extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-24 03:31:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix some over-agressive removals

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7506 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
el_cubano 2007-10-22 15:47:25 +00:00
parent 0105dd9d4f
commit 8d81bfc05b
4 changed files with 110 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
Shorewall-common/default.debian Normal file
View File

@ -0,0 +1,24 @@
# prevent startup with default configuration
# set the following varible to 1 in order to allow Shorewall to start
startup=0
# if your Shorewall configuration requires detection of the ip address of a ppp
# interface, you must list such interfaces in "wait_interface" to get Shorewall to
# wait until the interface is configured. Otherwise the script will fail because
# it won't be able to detect the IP address.
#
# Example:
# wait_interface="ppp0"
# or
# wait_interface="ppp0 ppp1"
# or, if you have defined in /etc/shorewall/params
# wait_interface=
#
# Startup options
#
OPTIONS=""
# EOF

56
Shorewall-common/init.debian.sh
View File

@ -1,15 +1,28 @@
#!/bin/sh #!/bin/sh
### BEGIN INIT INFO
# Provides: shorewall
# Required-Start: $network
# Required-Stop: $network
# Default-Start: S
# Default-Stop: 0 6
# Short-Description: Configure the firewall at boot time
# Description: Configure the firewall according to the rules specified in
# /etc/shorewall
### END INIT INFO
SRWL=/sbin/shorewall SRWL=/sbin/shorewall
SRWL_OPTS="-tvv"
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
# Note, set INITLOG to /dev/null if you do not want to # Note, set INITLOG to /dev/null if you do not want to
# keep logs of the firewall (not recommended) # keep logs of the firewall (not recommended)
INITLOG=/var/log/shorewall-init.log INITLOG=/var/log/shorewall-init.log
OPTIONS="-f"
test -x $SRWL || exit 0 test -x $SRWL || exit 0
test -x $WAIT_FOR_IFUP || exit 0
test -n $INITLOG || { test -n $INITLOG || {
echo "INITLOG cannot be empty, please configure $0" ; echo "INITLOG cannot be empty, please configure $0" ;
exit 1; exit 1;
} }
@ -21,35 +34,27 @@ fi
echo_notdone () { echo_notdone () {
if [ "$INITLOG" = "/dev/null" ] ; then if [ "$INITLOG" = "/dev/null" ] ; then
"not done." echo "not done."
else else
"not done (check $INITLOG)." echo "not done (check $INITLOG)."
fi fi
} }
not_configured () { not_configured () {
echo "#### WARNING ####" echo "#### WARNING ####"
echo "the firewall won't be started/stopped unless it is configured" echo "The firewall won't be started/stopped unless it is configured"
if [ "$1" != "stop" ] if [ "$1" != "stop" ]
then then
echo "" echo ""
echo "please configure it and then edit /etc/default/shorewall" echo "Please read about Debian specific customization in"
echo "and set the \"startup\" variable to 1 in order to allow " echo "/usr/share/doc/shorewall-common/README.Debian.gz."
echo "shorewall to start"
fi fi
echo "#################" echo "#################"
exit 0 exit 0
} }
# parse the shorewall params file in order to use params in
# /etc/default/shorewall
if [ -f "/etc/shorewall/params" ]
then
. /etc/shorewall/params
fi
# check if shorewall is configured or not # check if shorewall is configured or not
if [ -f "/etc/default/shorewall" ] if [ -f "/etc/default/shorewall" ]
then then
@ -62,21 +67,14 @@ else
not_configured not_configured
fi fi
# wait an unconfigured interface # wait an unconfigured interface
wait_for_pppd () { wait_for_pppd () {
if [ "$wait_interface" != "" ] if [ "$wait_interface" != "" ]
then then
if [ -f $WAIT_FOR_IFUP ]
then
for i in $wait_interface for i in $wait_interface
do do
$WAIT_FOR_IFUP $i 90 $WAIT_FOR_IFUP $i 90
done done
else
echo "$WAIT_FOR_IFUP: File not found" >> $INITLOG
echo_notdone
exit 2
fi
fi fi
} }
@ -84,28 +82,28 @@ wait_for_pppd () {
shorewall_start () { shorewall_start () {
echo -n "Starting \"Shorewall firewall\": " echo -n "Starting \"Shorewall firewall\": "
wait_for_pppd wait_for_pppd
$SRWL $OPTIONS start >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS start >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# stop the firewall # stop the firewall
shorewall_stop () { shorewall_stop () {
echo -n "Stopping \"Shorewall firewall\": " echo -n "Stopping \"Shorewall firewall\": "
$SRWL stop >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# restart the firewall # restart the firewall
shorewall_restart () { shorewall_restart () {
echo -n "Restarting \"Shorewall firewall\": " echo -n "Restarting \"Shorewall firewall\": "
$SRWL restart >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS restart >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# refresh the firewall # refresh the firewall
shorewall_refresh () { shorewall_refresh () {
echo -n "Refreshing \"Shorewall firewall\": " echo -n "Refreshing \"Shorewall firewall\": "
$SRWL refresh >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS refresh >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }

24
Shorewall-lite/default.debian Normal file
View File

@ -0,0 +1,24 @@
# prevent startup with default configuration
# set the following varible to 1 in order to allow Shorewall to start
startup=0
# if your Shorewall configuration requires detection of the ip address of a ppp
# interface, you must list such interfaces in "wait_interface" to get Shorewall to
# wait until the interface is configured. Otherwise the script will fail because
# it won't be able to detect the IP address.
#
# Example:
# wait_interface="ppp0"
# or
# wait_interface="ppp0 ppp1"
#
# Startup options -- if you specify '-f' then Shorewall will use the last saved
# configuration if any; this is much faster than parsing the
# configuration files.
#
OPTIONS="-f"
# EOF

70
Shorewall-lite/init.debian.sh
View File

@ -1,15 +1,28 @@
#!/bin/sh #!/bin/sh
### BEGIN INIT INFO
# Provides: shorewall-lite
# Required-Start: $network
# Required-Stop: $network
# Default-Start: S
# Default-Stop: 0 6
# Short-Description: Configure the firewall at boot time
# Description: Configure the firewall according to the rules specified in
# /etc/shorewall-lite
### END INIT INFO
SRWL=/sbin/shorewall-lite SRWL=/sbin/shorewall-lite
WAIT_FOR_IFUP=/usr/share/shorewall-lite/wait4ifup SRWL_OPTS="-tvv"
# Note, set INITLOG to /dev/null if you do not want to # Note, set INITLOG to /dev/null if you do not want to
# keep logs of the firewall (not recommended) # keep logs of the firewall (not recommended)
INITLOG=/var/log/shorewall-init.log INITLOG=/var/log/shorewall-lite-init.log
OPTIONS="-f"
test -x $SRWL || exit 0 test -x $SRWL || exit 0
test -x $WAIT_FOR_IFUP || exit 0
test -n $INITLOG || { test -n $INITLOG || {
echo "INITLOG cannot be empty, please configure $0" ; echo "INITLOG cannot be empty, please configure $0" ;
exit 1; exit 1;
} }
@ -21,10 +34,10 @@ fi
echo_notdone () { echo_notdone () {
if [ "$INITLOG" = "/dev/null" ] ; then if [ "$INITLOG" = "/dev/null" ] ; then
"not done." echo "not done."
else else
"not done (check $INITLOG)." echo "not done (check $INITLOG)."
fi fi
} }
@ -35,14 +48,20 @@ not_configured () {
if [ "$1" != "stop" ] if [ "$1" != "stop" ]
then then
echo "" echo ""
echo "please configure it and then edit /etc/default/shorewall-lite" echo "Please read about Debian specific customization in"
echo "and set the \"startup\" variable to 1 in order to allow " echo "/usr/share/doc/shorewall/README.Debian.gz."
echo "Shorewall Lite to start"
fi fi
echo "#################" echo "#################"
exit 0 exit 0
} }
# parse the shorewall params file in order to use params in
# /etc/default/shorewall
if [ -f "/etc/shorewall-lite/params" ]
then
. /etc/shorewall-lite/params
fi
# check if shorewall is configured or not # check if shorewall is configured or not
if [ -f "/etc/default/shorewall-lite" ] if [ -f "/etc/default/shorewall-lite" ]
then then
@ -55,50 +74,31 @@ else
not_configured not_configured
fi fi
# wait an unconfigured interface
wait_for_pppd () {
if [ "$wait_interface" != "" ]
then
if [ -f $WAIT_FOR_IFUP ]
then
for i in $wait_interface
do
$WAIT_FOR_IFUP $i 90
done
else
echo "$WAIT_FOR_IFUP: File not found" >> $INITLOG
echo_notdone
exit 2
fi
fi
}
# start the firewall # start the firewall
shorewall_start () { shorewall_start () {
echo -n "Starting \"Shorewall firewall\": " echo -n "Starting \"Shorewall firewall\": "
wait_for_pppd $SRWL $SRWL_OPTS start >> $INITLOG 2>&1 && echo "done." || echo_notdone
$SRWL $OPTIONS start >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# stop the firewall # stop the firewall
shorewall_stop () { shorewall_stop () {
echo -n "Stopping \"Shorewall firewall\": " echo -n "Stopping \"Shorewall firewall\": "
$SRWL stop >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# restart the firewall # restart the firewall
shorewall_restart () { shorewall_restart () {
echo -n "Restarting \"Shorewall firewall\": " echo -n "Restarting \"Shorewall firewall\": "
$SRWL restart >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS restart >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
# refresh the firewall # refresh the firewall
shorewall_refresh () { shorewall_refresh () {
echo -n "Refreshing \"Shorewall firewall\": " echo -n "Refreshing \"Shorewall firewall\": "
$SRWL refresh >> $INITLOG 2>&1 && echo "done." || echo_notdone $SRWL $SRWL_OPTS refresh >> $INITLOG 2>&1 && echo "done." || echo_notdone
return 0 return 0
} }
@ -111,7 +111,7 @@ case "$1" in
;; ;;
refresh) refresh)
shorewall_refresh shorewall_refresh
;; ;;
force-reload|restart) force-reload|restart)
shorewall_restart shorewall_restart
;; ;;