Eliminate MODULE_SUFFIX

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-25 00:53:49 +01:00 · 2017-08-23 10:19:52 -07:00 · 2017-08-23 10:19:52 -07:00 · 90f33dd436
commit 90f33dd436
parent 6f475cde3f
17 changed files with 27 additions and 66 deletions
--- a/Shorewall-core/lib.common
+++ b/Shorewall-core/lib.common
@ -282,13 +282,15 @@ loadmodule() # $1 = module name, $2 - * arguments
 		    insmod)
 			for directory in $moduledirectories; do
 			    for modulefile in $directory/${modulename}.*; do
 				if [ -f $modulefile ]; then
 				    insmod $modulefile $moduleoptions
 				    return
 				fi
 			    done
 			done
 			;;
 		    *)
-			modprobe $modulename $moduleoptions 2> /dev/null
+			modprobe -q $modulename $moduleoptions
 			;;
 		esac
 	    fi
@ -298,13 +300,15 @@ loadmodule() # $1 = module name, $2 - * arguments
 	    insmod)
 		for directory in $moduledirectories; do
 		    for modulefile in $directory/${modulename}.*; do
 			if [ -f $modulefile ]; then
 			    insmod $modulefile $moduleoptions
 			    return
 			fi
 		    done
 		done
 		;;
 	    *)
-		modprobe $modulename $moduleoptions 2> /dev/null
+		modprobe -q $modulename $moduleoptions
 		;;
 	esac
    fi
@ -329,8 +333,6 @@ reload_kernel_modules() {
 	moduleloader=insmod
    fi
    [ -n "${MODULE_SUFFIX:=ko ko.gz ko.xz o o.gz o.xz gz xz}" ]
    if [ -n "$MODULESDIR" ]; then
 	case "$MODULESDIR" in
 	    +*)
@ -385,8 +387,6 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
 	moduleloader=insmod
    fi
    [ -n "${MODULE_SUFFIX:=o gz xz ko o.gz o.xz ko.gz ko.xz}" ]
    if [ -n "$MODULESDIR" ]; then
 	case "$MODULESDIR" in
 	    +*)
--- a/Shorewall-lite/shorecap
+++ b/Shorewall-lite/shorecap
@ -28,7 +28,7 @@
 #
 #   On the target system (the system where the firewall program is to run):
 #
-#       [ IPTABLES=<iptables binary> ] [ MODULESDIR=<kernel modules directory> ] [ MODULE_SUFFIX="<module suffix list>" ] shorecap > capabilities
+#       [ IPTABLES=<iptables binary> ] [ MODULESDIR=<kernel modules directory> ] shorecap > capabilities
 #
 #    Now move the capabilities file to the compilation system. The file must
 #    be placed in a directory on the CONFIG_PATH to be used when compiling firewalls
@ -38,7 +38,6 @@
 #
 #        IPTABLES - iptables
 #        MODULESDIR - /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter
 #        MODULE_SUFFIX - "o gz xz ko o.gz o.xz ko.gz ko.xz"
 #
 #    Shorewall need not be installed on the target system to run shorecap. If the '-e' flag is
 #    used during firewall compilation, then the generated firewall program will likewise not
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@ -36,6 +36,7 @@ use strict;
 use warnings;
 use File::Basename;
 use File::Temp qw/ tempfile tempdir /;
 use File::Glob ':globally';
 use Cwd qw(abs_path getcwd);
 use autouse 'Carp' => qw(longmess confess);
 use Scalar::Util 'reftype';
@ -315,7 +316,7 @@ our %renamed = ( AUTO_COMMENT => 'AUTOCOMMENT', BLACKLIST_LOGLEVEL => 'BLACKLIST
 #
 # Config options and global settings that are to be copied to output script
 #
-our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY LOCKFILE SUBSYSLOCK LOG_VERBOSITY RESTART/;
+our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR LOAD_HELPERS_ONLY LOCKFILE SUBSYSLOCK LOG_VERBOSITY RESTART/;
