Rename lib.user to lib.private

Shorewall/Perl/Shorewall/Compiler.pm

@@ -97,7 +97,7 @@ sub generate_script_1() {
 # Functions to execute the various user exits (extension scripts)
 ################################################################################
 EOF
-    my $lib = find_file 'lib.user';
+    my $lib = find_file 'lib.private';
 
     copy1 $lib, emit "\n" if -f $lib;
 

Shorewall/changelog.txt

@@ -20,7 +20,7 @@ Changes in Shorewall 4.4.0-Beta2
 
 8)  Add 'USER/GROUP' column to masq file.
 
-9)  Added lib.user.
+9)  Added lib.private.
 
 Changes in Shorewall 4.4.0-Beta1
 

Shorewall/configfiles/lib.private

@@ -1,7 +1,7 @@
 #
-# Shorewall version 4 - lib.user File
+# Shorewall version 4 - lib.private File
 #
-# /etc/shorewall/lib.user
+# /etc/shorewall/lib.private
 #
 #	Use this file to declare shell functions to be called in the other
 #	run-time extension scripts. The file will be copied into the generated

Shorewall/install.sh

@@ -576,6 +576,15 @@ if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/accounting ]; then
     echo "Accounting file installed as ${PREFIX}/etc/shorewall/accounting"
 fi
 #
+# Install the private library file
+#
+run_install $OWNERSHIP -m 0644 configfiles/lib.private ${PREFIX}/usr/share/shorewall/configfiles/lib.private
+
+if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/lib.private ]; then
+    run_install $OWNERSHIP -m 0600 configfiles/lib.private ${PREFIX}/etc/shorewall/lib.private
+    echo "Private library file installed as ${PREFIX}/etc/shorewall/lib.private"
+fi
+#
 # Install the Started file
 #
 run_install $OWNERSHIP -m 0644 configfiles/started ${PREFIX}/usr/share/shorewall/configfiles/started

Shorewall/releasenotes.txt

@@ -180,7 +180,7 @@ None.
     column works similarly to USER/GROUP columns in other Shorewall
     configuration files. Only locally-generated traffic is matched.
 
-4)  A new extension script, 'lib.user' has been added. This file is
+4)  A new extension script, 'lib.private' has been added. This file is
     intended to include declarations of shell functions that will be
     called by the other run-time extension scripts. 
 	

docs/MultiISP.xml

@@ -1349,7 +1349,7 @@ fi</programlisting></para>
         <para>Below are my relevant configuration files.</para>
 
         <warning>
-          <para>These files only work with Shorewall-perl 4.2 and
+          <para>These files only work with Shorewall-perl 4.4 Beta 2 and
           later.</para>
         </warning>
 
@@ -1357,7 +1357,7 @@ fi</programlisting></para>
 
         <para>Note that <filename>/etc/lsm/script </filename>writes
         a<filename> ${VARDIR}/xxx.status</filename> file when the status of an
-        interface changes. </para>
+        interface changes.</para>
 
         <programlisting>local status=0
 
@@ -1365,40 +1365,54 @@ fi</programlisting></para>
 
 return $status</programlisting>
 
-        <para><filename>/etc/shorewall/started</filename>:</para>
+        <para><filename>/etc/shorewall/lib.private</filename>:</para>
 
         <programlisting>###############################################################################
-# My 'restored' script calls this one if there is no lsm process running
+# Create /etc/lsm/shorewall.conf
+# Remove the current interface status files
+# Start lsm
 ###############################################################################
-if [ "$COMMAND" = start -o "$COMMAND" = restore ]; then
+start_lsm() {
    killall lsm 2&gt; /dev/null
    cat &lt;&lt;EOF &gt; /etc/lsm/shorewall.conf
 connection {
     name=Avvanta
     checkip=206.124.146.254
-    device=eth0
+    device=$EXT_IF
     ttl=2
 }
 
 connection {
     name=Comcast
-    checkip=${ETH3_GATEWAY:-71.227.156.1}
-    device=eth3
+    checkip=${ETH0_GATEWAY:-71.231.152.1}
+    device=$COM_IF
     ttl=1
 }
 EOF
-   rm -f ${VARDIR}/*.status
+   rm -f /etc/shorewall/*.status
    /usr/sbin/lsm /etc/lsm/lsm.conf &gt;&gt; /var/log/lsm
-fi</programlisting>
+}</programlisting>
 
         <para>eth3 has a dynamic IP address so I need to use the
         Shorewall-detected gateway address ($ETH3_GATEWAY). I supply a default
         value in the event that detection fails.</para>
 
+        <para><filename>/etc/shorewall/started</filename>:</para>
+
+        <programlisting>##################################################################################
+# [re]start lsm if this is a 'start' command or if lsm isn't running
+##################################################################################
+if [ "$COMMAND" = start -o -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )" ]; then
+    start_lsm
+fi</programlisting>
+
         <para><filename>/etc/shorewall/restored</filename>:</para>
 
-        <programlisting>if [ -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )" ]; then
-   run_started_exit
+        <programlisting>##################################################################################
+# Start lsm if it isn't running
+##################################################################################
+if [ -z "$(ps ax | grep 'lsm ' | grep -v 'grep ' )" ]; then
+   start_lsm
 fi</programlisting>
 
         <para><filename>/etc/lsm/lsm.conf</filename>:</para>

docs/shorewall_extension_scripts.xml

@@ -70,9 +70,10 @@
 
     <itemizedlist>
       <listitem>
-        <para><filename>lib.user</filename> -- Intended to contain
+        <para><filename>lib.private</filename> -- Intended to contain
         declarations of shell functions to be called by other run-time
-        extension scripts.</para>
+        extension scripts. See<ulink url="MultiISP.html#lsm"> this
+        article</ulink> for an example of its use.</para>
       </listitem>
 
       <listitem>