extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 01:37:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reverse Togan's patch -- it is woefully incomplete

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-04-17 07:55:30 -07:00
parent 46191c9f87
commit 97b7856380
7 changed files with 62 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Shorewall-init/install.sh
View File

@ -124,7 +124,7 @@ done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
[ -n "${LIBEXEC:=/usr/share}" ] [ -n "${LIBEXEC:=share}" ]
# #
# Determine where to install the firewall script # Determine where to install the firewall script
# #
@ -260,9 +260,9 @@ fi
# Install the ifupdown script # Install the ifupdown script
# #
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall-init mkdir -p ${DESTDIR}/usr/${LIBEXEC}/shorewall-init
install_file ifupdown.sh ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown 0544 install_file ifupdown.sh ${DESTDIR}/usr/${LIBEXEC}/shorewall-init/ifupdown 0544
if [ -d ${DESTDIR}/etc/NetworkManager ]; then if [ -d ${DESTDIR}/etc/NetworkManager ]; then
install_file ifupdown.sh ${DESTDIR}/etc/NetworkManager/dispatcher.d/01-shorewall 0544 install_file ifupdown.sh ${DESTDIR}/etc/NetworkManager/dispatcher.d/01-shorewall 0544
@ -333,7 +333,7 @@ if [ -f ${DESTDIR}/etc/ppp ]; then
if [ -n "$DEBIAN" ] -o -n "$SUSE" ]; then if [ -n "$DEBIAN" ] -o -n "$SUSE" ]; then
for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall cp -fp ${DESTDIR}/usr/${LIBEXEC}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall
done done
elif [ -n "$REDHAT" ]; then elif [ -n "$REDHAT" ]; then
# #
@ -343,13 +343,13 @@ if [ -f ${DESTDIR}/etc/ppp ]; then
FILE=${DESTDIR}/etc/ppp/$file FILE=${DESTDIR}/etc/ppp/$file
if [ -f $FILE ]; then if [ -f $FILE ]; then
if fgrep -q Shorewall-based $FILE ; then if fgrep -q Shorewall-based $FILE ; then
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown $FILE cp -fp ${DESTDIR}/usr/${LIBEXEC}/shorewall-init/ifupdown $FILE
else else
echo "$FILE already exists -- ppp devices will not be handled" echo "$FILE already exists -- ppp devices will not be handled"
break break
fi fi
else else
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown $FILE cp -fp ${DESTDIR}/usr/${LIBEXEC}/shorewall-init/ifupdown $FILE
fi fi
done done
fi fi

12
Shorewall-lite/install.sh
View File

@ -123,7 +123,7 @@ done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
[ -n "${LIBEXEC:=/usr/share}" ] [ -n "${LIBEXEC:=share}" ]
# #
# Determine where to install the firewall script # Determine where to install the firewall script
# #
@ -229,7 +229,7 @@ echo "Shorewall Lite script installed in ${DESTDIR}${DEST}/$INIT"
# #
mkdir -p ${DESTDIR}/etc/shorewall-lite mkdir -p ${DESTDIR}/etc/shorewall-lite
mkdir -p ${DESTDIR}/usr/share/shorewall-lite mkdir -p ${DESTDIR}/usr/share/shorewall-lite
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall-lite mkdir -p ${DESTDIR}/usr/${LIBEXEC}/shorewall-lite
mkdir -p ${DESTDIR}/var/lib/shorewall-lite mkdir -p ${DESTDIR}/var/lib/shorewall-lite
chmod 755 ${DESTDIR}/etc/shorewall-lite chmod 755 ${DESTDIR}/etc/shorewall-lite
@ -282,20 +282,20 @@ echo "Common functions linked through ${DESTDIR}/usr/share/shorewall-lite/functi
# Install Shorecap # Install Shorecap
# #
install_file shorecap ${DESTDIR}${LIBEXEC}/shorewall-lite/shorecap 0755 install_file shorecap ${DESTDIR}/usr/${LIBEXEC}/shorewall-lite/shorecap 0755
echo echo
echo "Capability file builder installed in ${DESTDIR}${LIBEXEC}/shorewall-lite/shorecap" echo "Capability file builder installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall-lite/shorecap"
# #
# Install wait4ifup # Install wait4ifup
# #
if [ -f wait4ifup ]; then if [ -f wait4ifup ]; then
install_file wait4ifup ${DESTDIR}${LIBEXEC}/shorewall-lite/wait4ifup 0755 install_file wait4ifup ${DESTDIR}/usr/${LIBEXEC}/shorewall-lite/wait4ifup 0755
echo echo
echo "wait4ifup installed in ${DESTDIR}${LIBEXEC}/shorewall-lite/wait4ifup" echo "wait4ifup installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall-lite/wait4ifup"
fi fi
# #