 #
 # From parsing the capabilities file or detecting capabilities
 #
@ -648,6 +649,7 @@ our %eliminated = ( LOGRATE          => 1,
 		    HIGH_ROUTE_MARKS => 1,
 		    BLACKLISTNEWONLY => 1,
 		    CHAIN_SCRIPTS    => 1,
                    MODULE_SUFFIX    => 1,
 		  );
 #
 # Variables involved in ?IF, ?ELSE ?ENDIF processing
@ -848,7 +850,6 @@ sub initialize( $;$$) {
 	  BLACKLIST => undef,
 	  BLACKLISTNEWONLY => undef,
 	  DELAYBLACKLISTLOAD => undef,
 	  MODULE_SUFFIX => undef,
 	  DISABLE_IPV6 => undef,
 	  DYNAMIC_ZONES => undef,
 	  PKTTYPE=> undef,
@ -4320,25 +4321,20 @@ sub load_kernel_modules( ) {
 	close LSMOD;
-	$config{MODULE_SUFFIX} = 'ko ko.gz ko.xz o o.gz o.xz gz xz' unless $config{MODULE_SUFFIX};
+      MODULE:
 	my @suffixes = split /\s+/ , $config{MODULE_SUFFIX};
 	while ( read_a_line( NORMAL_READ ) ) {
 	    fatal_error "Invalid modules file entry" unless ( $currentline =~ /^loadmodule\s+([a-zA-Z]\w*)\s*(.*)$/ );
 	    my ( $module, $arguments ) = ( $1, $2 );
 	    unless ( $loadedmodules{ $module } ) {
-		for my $directory ( @moduledirectories ) {
+		if ( $moduleloader eq 'modprobe' ) {
-		    for my $suffix ( @suffixes ) {
+		    system( "modprobe -q $module $arguments" );
 			my $modulefile = "$directory/$module.$suffix";
 			if ( -f $modulefile ) {
 			    if ( $moduleloader eq 'insmod' ) {
 				system ("insmod $modulefile $arguments" );
 			    } else {
 				system( "modprobe $module $arguments" );
 			    }
 		    $loadedmodules{ $module } = 1;
 		} else {
 		    for my $directory ( @moduledirectories ) {
 			for my $modulefile ( <$directory/$module.*> ) {
 			    system ("insmod $modulefile $arguments" );
 			    $loadedmodules{ $module } = 1;
 			    next MODULE;
 			}
 		    }
 		}
@ -6070,7 +6066,6 @@ sub get_configuration( $$$$ ) {
    #
    # get_capabilities requires that the true settings of these options be established
    #
    default 'MODULE_PREFIX', 'ko ko.gz o o.gz gz';
    default_yes_no 'LOAD_HELPERS_ONLY'          , 'Yes';
    if ( ! $export && $> == 0 ) {
--- a/Shorewall/Samples/Universal/shorewall.conf
+++ b/Shorewall/Samples/Universal/shorewall.conf
@ -205,8 +205,6 @@ MINIUPNPD=No
 MARK_IN_FORWARD_CHAIN=No
 MODULE_SUFFIX="ko ko.xz"
 MULTICAST=No
 MUTEX_TIMEOUT=60
--- a/Shorewall/Samples/one-interface/shorewall.conf
+++ b/Shorewall/Samples/one-interface/shorewall.conf
@ -216,8 +216,6 @@ MINIUPNPD=No
 MARK_IN_FORWARD_CHAIN=No
 MODULE_SUFFIX="ko ko.xz"
 MULTICAST=No
 MUTEX_TIMEOUT=60
--- a/Shorewall/Samples/three-interfaces/shorewall.conf
+++ b/Shorewall/Samples/three-interfaces/shorewall.conf
@ -213,8 +213,6 @@ MINIUPNPD=No
 MARK_IN_FORWARD_CHAIN=No
 MODULE_SUFFIX="ko ko.xz"
 MULTICAST=No
 MUTEX_TIMEOUT=60
--- a/Shorewall/Samples/two-interfaces/shorewall.conf
+++ b/Shorewall/Samples/two-interfaces/shorewall.conf
@ -216,8 +216,6 @@ MINIUPNPD=No
 MARK_IN_FORWARD_CHAIN=No
 MODULE_SUFFIX="ko ko.xz"
 MULTICAST=No
 MUTEX_TIMEOUT=60
--- a/Shorewall/configfiles/shorewall.conf
+++ b/Shorewall/configfiles/shorewall.conf
@ -205,8 +205,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MULTICAST=No
 MUTEX_TIMEOUT=60
--- a/Shorewall/lib.cli-std
+++ b/Shorewall/lib.cli-std
@ -1556,10 +1556,10 @@ remote_reload_command() # $* = original arguments less the command.
 	progress_message "Getting Capabilities on system $system..."
