/sbin/shorewall status rework -- take 2

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-07-29 18:32:50 +00:00
parent 48502e75bb
commit 9feb547b6e
5 changed files with 68 additions and 32 deletions

View File

@ -29,7 +29,6 @@
# shorewall start Starts the firewall
# shorewall restart Restarts the firewall
# shorewall stop Stops the firewall
# shorewall status Displays firewall status
# shorewall reset Resets iptables packet and
# byte counts
# shorewall clear Remove all Shorewall chains
@ -1941,8 +1940,14 @@ stop_firewall() {
fi
echo Restoring Shorewall...
$RESTOREPATH
echo "Shorewall restored from $RESTOREPATH"
if $RESTOREPATH; then
echo "Shorewall restored from $RESTOREPATH"
set_state "Started"
else
set_state "Unknown"
fi
my_mutex_off
kill $$
exit 2
@ -1950,6 +1955,8 @@ stop_firewall() {
;;
esac
set_state "Stopping"
stopping="Yes"
terminator=
@ -2051,6 +2058,8 @@ stop_firewall() {
run_user_exit stopped
set_state "Stopped"
logger "Shorewall Stopped"
rm -rf $TMP_DIR
@ -2092,6 +2101,8 @@ clear_firewall() {
run_user_exit clear
set_state "Cleared"
logger "Shorewall Cleared"
}
@ -7829,6 +7840,8 @@ define_firewall() # $1 = Command (Start or Restart)
echo "${1}ing Shorewall..."
set_state "${1}ing"
verify_os_version
verify_ip
@ -7926,6 +7939,8 @@ define_firewall() # $1 = Command (Start or Restart)
date > /var/lib/shorewall/restarted
run_and_save_command set_state "Started"
report "Shorewall ${1}ed"
run_user_exit started
@ -8690,7 +8705,7 @@ do_initialize() {
# Give Usage Information
#
usage() {
echo "Usage: $0 [debug] {start|stop|reset|restart|status|refresh|clear|{add|delete} <interface>[:hosts] zone}}"
echo "Usage: $0 [debug] {start|stop|reset|restart|refresh|clear|{add|delete} <interface>[:hosts] zone}}"
exit 1
}
@ -8756,22 +8771,6 @@ case "$COMMAND" in
my_mutex_off
;;
status)
[ $# -ne 1 ] && usage
do_initialize
echo "Shorewall-$version Status at $HOSTNAME - $(date)"
echo
if chain_exists shorewall; then
echo "Shorewall is started"
echo
[ -f /var/lib/shorewall/restarted ] && \
echo "Counters reset $(cat /var/lib/shorewall/restarted)" && \
echo
else
echo "Shorewall is not started"
fi
;;
reset)
[ $# -ne 1 ] && usage
do_initialize

View File

@ -800,3 +800,11 @@ mywhich() {
return 2
}
#
# Set the Shorewall state
#
set_state () # $1 = state
{
echo "$1 ($(date))" > /var/lib/shorewall/state
}

View File

@ -302,9 +302,18 @@ status)
shorewall status
Displays the Shorewall status (started/not-started). If Shorewall is started,
the time at which Shorewall was last started/restarted/refreshed or reset is
displayed."
Displays the Shorewall status (running/not-running)."
;;
state)
echo "state: state
shorewall state
Displays the Shorewall state as shown in the state diagram at
http://www.shorewall.net/starting_and_stopping_shorewall. If Shorewall
has been started since installed, the time at which Shorewall was last
started/restarted/refreshed or reset is displayed."
;;
trace)

View File

@ -33,8 +33,8 @@ Migration Considerations:
columns of the /etc/shorewall/ipsec file. The latter file has been
removed.
To attempt to adhere to the principle of least astonishment, the
old /etc/shorewall/ipsec file will continue to be supported. A new
Adhering to the principle of least astonishment, the old
/etc/shorewall/ipsec file will continue to be supported. A new
IPSECFILE variable in /etc/shorewall/shorewall.conf determines the
name of the file that Shorewall looks in for IPSEC information. If
that variable is not set or is set to the empty value then

View File

@ -42,6 +42,7 @@
# plus the last 20 "interesting"
# packets
# shorewall status Displays firewall status
# shorewall state Displays firewall state
# shorewall reset Resets iptables packet and
# byte counts
# shorewall clear Open the floodgates by
@ -513,6 +514,7 @@ usage() # $1 = exit status
echo " show [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|nat|tc|tos|zones]"
echo " start [ <directory> ]"
echo " stop"
echo " state"
echo " status"
echo " try <directory> [ <timeout> ]"
echo " version"
@ -909,15 +911,33 @@ case "$1" in
;;
status)
[ $# -eq 1 ] || usage 1
echo "Shorewall-$version Status at $HOSTNAME - $(date)"
echo
if qt $IPTABLES -L shorewall -n -v; then
echo "Shorewall is started"
echo
show_reset
else
echo "Shorewall is not started"
echo "Shorewall is running"
exit 0
fi
echo "Shorewall is stopped"
status=4
if [ -f /var/lib/shorewall/state ]; then
case $(cat /var/lib/shorewall/state) in
Stopped*|Clear*)
status=3
;;
esac
fi
exit $status
;;
state)
[ $# -eq 1 ] || usage 1
echo "Shorewall-$version State at $HOSTNAME - $(date)"
echo
if [ -f /var/lib/shorewall/state ]; then
state=$(cat /var/lib/shorewall/state)
else
state=Unknown
fi
echo "The Shorewall state is $state"
echo
;;
dump)
[ -n "$debugging" ] && set -x