24
Shorewall/install.sh
View File

@ -107,8 +107,8 @@ fi
SPARSE= SPARSE=
MANDIR=${MANDIR:-"/usr/share/man"} MANDIR=${MANDIR:-"/usr/share/man"}
[ -n "${LIBEXEC:=/usr/share}" ] [ -n "${LIBEXEC:=share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ] [ -n "${PERLLIB:=share/shorewall}" ]
INSTALLD='-D' INSTALLD='-D'
@ -265,8 +265,8 @@ fi
# Create /etc/shorewall, /usr/share/shorewall and /var/shorewall if needed # Create /etc/shorewall, /usr/share/shorewall and /var/shorewall if needed
# #
mkdir -p ${DESTDIR}/etc/shorewall mkdir -p ${DESTDIR}/etc/shorewall
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall mkdir -p ${DESTDIR}/usr/${LIBEXEC}/shorewall
mkdir -p ${DESTDIR}${PERLLIB}/Shorewall mkdir -p ${DESTDIR}/usr/${PERLLIB}/Shorewall
mkdir -p ${DESTDIR}/usr/share/shorewall/configfiles mkdir -p ${DESTDIR}/usr/share/shorewall/configfiles
mkdir -p ${DESTDIR}/var/lib/shorewall mkdir -p ${DESTDIR}/var/lib/shorewall
@ -331,10 +331,10 @@ delete_file ${DESTDIR}/usr/share/shorewall/prog.footer
# Install wait4ifup # Install wait4ifup
# #
install_file wait4ifup ${DESTDIR}${LIBEXEC}/shorewall/wait4ifup 0755 install_file wait4ifup ${DESTDIR}/usr/${LIBEXEC}/shorewall/wait4ifup 0755
echo echo
echo "wait4ifup installed in ${DESTDIR}${LIBEXEC}/shorewall/wait4ifup" echo "wait4ifup installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall/wait4ifup"
# #
# Install the policy file # Install the policy file
@ -824,23 +824,23 @@ chmod 755 ${DESTDIR}/usr/share/shorewall/Shorewall
# #
cd Perl cd Perl
install_file compiler.pl ${DESTDIR}${LIBEXEC}/shorewall/compiler.pl 0755 install_file compiler.pl ${DESTDIR}/usr/${LIBEXEC}/shorewall/compiler.pl 0755
echo echo
echo "Compiler installed in ${DESTDIR}${LIBEXEC}/shorewall/compiler.pl" echo "Compiler installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall/compiler.pl"
# #
# Install the params file helper # Install the params file helper
# #
install_file getparams ${DESTDIR}${LIBEXEC}/shorewall/getparams 0755 install_file getparams ${DESTDIR}/usr/${LIBEXEC}/shorewall/getparams 0755
echo echo
echo "Params file helper installed in ${DESTDIR}${LIBEXEC}/shorewall/getparams" echo "Params file helper installed in ${DESTDIR}/usr/share/shorewall/getparams"
# #
# Install the libraries # Install the libraries
# #
for f in Shorewall/*.pm ; do for f in Shorewall/*.pm ; do
install_file $f ${DESTDIR}${PERLLIB}/$f 0644 install_file $f ${DESTDIR}/usr/${PERLLIB}/$f 0644
echo "Module ${f%.*} installed as ${DESTDIR}${PERLLIB}/$f" echo "Module ${f%.*} installed as ${DESTDIR}/usr/${PERLLIB}/$f"
done done
# #
# Install the program skeleton files # Install the program skeleton files

