From b087cee7f0f7ebd44977057f6daba5e9b387df22 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sat, 28 Nov 2015 08:36:12 -0800 Subject: [PATCH] Redefine MODULESDIR Signed-off-by: Tom Eastep --- Shorewall-core/lib.common | 42 ++++++++++++++++++++++--- Shorewall/manpages/shorewall.conf.xml | 10 +++--- Shorewall6/manpages/shorewall6.conf.xml | 8 +++-- 3 files changed, 48 insertions(+), 12 deletions(-) diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common index da468b9a2..5b3bfad6d 100644 --- a/Shorewall-core/lib.common +++ b/Shorewall-core/lib.common @@ -316,6 +316,7 @@ reload_kernel_modules() { local moduleloader moduleloader=modprobe local uname + local extras if ! qt mywhich modprobe; then moduleloader=insmod @@ -323,9 +324,25 @@ reload_kernel_modules() { [ -n "${MODULE_SUFFIX:=ko ko.gz ko.xz o o.gz o.xz gz xz}" ] - [ -z "$MODULESDIR" ] && \ - uname=$(uname -r) && \ + if [ -n "$MODULESDIR" ]; then + case "$MODULESDIR" in + +*) + extras="$MODULESDIR" + extras=${extras#+} + MODULESDIR= + ;; + esac + fi + + if [ -z "$MODULESDIR" ]; then + uname=$(uname -r) MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset + if [ -n "$extras" ]; then + for directory in $(split "$extras"); do + MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory" + done + fi + fi [ -d /sys/module/ ] || MODULES=$(lsmod | cut -d ' ' -f1) @@ -355,6 +372,7 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR local savemoduleinfo savemoduleinfo=${1:-Yes} # So old compiled scripts still work local uname + local extras if ! qt mywhich modprobe; then moduleloader=insmod @@ -362,9 +380,25 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR [ -n "${MODULE_SUFFIX:=o gz xz ko o.gz o.xz ko.gz ko.xz}" ] - [ -z "$MODULESDIR" ] && \ - uname=$(uname -r) && \ + if [ -n "$MODULESDIR" ]; then + case "$MODULESDIR" in + +*) + extras="$MODULESDIR" + extras=${extras#+} + MODULESDIR= + ;; + esac + fi + + if [ -z "$MODULESDIR" ]; then + uname=$(uname -r) MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset + if [ -n "$extras" ]; then + for directory in $(split "$extras"); do + MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory" + done + fi + fi for directory in $(split $MODULESDIR); do [ -d $directory ] && moduledirectories="$moduledirectories $directory" diff --git a/Shorewall/manpages/shorewall.conf.xml b/Shorewall/manpages/shorewall.conf.xml index 4c73b4846..54282e7f6 100644 --- a/Shorewall/manpages/shorewall.conf.xml +++ b/Shorewall/manpages/shorewall.conf.xml @@ -1625,11 +1625,11 @@ LOG:info:,bar net fw This parameter specifies the directory/directories where your kernel netfilter modules may be found. If you leave the variable - empty, Shorewall will supply the value "/lib/modules/`uname - -r`/kernel/net/ipv4/netfilter" in versions of Shorewall prior to - 3.2.4 and "/lib/modules/`uname - -r`/kernel/net/ipv4/netfilter:/lib/modules/`uname - -r`/kernel/net/ipv4/netfilter" in later versions. + empty, Shorewall will supply the value + "/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset" + where uname holds the output of + 'uname -r' and g_family holds '4'. diff --git a/Shorewall6/manpages/shorewall6.conf.xml b/Shorewall6/manpages/shorewall6.conf.xml index 7912044ef..3629014ea 100644 --- a/Shorewall6/manpages/shorewall6.conf.xml +++ b/Shorewall6/manpages/shorewall6.conf.xml @@ -1442,9 +1442,11 @@ LOG:info:,bar net fw This parameter specifies the directory/directories where your kernel netfilter modules may be found. If you leave the variable - empty, Shorewall6 will supply "/lib/modules/`uname - -r`/kernel/net/ipv4/netfilter:/lib/modules/`uname - -r`/kernel/net/ipv4/netfilter". + empty, Shorewall will supply the value + "/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset" + where uname holds the output of + 'uname -r' and g_family holds '6'.