From 9d3da44dad850c0b8e144cc65866d3d320c577a3 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Wed, 15 Apr 2020 09:13:31 -0700
Subject: [PATCH] Ignore 'start' and 'stop' if firewall(s) is started

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall-init/shorewall-init | 52 ++++++++++++++++++++++-------------
 1 file changed, 33 insertions(+), 19 deletions(-)

diff --git a/Shorewall-init/shorewall-init b/Shorewall-init/shorewall-init
index be192b4db..c965027f6 100644
--- a/Shorewall-init/shorewall-init
+++ b/Shorewall-init/shorewall-init
@@ -24,6 +24,20 @@
 #	along with this program; if not, see <http://www.gnu.org/licenses/>.
 #
 ###############################################################################
+#
+# Check to see if any of the products are running. If so, issue a warning
+# and exits with value 1
+firewall_stopped() {
+    for PRODUCT in $PRODUCTS; do
+	if $PRODUCT status > /dev/null 2>&1; then
+	    echo "   WARNING: $PRODUCT is running -- ignoring $1 command" >&2
+	    return 1
+	fi
+    done
+
+    return 0
+}
+
 # set the STATEDIR variable
 setstatedir() {
     local statedir
@@ -42,23 +56,6 @@ setstatedir() {
     fi
 }
 
-#
-# This is modified by the installer when ${SHAREDIR} <> /usr/share
-#
-. /usr/share/shorewall/shorewallrc
-
-# check if shorewall-init is configured or not
-if [ -f "$SYSCONFDIR/shorewall-init" ]; then
-    . $SYSCONFDIR/shorewall-init
-    if [ -z "$PRODUCTS" ]; then
-	echo "ERROR: No products configured" >&2
-	exit 1
-    fi
-else
-    echo "ERROR: ${SYSCONFDIR}/shorewall-init not found" >&2
-    exit 1
-fi
-
 # Initialize the firewall
 shorewall_start () {
     local PRODUCT
@@ -109,12 +106,29 @@ shorewall_stop () {
     return 0
 }
 
+#
+# This is modified by the installer when ${SHAREDIR} <> /usr/share
+#
+. /usr/share/shorewall/shorewallrc
+
+# check if shorewall-init is configured or not
+if [ -f "$SYSCONFDIR/shorewall-init" ]; then
+    . $SYSCONFDIR/shorewall-init
+    if [ -z "$PRODUCTS" ]; then
+	echo "ERROR: No products configured" >&2
+	exit 1
+    fi
+else
+    echo "ERROR: ${SYSCONFDIR}/shorewall-init not found" >&2
+    exit 1
+fi
+
 case "$1" in
     start)
-	shorewall_start
+	firewall_stopped 'start' && shorewall_start
 	;;
     stop)
-	shorewall_stop
+	firewall_stopped 'stop' && shorewall_stop
 	;;
     *)
 	echo "Usage: $0 {start|stop}"