diff --git a/Shorewall-lite/changelog.txt b/Shorewall-lite/changelog.txt deleted file mode 100644 index d61a2ece7..000000000 --- a/Shorewall-lite/changelog.txt +++ /dev/null @@ -1,21 +0,0 @@ -Changes in 3.3.3 - -1) Add logfile name to output of "shorewall show log" and "shorewall - logwatch". - -Changes in 3.3.1 - -1) Update Versions. - -Changes in 3.3.0 - -1) Fix output of 'hits' command under busybox 1.2.0. - -2) Fixed output of 'hits' with spaces as delimiters in /etc/services. - -3) Fixed modules/xmodules snafu. - -4) Fix comments in shorewall-lite. - -5) Merge shorewall.conf handling changes. - diff --git a/Shorewall-lite/help b/Shorewall-lite/help index 00bc37dcd..33ea20d72 100755 --- a/Shorewall-lite/help +++ b/Shorewall-lite/help @@ -205,7 +205,7 @@ save) ;; show) - echo "show: show [ [ ...] |actions|capabilities|classifiers|config|connections|log|macros|mangle|nat|tc|zones] + echo "show: show [ [ ...] |actions|capabilities|classifiers|config|connections|ip|log|macros|mangle|nat|routing|tc|zones] shorewall-lite [-x] show [ ... ] - produce a verbose report about the IPtable chain(s). (iptables -L chain -n -v) @@ -231,6 +231,10 @@ show) specified, then the output is suitable for use as /etc/shorewall/capabilities on your administrative system. + shorewall-lite show ip - produces output equivalent to 'ip addr ls' + + shorewall-lite show routing - produces a report about routing rules and tables. + shorewall-lite show config - displays the default CONFIG_PATH and LITEDIR for your distribution When -x is given, that option is also passed to iptables to display actual packet and byte counts." diff --git a/Shorewall-lite/releasenotes.txt b/Shorewall-lite/releasenotes.txt deleted file mode 100644 index e99d8d003..000000000 --- a/Shorewall-lite/releasenotes.txt +++ /dev/null @@ -1,14 +0,0 @@ -Shorewall Lite 3.3.3 - -Problems Corrected in 3.3.3 - -None. - -Other changes in 3.3.3 - -1) The output of "shorewall show log" and "shorewall logwatch" now - include the name of the log file being accessed. - - - - diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite index cdb8e9086..6d0e97fe8 100755 --- a/Shorewall-lite/shorewall-lite +++ b/Shorewall-lite/shorewall-lite @@ -670,6 +670,25 @@ restart_command() { return $rc } +# +# Show routing configuration +# +show_routing() { + if [ -n "$(ip rule ls)" ]; then + heading "Routing Rules" + ip rule ls + ip rule ls | while read rule; do + echo ${rule##* } + done | sort -u | while read table; do + heading "Table $table:" + ip route ls table $table + done + else + heading "Routing Table" + ip route ls + fi +} + # # Show Command Executor # @@ -798,6 +817,18 @@ show_command() { echo "Default CONFIG_PATH is $CONFIG_PATH" echo "LITEDIR is $LITEDIR" ;; + ip) + [ $# -gt 1 ] && usage 1 + echo "Shorewall Lite $version IP at $HOSTNAME - $(date)" + echo + ip addr ls + ;; + routing) + [ $# -gt 1 ] && usage 1 + echo "Shorewall Lite $version Routing at $HOSTNAME - $(date)" + echo + show_routing + ;; *) echo "Shorewall Lite $version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)" echo @@ -892,19 +923,7 @@ dump_command() { done done - if [ -n "$(ip rule ls)" ]; then - heading "Routing Rules" - ip rule ls - ip rule ls | while read rule; do - echo ${rule##* } - done | sort -u | while read table; do - heading "Table $table:" - ip route ls table $table - done - else - heading "Routing Table" - ip route ls - fi + show_routing heading "ARP" arp -na @@ -1030,7 +1049,7 @@ usage() # $1 = exit status echo " restart [ -n ] [ ]" echo " restore [ -n ] [ ]" echo " save [ ]" - echo " show [ -x ] [ -m ] [ -f ] [ [ ... ]|capabilities|classifiers|config|connections|log|mangle|nat|tc|zones]" + echo " show [ -x ] [ -m ] [ -f ] [ [ ... ]|capabilities|classifiers|config|connections|ip|log|mangle|nat|routing|tc|zones]" echo " start [ -f ] [ -n ] [ ]" echo " stop" echo " status" diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index ae9f8073c..de76e7a31 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -2,6 +2,8 @@ Changes in 3.3.4 1) Make exclusion work with "show zones" +2) Add 'show ip' and 'show routing' commands. + Changes in 3.3.3 1) Fix excluding in SUBNET column. diff --git a/Shorewall/help b/Shorewall/help index 5f92a2d59..8a8614120 100755 --- a/Shorewall/help +++ b/Shorewall/help @@ -348,7 +348,7 @@ save) ;; show) - echo "show: show [ [ ...] |actions|capabilities|classifiers|config|connections|log|macros|mangle|nat|tc|zones] + echo "show: show [ [ ...] |actions|capabilities|classifiers|config|connections|ip|log|macros|mangle|nat|routing|tc|zones] shorewall [-x] show [ ... ] - produce a verbose report about the IPtable chain(s). (iptables -L chain -n -v) @@ -377,6 +377,10 @@ show) shorewall show [ -f ] capabilities - displays your kernel/iptables capabilities. When \"-f\" is specified, then the output is suitable for use as /etc/shorewall/capabilities. + shorewall show ip - produces output equivalent to 'ip addr ls' + + shorewall show routing - produces a report about routing rules and tables. + shorewall show config - displays the default CONFIG_PATH and LITEDIR for your distribution When -x is given, that option is also passed to iptables to display actual packet and byte counts." diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 513d1e047..f69a184e3 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -37,7 +37,10 @@ None. Other Changes in 3.3.4. -None. +1) New "shorewall[-lite] show ip" and "shorewall[-lite] show routing" + commands have been added. The first produces the same output as "ip + addr ls". The second produces a report about your routing rules and + tables. Migration Considerations: diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 9f4e3b54b..c31312f68 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -917,6 +917,25 @@ refresh_command() { [ -n "$nolock" ] || mutex_off } +# +# Show routing configuration +# +show_routing() { + if [ -n "$(ip rule ls)" ]; then + heading "Routing Rules" + ip rule ls + ip rule ls | while read rule; do + echo ${rule##* } + done | sort -u | while read table; do + heading "Table $table:" + ip route ls table $table + done + else + heading "Routing Table" + ip route ls + fi +} + # # Show Command Executor # @@ -1064,6 +1083,18 @@ show_command() { fi done ;; + ip) + [ $# -gt 1 ] && usage 1 + echo "Shorewall Lite $version IP at $HOSTNAME - $(date)" + echo + ip addr ls + ;; + routing) + [ $# -gt 1 ] && usage 1 + echo "Shorewall Lite $version Routing at $HOSTNAME - $(date)" + echo + show_routing + ;; config) . ${SHAREDIR}/configpath echo "Default CONFIG_PATH is $CONFIG_PATH" @@ -1163,19 +1194,7 @@ dump_command() { done done - if [ -n "$(ip rule ls)" ]; then - heading "Routing Rules" - ip rule ls - ip rule ls | while read rule; do - echo ${rule##* } - done | sort -u | while read table; do - heading "Table $table:" - ip route ls table $table - done - else - heading "Routing Table" - ip route ls - fi + show_routing heading "ARP" arp -na @@ -1567,7 +1586,7 @@ usage() # $1 = exit status echo " restart [ -n ] [ ]" echo " restore [ -n ] [ ]" echo " save [ ]" - echo " show [ -x ] [ -m ] [-f] [ [ ... ]|actions|capabilities|classifiers|config|connections|log|macros|mangle|nat|tc|zones]" + echo " show [ -x ] [ -m ] [-f] [ [ ... ]|actions|capabilities|classifiers|config|connections|ip|log|macros|mangle|nat|routing|tc|zones]" echo " start [ -f ] [ -n ] [ ]" echo " stop" echo " status"