17
Shorewall/shorewall
View File

@ -1140,7 +1140,7 @@ reload_command() # $* = original arguments less the command.
local root local root
root=root root=root
local libexec local libexec
libexec=share libexec=/usr/share
litedir=/var/lib/shorewall-lite litedir=/var/lib/shorewall-lite
@ -1199,11 +1199,20 @@ reload_command() # $* = original arguments less the command.
temp=$(rsh_command /sbin/shorewall-lite show config 2> /dev/null | grep ^LITEDIR | sed 's/LITEDIR is //') temp=$(rsh_command /sbin/shorewall-lite show config 2> /dev/null | grep ^LITEDIR | sed 's/LITEDIR is //')
[ -n "$temp" ] && litedir="$temp" [ -n "$temp" ] && litedir=$temp
temp=$(rsh_command /sbin/shorewall-lite show config 2> /dev/null | grep ^LIBEXEC | sed 's/LIBEXEC is //') temp=$(rsh_command /sbin/shorewall-lite show config 2> /dev/null | grep ^LIBEXEC | sed 's/LIBEXEC is //')
[ -n "$temp" ] && libexec="$temp" if [ -n "$temp" ]; then
case $temp in
/*)
libexec=$temp
;;
*)
libexec=/usr/$temp
;;
esac
fi
if [ -z "$getcaps" ]; then if [ -z "$getcaps" ]; then
SHOREWALL_DIR=$(resolve_file $directory) SHOREWALL_DIR=$(resolve_file $directory)
@ -1221,7 +1230,7 @@ reload_command() # $* = original arguments less the command.
[ -n "$DONT_LOAD" ] && DONT_LOAD="$(echo $DONT_LOAD | tr ',' ' ')" [ -n "$DONT_LOAD" ] && DONT_LOAD="$(echo $DONT_LOAD | tr ',' ' ')"
progress_message "Getting Capabilities on system $system..." progress_message "Getting Capabilities on system $system..."
if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IPTABLES=$IPTABLES DONT_LOAD=\"$DONT_LOAD\" /usr/$libexec/shorewall-lite/shorecap" > $directory/capabilities; then if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IPTABLES=$IPTABLES DONT_LOAD=\"$DONT_LOAD\" $libexec/shorewall-lite/shorecap" > $directory/capabilities; then
fatal_error "ERROR: Capturing capabilities on system $system failed" fatal_error "ERROR: Capturing capabilities on system $system failed"
fi fi
fi fi

14
Shorewall6-lite/install.sh
View File

@ -123,7 +123,7 @@ done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
[ -n "${LIBEXEC:=/usr/share}" ] [ -n "${LIBEXEC:=share}" ]
# #
# Determine where to install the firewall script # Determine where to install the firewall script
# #
@ -188,7 +188,7 @@ else
rm -rf ${DESTDIR}/etc/shorewall6-lite rm -rf ${DESTDIR}/etc/shorewall6-lite
rm -rf ${DESTDIR}/usr/share/shorewall6-lite rm -rf ${DESTDIR}/usr/share/shorewall6-lite
rm -rf ${DESTDIR}/var/lib/shorewall6-lite rm -rf ${DESTDIR}/var/lib/shorewall6-lite
[ "$LIBEXEC" = /usr/share ] || rm -rf /usr/share/shorewall6-lite/wait4ifup /usr/share/shorewall6-lite/shorecap [ "$LIBEXEC" = share ] || rm -rf /usr/share/shorewall6-lite/wait4ifup /usr/share/shorewall6-lite/shorecap
fi fi
# #
@ -227,7 +227,7 @@ echo "Shorewall6 Lite script installed in ${DESTDIR}${DEST}/$INIT"
# #
mkdir -p ${DESTDIR}/etc/shorewall6-lite mkdir -p ${DESTDIR}/etc/shorewall6-lite
mkdir -p ${DESTDIR}/usr/share/shorewall6-lite mkdir -p ${DESTDIR}/usr/share/shorewall6-lite
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall6-lite mkdir -p ${DESTDIR}/usr/${LIBEXEC}/shorewall6-lite
mkdir -p ${DESTDIR}/var/lib/shorewall6-lite mkdir -p ${DESTDIR}/var/lib/shorewall6-lite
chmod 755 ${DESTDIR}/etc/shorewall6-lite chmod 755 ${DESTDIR}/etc/shorewall6-lite
@ -280,20 +280,20 @@ echo "Common functions linked through ${DESTDIR}/usr/share/shorewall6-lite/funct
# Install Shorecap # Install Shorecap
# #
install_file shorecap ${DESTDIR}${LIBEXEC}/shorewall6-lite/shorecap 0755 install_file shorecap ${DESTDIR}/usr/${LIBEXEC}/shorewall6-lite/shorecap 0755
echo echo
echo "Capability file builder installed in ${DESTDIR}${LIBEXEC}/shorewall6-lite/shorecap" echo "Capability file builder installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall6-lite/shorecap"
# #
# Install wait4ifup # Install wait4ifup
# #
if [ -f wait4ifup ]; then if [ -f wait4ifup ]; then
install_file wait4ifup ${DESTDIR}${LIBEXEC}/shorewall6-lite/wait4ifup 0755 install_file wait4ifup ${DESTDIR}/usr/${LIBEXEC}/shorewall6-lite/wait4ifup 0755
echo echo
echo "wait4ifup installed in ${DESTDIR}${LIBEXEC}/shorewall6-lite/wait4ifup" echo "wait4ifup installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall6-lite/wait4ifup"
fi fi
# #

