mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-31 18:48:56 +01:00
Fix some bugs in the Shorewall-init implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
38cdd417eb
commit
a501222194
@ -31,7 +31,7 @@ elif [ -f /etc/sysconfig/shorewall-init ]; then
|
||||
. /etc/sysconfig/shorewall-init
|
||||
fi
|
||||
|
||||
[ "$IFUPDOWN" = 1 && -n "$PRODUCTS" ] || exit 0
|
||||
[ "$IFUPDOWN" = 1 -a -n "$PRODUCTS" ] || exit 0
|
||||
|
||||
if [ -f /etc/debian_version ]; then
|
||||
#
|
||||
@ -55,7 +55,7 @@ if [ -f /etc/debian_version ]; then
|
||||
VARDIR=/var/lib/$PRODUCT
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x $VARDIR/firewall ]; then
|
||||
$VARDIR/firewall -v0 $COMMAND $IFACE
|
||||
$VARDIR/firewall -V0 $COMMAND $IFACE
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -73,34 +73,38 @@ fi
|
||||
# Initialize the firewall
|
||||
shorewall_start () {
|
||||
local product
|
||||
local vardir
|
||||
local VARDIR
|
||||
|
||||
echo -n "Initializing \"Shorewall-based firewalls\": "
|
||||
for product in $PRODUCTS; do
|
||||
vardir=/var/lib/$product
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x ${vardir}/firewall ]; then
|
||||
${vardir}/firewall close || notdone
|
||||
VARDIR=/var/lib/$product
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall stop || echo_notdone
|
||||
fi
|
||||
done
|
||||
|
||||
echo "done."
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
# Clear the firewall
|
||||
shorewall_stop () {
|
||||
local product
|
||||
local vardir
|
||||
local VARDIR
|
||||
|
||||
echo -n "Clearing \"Shorewall-based firewalls\": "
|
||||
for product in $PRODUCTS; do
|
||||
vardir=/var/lib/$PRODUCT
|
||||
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
|
||||
if [ -x ${vardir}/firewall ]; then
|
||||
${vardir}/firewall clear || notdone
|
||||
VARDIR=/var/lib/$product
|
||||
[ -f /etc/$product/vardir ] && . /etc/$product/vardir
|
||||
if [ -x ${VARDIR}/firewall ]; then
|
||||
${VARDIR}/firewall clear || echo_notdone
|
||||
fi
|
||||
done
|
||||
|
||||
echo "done."
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
|
@ -9,4 +9,4 @@ PRODUCTS=""
|
||||
# Set this to 1 if you want Shorewall-init to react to
|
||||
# ifup/ifdown events
|
||||
#
|
||||
UPDOWN=0
|
||||
IFUPDOWN=0
|
||||
|
@ -11,7 +11,7 @@
|
||||
# it under the terms of Version 2 of the GNU General Public License
|
||||
# as published by the Free Software Foundation.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# This program is distributed in the shope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
@ -1244,9 +1244,15 @@ sub compile_updown() {
|
||||
|
||||
emit( 'local state',
|
||||
'state=cleared',
|
||||
'',
|
||||
'if shorewall_is_up; then',
|
||||
' state=started',
|
||||
'' );
|
||||
|
||||
if ( $family == F_IPV4 ) {
|
||||
emit 'if shorewall_is_started; then';
|
||||
} else {
|
||||
emit 'if shorewall6_is_started; then';
|
||||
}
|
||||
|
||||
emit( ' state=started',
|
||||
'elif [ -f ${VARDIR}/state ]; then',
|
||||
' case "$(cat ${VARDIR}/state)" in',
|
||||
' Stopped*)',
|
||||
|
Loading…
Reference in New Issue
Block a user