extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 03:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implement -f option in the -lite products' start command

Browse Source 
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-10-30 10:42:39 -07:00
parent 113f95c11e
commit b7ab82dba4
5 changed files with 32 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Shorewall-core/lib.cli
View File

@ -3414,7 +3414,11 @@ start_command() {
[ -n "$g_nolock" ] || mutex_on
if [ -x ${VARDIR}/firewall ]; then
if [ -n "$g_fast" -a -x ${VARDIR}/${RESTOREFILE} -a ! ${VARDIR}/firewall -nt ${VARDIR}/${RESTOREFILE} ]; then
run_it ${VARDIR}/${RESTOREFILE} $g_debugging restore
else
run_it ${VARDIR}/firewall $g_debugging start
fi
rc=$?
else
error_message "${VARDIR}/firewall is missing or is not executable"
@ -3450,6 +3454,10 @@ start_command() {
finished=1
option=
;;
f*)
g_fast=Yes
option=${option#f}
;;
p*)
[ -n "$(which conntrack)" ] || fatal_error "The '-p' option requires the conntrack utility which does not appear to be installed on this system"
g_purge=Yes
@ -3583,7 +3591,6 @@ usage() # $1 = exit status
echo " logreject <address> ..."
echo " logwatch [<refresh interval>]"
echo " reject <address> ..."
echo " recover [ -n ] [ -p ]"
echo " reset [ <chain> ... ]"
echo " restart [ -n ] [ -p ] [ -f ] [ <directory> ]"
echo " restore [ -n ] [ -p ] [ <file name> ]"
@ -3852,15 +3859,6 @@ shorewall_cli() {
shift
restart_command $@
;;
recover)
get_config Yes Yes
shift
if [ -n "$SAVE_COUNTERS" -a -f ${VARDIR}/${RESTOREFILE} ]; then
restore_command $@
else
start_command $@
fi
;;
disable|enable)
get_config Yes
if product_is_started; then

11
Shorewall-lite/manpages/shorewall-lite.xml
View File

@ -474,6 +474,8 @@
<arg><option>-n</option></arg>
<arg><option>-p</option></arg>
<arg><option>-f</option></arg>
</cmdsynopsis>
<cmdsynopsis>
@ -1102,6 +1104,15 @@
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
<para>The <option>-m</option> option prevents the firewall script
from modifying the current routing configuration.</para>
<para>The <option>-f</option> option was added in Shorewall 4.6.5.
If the RESTOREFILE named in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5) exists, is
executable and is not older than the current filewall script, then
that saved configuration is restored.</para>
</listitem>
</varlistentry>

1
Shorewall/lib.cli-std
View File

@ -1669,7 +1669,6 @@ usage() # $1 = exit status
echo " noiptrace <ip6tables match expression>"
fi
echo " recover [ -n ] [ -p ]"
echo " refresh [ -d ] [ -n ] [ -T ] [ -D <directory> ] [ <chain>... ]"
echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -T ] [ -i ] [ <directory> ] <system>"

35
Shorewall/manpages/shorewall.xml
View File

@ -357,18 +357,6 @@
expression</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>shorewall</command>
<arg
choice="opt"><option>trace</option>|<option>debug</option><arg><option>nolock</option></arg></arg>
<arg>-<replaceable>options</replaceable></arg>
<arg
choice="plain"><option>recover</option><arg><option>-n</option></arg><arg><option>-p</option></arg></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>shorewall</command>
@ -1259,29 +1247,6 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">recover</emphasis></term>
<listitem>
<para>Added in Shorewall 4.6.5.</para>
<para>If SAVE_COUNTERS=Yes in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5) and if
the file specified by the RESTOREFILE option in <ulink
url="/manpages/shorewall.conf.html">shorewall.conf</ulink>(5) exists
and is executable, then the command is the same as the <emphasis
role="bold">restore</emphasis> command. Otherwise, it is treated the
same as the <emphasis role="bold">start</emphasis> command.</para>
<para>The <option>-n</option> option causes Shorewall to avoid
updating the routing table(s).</para>
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">refresh</emphasis></term>

13
Shorewall6-lite/manpages/shorewall6-lite.xml
View File

@ -474,6 +474,8 @@
<arg><option>-n</option></arg>
<arg><option>-p</option></arg>
<arg><option>-f</option></arg>
</cmdsynopsis>
<cmdsynopsis>
@ -1092,7 +1094,7 @@
<term><emphasis role="bold">start</emphasis></term>
<listitem>
<para>Start Shorewall Lite. Existing connections through
<para>Start Shorewall6 Lite. Existing connections through
shorewall6-lite managed interfaces are untouched. New connections
will be allowed only if they are allowed by the firewall rules or
policies.</para>
@ -1100,6 +1102,15 @@
<para>The <option>-p</option> option causes the connection tracking
table to be flushed; the <command>conntrack</command> utility must
be installed to use this option.</para>
<para>The <option>-m</option> option prevents the firewall script
from modifying the current routing configuration.</para>
<para>The <option>-f</option> option was added in Shorewall 4.6.5.
If the RESTOREFILE named in <ulink
url="shorewall.conf.html">shorewall.conf</ulink>(5) exists, is
executable and is not older than the current filewall script, then
that saved configuration is restored.</para>
</listitem>
</varlistentry>