12
Shorewall6/install.sh
View File

@ -110,8 +110,8 @@ MAC=
MANDIR=${MANDIR:-"/usr/share/man"} MANDIR=${MANDIR:-"/usr/share/man"}
SPARSE= SPARSE=
INSTALLD='-D' INSTALLD='-D'
[ -n "${LIBEXEC:=/usr/share}" ] [ -n "${LIBEXEC:=share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ] [ -n "${PERLLIB:=share/shorewall}" ]
case $(uname) in case $(uname) in
CYGWIN*) CYGWIN*)
@ -258,8 +258,8 @@ fi
# Create /etc/shorewall, /usr/share/shorewall and /var/lib/shorewall6 if needed # Create /etc/shorewall, /usr/share/shorewall and /var/lib/shorewall6 if needed
# #
mkdir -p ${DESTDIR}/etc/shorewall6 mkdir -p ${DESTDIR}/etc/shorewall6
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall6 mkdir -p ${DESTDIR}/usr/${LIBEXEC}/shorewall6
mkdir -p ${DESTDIR}${PERLLIB}/ mkdir -p ${DESTDIR}/usr/${PERLLIB}/
mkdir -p ${DESTDIR}/usr/share/shorewall6/configfiles mkdir -p ${DESTDIR}/usr/share/shorewall6/configfiles
mkdir -p ${DESTDIR}/var/lib/shorewall6 mkdir -p ${DESTDIR}/var/lib/shorewall6
@ -325,10 +325,10 @@ delete_file ${DESTDIR}/usr/share/shorewall6/prog.footer6
# Install wait4ifup # Install wait4ifup
# #
install_file wait4ifup ${DESTDIR}${LIBEXEC}/shorewall6/wait4ifup 0755 install_file wait4ifup ${DESTDIR}/usr/${LIBEXEC}/shorewall6/wait4ifup 0755
echo echo
echo "wait4ifup installed in ${DESTDIR}${LIBEXEC}/shorewall6/wait4ifup" echo "wait4ifup installed in ${DESTDIR}/usr/${LIBEXEC}/shorewall6/wait4ifup"
# #
# Install the policy file # Install the policy file

15
Shorewall6/shorewall6
View File

@ -1073,7 +1073,7 @@ reload_command() # $* = original arguments less the command.
local compiler local compiler
compiler= compiler=
local libexec local libexec
libexec=share libexec=/usr/share
litedir=/var/lib/shorewall6-lite litedir=/var/lib/shorewall6-lite
@ -1136,7 +1136,16 @@ reload_command() # $* = original arguments less the command.
temp=$(rsh_command /sbin/shorewall6-lite show config 2> /dev/null | grep ^LIBEXEC | sed 's/LIBEXEC is //') temp=$(rsh_command /sbin/shorewall6-lite show config 2> /dev/null | grep ^LIBEXEC | sed 's/LIBEXEC is //')
[ -n "$temp" ] && libexec=$temp if [ -n "$temp" ]; then
case $temp in
/*)
libexec=$temp
;;
*)
libexec=/usr/$temp
;;
esac
fi
if [ -z "$getcaps" ]; then if [ -z "$getcaps" ]; then
SHOREWALL_DIR=$(resolve_file $directory) SHOREWALL_DIR=$(resolve_file $directory)
@ -1152,7 +1161,7 @@ reload_command() # $* = original arguments less the command.
fi fi
progress_message "Getting Capabilities on system $system..." progress_message "Getting Capabilities on system $system..."
if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IP6TABLES=$IP6TABLES /usr/$libexec/shorewall6-lite/shorecap" > $directory/capabilities; then if ! rsh_command "MODULESDIR=$MODULESDIR MODULE_SUFFIX=\"$MODULE_SUFFIX\" IP6TABLES=$IP6TABLES $libexec/shorewall6-lite/shorecap" > $directory/capabilities; then
fatal_error "ERROR: Capturing capabilities on system $system failed" fatal_error "ERROR: Capturing capabilities on system $system failed"
fi fi
fi fi