 	if [ $g_family -eq 4 ]; then
-	    if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IPTABLES=$IPTABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall-lite/shorecap" > $g_shorewalldir/capabilities; then
+	    if ! rsh_command "MODULESDIR=$MODULESDIR IPTABLES=$IPTABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall-lite/shorecap" > $g_shorewalldir/capabilities; then
 	        fatal_error "Capturing capabilities on system $system failed"
 	    fi
-	elif ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IP6TABLES=$IP6TABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall6-lite/shorecap" > $g_shorewalldir/capabilities; then
+	elif ! rsh_command "MODULESDIR=$MODULESDIR IP6TABLES=$IP6TABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall6-lite/shorecap" > $g_shorewalldir/capabilities; then
 	    fatal_error "Capturing capabilities on system $system failed"
 	fi
    fi
--- a/Shorewall/manpages/shorewall-modules.xml
+++ b/Shorewall/manpages/shorewall-modules.xml
@ -51,7 +51,7 @@
    <para>The <replaceable>modulename</replaceable> names a kernel module
    (without suffix). Shorewall will search for modules based on your
-    MODULESDIR and MODULE_SUFFIX settings in <ulink
+    MODULESDIR setting in <ulink
    url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(8). The
    <replaceable>moduleoption</replaceable>s are passed to modprobe (if
    installed) or to insmod.</para>
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@ -1892,18 +1892,6 @@ LOG:info:,bar                        net                    fw</programlisting>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis role="bold">MODULE_SUFFIX=</emphasis>[<emphasis
        role="bold">"</emphasis><emphasis>extension</emphasis> ...<emphasis
        role="bold">"</emphasis>]</term>
        <listitem>
          <para>The value of this option determines the possible file
          extensions of kernel modules. The default value is "ko ko.gz ko.xz o
          o.gz o.xz gz xz".</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><emphasis
        role="bold">MODULESDIR=</emphasis>[[+]<emphasis>pathname</emphasis>[<emphasis
--- a/Shorewall6-lite/shorecap
+++ b/Shorewall6-lite/shorecap
@ -28,7 +28,7 @@
 #
 #   On the target system (the system where the firewall program is to run):
 #
-#       [ IPTABLES=<iptables binary> ] [ MODULESDIR=<kernel modules directory> ] [ MODULE_SUFFIX="<module suffix list>" ] shorecap > capabilities
+#       [ IPTABLES=<iptables binary> ] [ MODULESDIR=<kernel modules directory> ] shorecap > capabilities
 #
 #    Now move the capabilities file to the compilation system. The file must
 #    be placed in a directory on the CONFIG_PATH to be used when compiling firewalls
@ -38,7 +38,6 @@
 #
 #        IPTABLES - iptables
 #        MODULESDIR - /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter
 #        MODULE_SUFFIX - "o gz xz ko o.gz o.xz ko.gz ko.xz"
 #
 #    Shorewall need not be installed on the target system to run shorecap. If the '-e' flag is
 #    used during firewall compilation, then the generated firewall program will likewise not
--- a/Shorewall6/Samples6/Universal/shorewall6.conf
+++ b/Shorewall6/Samples6/Universal/shorewall6.conf
@ -190,8 +190,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MUTEX_TIMEOUT=60
 OPTIMIZE=All
--- a/Shorewall6/Samples6/one-interface/shorewall6.conf
+++ b/Shorewall6/Samples6/one-interface/shorewall6.conf
@ -191,8 +191,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MUTEX_TIMEOUT=60
 OPTIMIZE=All
--- a/Shorewall6/Samples6/three-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/three-interfaces/shorewall6.conf
@ -190,8 +190,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MUTEX_TIMEOUT=60
 OPTIMIZE=All
--- a/Shorewall6/Samples6/two-interfaces/shorewall6.conf
+++ b/Shorewall6/Samples6/two-interfaces/shorewall6.conf
@ -190,8 +190,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MUTEX_TIMEOUT=60
 OPTIMIZE=All
--- a/Shorewall6/configfiles/shorewall6.conf
+++ b/Shorewall6/configfiles/shorewall6.conf
@ -190,8 +190,6 @@ MARK_IN_FORWARD_CHAIN=No
 MINIUPNPD=No
 MODULE_SUFFIX="ko ko.xz"
 MUTEX_TIMEOUT=60
 OPTIMIZE=All