extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-18 03:29:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implement -f option in the -lite products' start command

Browse Source 
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-10-30 10:42:39 -07:00
parent 113f95c11e
commit b7ab82dba4
5 changed files with 32 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall-core/lib.cli
View File

@ -3414,7 +3414,11 @@ start_command() {
[ -n "$g_nolock" ] || mutex_on [ -n "$g_nolock" ] || mutex_on
if [ -x ${VARDIR}/firewall ]; then if [ -x ${VARDIR}/firewall ]; then
run_it ${VARDIR}/firewall $g_debugging start if [ -n "$g_fast" -a -x ${VARDIR}/${RESTOREFILE} -a ! ${VARDIR}/firewall -nt ${VARDIR}/${RESTOREFILE} ]; then
run_it ${VARDIR}/${RESTOREFILE} $g_debugging restore
else
run_it ${VARDIR}/firewall $g_debugging start
fi
rc=$? rc=$?
else else
error_message "${VARDIR}/firewall is missing or is not executable" error_message "${VARDIR}/firewall is missing or is not executable"
@ -3450,6 +3454,10 @@ start_command() {
finished=1 finished=1
option= option=
;; ;;
f*)
g_fast=Yes
option=${option#f}
;;
p*) p*)
[ -n "$(which conntrack)" ] || fatal_error "The '-p' option requires the conntrack utility which does not appear to be installed on this system" [ -n "$(which conntrack)" ] || fatal_error "The '-p' option requires the conntrack utility which does not appear to be installed on this system"
g_purge=Yes g_purge=Yes
@ -3583,7 +3591,6 @@ usage() # $1 = exit status
echo " logreject <address> ..." echo " logreject <address> ..."
echo " logwatch [<refresh interval>]" echo " logwatch [<refresh interval>]"
echo " reject <address> ..." echo " reject <address> ..."
echo " recover [ -n ] [ -p ]"
echo " reset [ <chain> ... ]" echo " reset [ <chain> ... ]"
echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]" echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]"
echo " restore [ -n ] [ -p ] [ <file name> ]" echo " restore [ -n ] [ -p ] [ <file name> ]"
@ -3852,15 +3859,6 @@ shorewall_cli() {
shift shift
restart_command $@ restart_command $@
;; ;;
recover)
get_config Yes Yes
shift
if [ -n "$SAVE_COUNTERS" -a -f ${VARDIR}/${RESTOREFILE} ]; then
restore_command $@
else
start_command $@
fi
;;
disable|enable) disable|enable)
get_config Yes get_config Yes
if product_is_started; then if product_is_started; then

11
Shorewall-lite/manpages/shorewall-lite.xml
View File

@ -474,6 +474,8 @@
<arg><option>-n</option></arg> <arg><option>-n</option></arg>
<arg><option>-p</option></arg> <arg><option>-p</option></arg>
<arg><option>-f</option></arg>
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
@ -1102,6 +1104,15 @@
<para>The <option>-p</option> option causes the connection tracking <para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para> be installed to use this option.</para>
<para>The <option>-m</option> option prevents the firewall script
from modifying the current routing configuration.</para>
<para>The <option>-f</option> option was added in Shorewall 4.6.5.
If the RESTOREFILE named in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5) exists, is
executable and is not older than the current filewall script, then
that saved configuration is restored.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

1
Shorewall/lib.cli-std
View File

@ -1669,7 +1669,6 @@ usage() # $1 = exit status
echo " noiptrace <ip6tables match expression>" echo " noiptrace <ip6tables match expression>"
fi fi
echo " recover [ -n ] [ -p ]"
echo " refresh [ -d ] [ -n ] [ -T ] [ -D <directory> ] [ <chain>... ]" echo " refresh [ -d ] [ -n ] [ -T ] [ -D <directory> ] [ <chain>... ]"
echo " reject <address> ..." echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -T ] [ -i ] [ <directory> ] <system>" echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -T ] [ -i ] [ <directory> ] <system>"

35
Shorewall/manpages/shorewall.xml
View File

@ -357,18 +357,6 @@
expression</replaceable></arg> expression</replaceable></arg>
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis>
<command>shorewall</command>
<arg
choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
<arg>-<replaceable>options</replaceable></arg>
<arg
choice="plain"><option>recover</option><arg><option>-n</option></arg><arg><option>-p</option></arg></arg>
</cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
<command>shorewall</command> <command>shorewall</command>
@ -1259,29 +1247,6 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">recover</emphasis></term>
<listitem>
<para>Added in Shorewall 4.6.5.</para>
<para>If SAVE_COUNTERS=Yes in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5) and if
the file specified by the RESTOREFILE option in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5) exists
and is executable, then the command is the same as the <emphasis
role="bold">restore</emphasis> command. Otherwise, it is treated the
same as the <emphasis role="bold">start</emphasis> command.</para>
<para>The <option>-n</option> option causes Shorewall to avoid
updating the routing table(s).</para>
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">refresh</emphasis></term> <term><emphasis role="bold">refresh</emphasis></term>

13
Shorewall6-lite/manpages/shorewall6-lite.xml
View File

@ -474,6 +474,8 @@
<arg><option>-n</option></arg> <arg><option>-n</option></arg>
<arg><option>-p</option></arg> <arg><option>-p</option></arg>
<arg><option>-f</option></arg>
</cmdsynopsis> </cmdsynopsis>
<cmdsynopsis> <cmdsynopsis>
@ -1092,7 +1094,7 @@
<term><emphasis role="bold">start</emphasis></term> <term><emphasis role="bold">start</emphasis></term>
<listitem> <listitem>
<para>Start Shorewall Lite. Existing connections through <para>Start Shorewall6 Lite. Existing connections through
shorewall6-lite managed interfaces are untouched. New connections shorewall6-lite managed interfaces are untouched. New connections
will be allowed only if they are allowed by the firewall rules or will be allowed only if they are allowed by the firewall rules or
policies.</para> policies.</para>
@ -1100,6 +1102,15 @@
<para>The <option>-p</option> option causes the connection tracking <para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para> be installed to use this option.</para>
<para>The <option>-m</option> option prevents the firewall script
from modifying the current routing configuration.</para>
<para>The <option>-f</option> option was added in Shorewall 4.6.5.
If the RESTOREFILE named in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5) exists, is
executable and is not older than the current filewall script, then
that saved configuration is restored.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>