extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 03:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implement LOAD_HELPERS_ONLY for IPv6

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-01-21 15:33:26 -08:00
parent efc43b1b24
commit 8f85c75264
9 changed files with 78 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Samples6/one-interface/shorewall6.conf
View File

@ -151,7 +151,9 @@ DYNAMIC_BLACKLIST=Yes
OPTIMIZE_ACCOUNTING=No OPTIMIZE_ACCOUNTING=No
############################################################################### LOAD_HELPERS_ONLY=Yes
##############################################################################
# P A C K E T D I S P O S I T I O N # P A C K E T D I S P O S I T I O N
############################################################################### ###############################################################################

2
Samples6/three-interfaces/shorewall6.conf
View File

@ -151,6 +151,8 @@ DYNAMIC_BLACKLIST=Yes
OPTIMIZE_ACCOUNTING=No OPTIMIZE_ACCOUNTING=No
LOAD_HELPERS_ONLY=Yes
############################################################################### ###############################################################################
# P A C K E T D I S P O S I T I O N # P A C K E T D I S P O S I T I O N
############################################################################### ###############################################################################

2
Samples6/two-interfaces/shorewall6.conf
View File

@ -151,6 +151,8 @@ DYNAMIC_BLACKLIST=Yes
OPTIMIZE_ACCOUNTING=No OPTIMIZE_ACCOUNTING=No
LOAD_HELPERS_ONLY=Yes
############################################################################### ###############################################################################
# P A C K E T D I S P O S I T I O N # P A C K E T D I S P O S I T I O N
############################################################################### ###############################################################################

2
Shorewall/Perl/prog.header6
View File

@ -310,7 +310,7 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
[ -d $directory ] && moduledirectories="$moduledirectories $directory" [ -d $directory ] && moduledirectories="$moduledirectories $directory"
done done
modules=$(find_file modules) [ -n "$LOAD_HELPERS_ONLY" ] && modules=$(find_file helpers) || modules=$(find_file modules)
if [ -f $modules -a -n "$moduledirectories" ]; then if [ -f $modules -a -n "$moduledirectories" ]; then
MODULES=$(lsmod | cut -d ' ' -f1) MODULES=$(lsmod | cut -d ' ' -f1)

47
Shorewall6/helpers Normal file
View File

@ -0,0 +1,47 @@
#
# Shorewall6 version 4 - Helpers File
#
# /usr/share/shorewall6/helpers
#
# This file loads the modules that may be needed by the firewall.
#
# THE ORDER OF THE COMMANDS BELOW IS IMPORTANT!!!!!! You MUST load in
# dependency order. i.e., if M2 depends on M1 then you must load M1
# before you load M2.
#
# If you need to modify this file, copy it to /etc/shorewall and modify the
# copy.
#
###############################################################################
#
# Helpers
#
loadmodule nf_conntrack_amanda
loadmodule nf_conntrack_ftp
loadmodule nf_conntrack_h323
loadmodule nf_conntrack_irc
loadmodule nf_conntrack_netbios_ns
loadmodule nf_conntrack_netbios_ns
loadmodule nf_conntrack_netlink
loadmodule nf_conntrack_pptp
loadmodule nf_conntrack_proto_sctp
loadmodule nf_conntrack_proto_udplite
loadmodule nf_conntrack_sane
loadmodule nf_conntrack_sip sip_direct_media=0
loadmodule nf_conntrack_pptp
loadmodule nf_conntrack_proto_gre
loadmodule nf_conntrack_proto_sctp
loadmodule nf_conntrack_sip
loadmodule nf_conntrack_tftp
loadmodule nf_conntrack_sane
#
# Traffic Shaping
#
loadmodule sch_sfq
loadmodule sch_ingress
loadmodule sch_htb
loadmodule sch_hfsc
loadmodule cls_u32
loadmodule cls_fw
loadmodule cls_flow
loadmodule act_police

6
Shorewall6/install.sh
View File

@ -361,6 +361,12 @@ fi
run_install $OWNERSHIP -m 0600 modules ${PREFIX}/usr/share/shorewall6/modules run_install $OWNERSHIP -m 0600 modules ${PREFIX}/usr/share/shorewall6/modules
echo "Modules file installed as ${PREFIX}/usr/share/shorewall6/modules" echo "Modules file installed as ${PREFIX}/usr/share/shorewall6/modules"
#
# Install the Module Helpers file
#
run_install $OWNERSHIP -m 0600 helpers ${PREFIX}/usr/share/shorewall6/helpers
echo "Helper modules file installed as ${PREFIX}/usr/share/shorewall6/helpers"
# #
# Install the TC Rules file # Install the TC Rules file
# #

2
Shorewall6/lib.base
View File

@ -302,7 +302,7 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
[ -d $directory ] && moduledirectories="$moduledirectories $directory" [ -d $directory ] && moduledirectories="$moduledirectories $directory"
done done
modules=$(find_file modules) [ -n "$LOAD_HELPERS_ONLY" ] && modules=$(find_file helpers) || modules=$(find_file modules)
if [ -f $modules -a -n "$moduledirectories" ]; then if [ -f $modules -a -n "$moduledirectories" ]; then
MODULES=$(lsmod | cut -d ' ' -f1) MODULES=$(lsmod | cut -d ' ' -f1)

14
Shorewall6/shorewall6
View File

@ -220,6 +220,20 @@ get_config() {
fi fi
;; ;;
esac esac
case $LOAD_HELPERS_ONLY in
Yes|yes)
;;
No|no)
LOAD_HELPERS_ONLY=
;;
*)
if [ -n "$LOAD_HELPERS_ONLY" ]; then
echo " ERROR: Invalid LOAD_HELPERS_ONLY setting ($LOAD_HELPERS_ONLY)" >&2
exit 1
fi
;;
esac
} }
# #

2
Shorewall6/shorewall6.conf
View File

@ -157,6 +157,8 @@ OPTIMIZE_ACCOUNTING=No
DYNAMIC_BLACKLIST=Yes DYNAMIC_BLACKLIST=Yes
LOAD_HELPERS_ONLY=No
############################################################################### ###############################################################################
# P A C K E T D I S P O S I T I O N # P A C K E T D I S P O S I T I O N
############################################################################### ###############################################################################