zone ( @zones ) {
|
||||||
my $zoneref = find_zone( $zone );
|
my $zoneref = find_zone( $zone );
|
||||||
|
|
||||||
next if @zones <= 2 && ! $zoneref->{complex};
|
next if @zones <= 2 && ! $zoneref->{complex};
|
||||||
#
|
#
|
||||||
# Complex zone or we have more than one non-firewall zone -- Shorewall::Rules::classic_blacklist created a zone forwarding chain
|
# Complex zone or we have more than two off-firewall zones -- Shorewall::Rules::classic_blacklist created a zone forwarding chain
|
||||||
#
|
#
|
||||||
my $frwd_ref = $filter_table->{zone_forward_chain( $zone )};
|
my $frwd_ref = $filter_table->{zone_forward_chain( $zone )};
|
||||||
|
|
||||||
|
assert( $frwd_ref, $zone );
|
||||||
|
#
|
||||||
|
# Add Zone mark if any
|
||||||
|
#
|
||||||
add_ijump( $frwd_ref , j => 'MARK --set-mark ' . in_hex( $zoneref->{mark} ) . '/' . in_hex( $globals{ZONE_MASK} ) ) if $zoneref->{mark};
|
add_ijump( $frwd_ref , j => 'MARK --set-mark ' . in_hex( $zoneref->{mark} ) . '/' . in_hex( $globals{ZONE_MASK} ) ) if $zoneref->{mark};
|
||||||
|
|
||||||
if ( have_ipsec ) {
|
if ( have_ipsec ) {
|
||||||
|
@ -333,15 +333,12 @@ echo "$PRODUCT control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT"
|
|||||||
# Install the Firewall Script
|
# Install the Firewall Script
|
||||||
#
|
#
|
||||||
if [ -n "$INITFILE" ]; then
|
if [ -n "$INITFILE" ]; then
|
||||||
|
if [ -f "${INITSOURCE}" ]; then
|
||||||
install_file $INITSOURCE ${DESTDIR}${INITDIR}/$INITFILE 0544
|
install_file $INITSOURCE ${DESTDIR}${INITDIR}/$INITFILE 0544
|
||||||
[ "${SHAREDIR}" = /usr/share ] || eval sed -i \'s\|/usr/share/\|${SHAREDIR}/\|\' ${DESTDIR}${INITDIR}/$INITFILE
|
[ "${SHAREDIR}" = /usr/share ] || eval sed -i \'s\|/usr/share/\|${SHAREDIR}/\|\' ${DESTDIR}${INITDIR}/$INITFILE
|
||||||
|
|
||||||
if [ -n "${AUXINITSOURCE}" ]; then
|
|
||||||
install_file $INITSOURCE ${DESTDIR}${INITDIR}/$INITFILE 0544
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "$Product script installed in ${DESTDIR}${INITDIR}/$INITFILE"
|
echo "$Product script installed in ${DESTDIR}${INITDIR}/$INITFILE"
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
#
|
#
|
||||||
# Create /etc/$PRODUCT and other directories
|
# Create /etc/$PRODUCT and other directories
|
||||||
|
Loading…
x
Reference in New Issue
Block a user