diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index ff4815e62..7f5d8e526 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -103,3 +103,7 @@ Changes in 3.1.x. 43) Add Simon's redhat prog files. 44) Add 'delete_nat' to compiled program. + +45) Move 'shorecap' to /usr/share/shorewall + +46) Add debian prog files. \ No newline at end of file diff --git a/Shorewall/install.sh b/Shorewall/install.sh index bbce35480..c5d694df3 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -288,6 +288,15 @@ echo echo "Compiler installed in ${PREFIX}/usr/share/shorewall/compiler" # +# Install Shorecap +# + +install_file shorecap ${PREFIX}/usr/share/shorewall/shorecap 0555 + +echo +echo "Capability file builder installed in ${PREFIX}/usr/share/shorewall/shorecap" + + # Install the Help file # install_file help ${PREFIX}/usr/share/shorewall/help 0544 diff --git a/Shorewall/prog.footer.debian b/Shorewall/prog.footer.debian new file mode 100644 index 000000000..9d752393c --- /dev/null +++ b/Shorewall/prog.footer.debian @@ -0,0 +1,133 @@ +# +# Give Usage Information +# +usage() { + echo "Usage: $0 [ -q ] [ -v ] [ -n ] [ start|stop|clear|restart|status|version ]" + exit $1 +} +################################################################################ +# E X E C U T I O N B E G I N S H E R E # +################################################################################ +initialize + +finished=0 + +while [ $finished -eq 0 -a $# -gt 0 ]; do + option=$1 + case $option in + -*) + option=${option#-} + + [ -z "$option" ] && usage 1 + + while [ -n "$option" ]; do + case $option in + v*) + VERBOSE=$(($VERBOSE + 1 )) + option=${option#v} + ;; + q*) + VERBOSE=$(($VERBOSE - 1 )) + option=${option#q} + ;; + n*) + NOROUTES=Yes + option=${option#n} + ;; + *) + usage 1 + ;; + esac + done + shift + ;; + *) + finished=1 + ;; + esac +done + +if [ $# -ne 1 ]; then + usage 2 +else + COMMAND="$1" +fi + +case "$COMMAND" in + start) + if shorewall_is_started; then + error_message "Shorewall is already Running" + status=1 + else + progress_message3 "Starting Shorewall...." + define_firewall + status=$? + progress_message3 "done." + fi + ;; + stop) + progress_message3 "Stopping Shorewall...." + stop_firewall + status=0 + progress_message3 "done." + ;; + restart) + if shorewall_is_started; then + progress_message3 "Restarting Shorewall...." + else + echo "Shorewall is not running" >&2 + progress_message3 "Starting Shorewall...." + fi + + define_firewall + status=$? + progress_message3 "done." + ;; + restore) + restore_firewall + status=$? + ;; + clear) + progress_message3 "Clearing Shorewall...." + clear_firewall + status=0 + [ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK + progress_message3 "done." + ;; + status) + echo "Shorewall-$VERSION Status at $HOSTNAME - $(date)" + echo + if shorewall_is_started; then + echo "Shorewall is running" + status=0 + else + echo "Shorewall is stopped" + status=4 + fi + + if [ -f /var/lib/shorewall/state ]; then + state="$(cat /var/lib/shorewall/state)" + case $state in + Stopped*|Clear*) + status=3 + ;; + esac + else + state=Unknown + fi + echo "State:$state" + echo + ;; + version) + echo $VERSION + status=0 + ;; + help) + usage 0 + ;; + *) + usage 2 + ;; +esac + +exit $status diff --git a/Shorewall/prog.header.debian b/Shorewall/prog.header.debian new file mode 100644 index 000000000..c5b5a29ee --- /dev/null +++ b/Shorewall/prog.header.debian @@ -0,0 +1,25 @@ +#!/bin/sh +# +# Generated by the Shoreline Firewall (Shorewall) Packet Filtering Firewall - V3.2 +# +# This program is under GPL [http://www.gnu.org/copyleft/gpl.htm] +# +# (c) 2006 - Tom Eastep (teastep@shorewall.net) +# +# +# Options are: +# +# -n Don't alter Routing +# -v and -q Standard Shorewall Verbosity control +# +# Commands are: +# +# start Starts the firewall +# restart Restarts the firewall +# reload Reload the firewall +# clear Removes all firewall rules +# stop Stops the firewall +# status Displays firewall status +# version Displays the version of Shorewall that +# generated this program +# diff --git a/Shorewall/prog.header.redhat b/Shorewall/prog.header.redhat index fdda06ae9..b77df13c6 100644 --- a/Shorewall/prog.header.redhat +++ b/Shorewall/prog.header.redhat @@ -4,6 +4,22 @@ # # description: Firewall script for configuring Netfilter generated by \ # the Shoreline Firewall. +# +# Options are: +# +# -n Don't alter Routing +# -v and -q Standard Shorewall Verbosity control +# +# Commands are: +# +# start Starts the firewall +# restart Restarts the firewall +# reload Reload the firewall +# clear Removes all firewall rules +# stop Stops the firewall +# status Displays firewall status +# version Displays the version of Shorewall that +# generated this program # Source function library if [ -f /etc/init.d/functions ]; then diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index d31c23166..91d98d347 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -44,6 +44,14 @@ Other changes in 3.1.9 option (e.g., "compile -e -d redhat prog"). Thanks go to Simon Matter for this support. +2) The 'shorecap' program will now be installed in /usr/share/shorewall on + all distributions. + +3) The 'debian' distribution is now supported in the compile command's -d + option (e.g., "compile -e -d debian prog"). Please see the README.debian + file included with your Debian Shorewall package for information about + how to use compiled programs on Debian systems. + Migration Considerations: 1) A number of macros have been split into two. The macros affected are: @@ -138,6 +146,7 @@ New Features: suse redhat (which includes Fedora Core and CentOS). + debian Note that specifying a distribution should only be required if you intend to install @@ -201,13 +210,11 @@ New Features: /etc/shorewall/capabilities. c) To aid in building /etc/shorewall/capabilities, a 'shorecap' program - is provided. The RPM installs the program in the documentation - directory. The install.sh script does not install the program but - of course you can simply copy it from the distribution directory - (where you ran install.sh from). + is provided. The program is installed in the /usr/share/shorewall/ + directory. - The program can be run on the target system to produce a - capabilities file taylored for that system. The capabilities + The program can be copied to the target system and run there to + produce a capabilities file taylored for that system. The capabilities file can then be copied to the local system where it can be used when compiling firewall programs targeted for the remote system. diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 2c4ffbc90..dc3944409 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -112,6 +112,7 @@ fi %attr(0555,root,root) /usr/share/shorewall/compiler %attr(0444,root,root) /usr/share/shorewall/functions %attr(0544,root,root) /usr/share/shorewall/firewall +%attr(0544,root,root) /usr/share/shorewall/shorecap %attr(0544,root,root) /usr/share/shorewall/help %attr(0644,root,root) /usr/share/shorewall/Limit %attr(0644,root,root) /usr/share/shorewall/macro.AllowICMPs @@ -171,9 +172,11 @@ fi %attr(0644,root,root) /usr/share/shorewall/rfc1918 %attr(0644,root,root) /usr/share/shorewall/configpath -%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples shorecap +%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples %changelog +* Web Mar 01 2006 Tom Eastep tom@shorewall.net +- Moved shorecap to /usr/share/shorewall * Fri Feb 24 2006 Tom Eastep tom@shorewall.net - Updated to 3.1.8-1 * Fri Feb 10 2006 Tom Eastep tom@shorewall.net