diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 6530d313a..fcc858abb 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -1094,7 +1094,7 @@ sub process_host( ) { $type = IPSEC; $zoneref->{options}{complex} = 1; $ipsec = 1; - } elseif ( $option eq 'norfc1918' ) { + } elsif ( $option eq 'norfc1918' ) { warning_message "The 'norfc1918' option is no longer supported" } elsif ( $validhostoptions{$option}) { $options{$option} = 1; diff --git a/Shorewall/Perl/prog.footer b/Shorewall/Perl/prog.footer index 72f13c9fc..1933d878f 100644 --- a/Shorewall/Perl/prog.footer +++ b/Shorewall/Perl/prog.footer @@ -14,13 +14,10 @@ usage() { # # Start trace if first arg is "debug" or "trace" # -tracing= - if [ $# -gt 1 ]; then if [ "x$1" = "xtrace" ]; then set -x shift - tracing=1 elif [ "x$1" = "xdebug" ]; then DEBUG=Yes shift @@ -30,17 +27,12 @@ fi initialize if [ -n "$STARTUP_LOG" ]; then - if [ -a ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then + if [ ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then # # We're being run by a startup script that isn't redirecting STDOUT # Redirect it to the log # - exec 2> $STARTUP_LOG - elif [ -z "${SHOREWALL_INIT_SCRIPT}${DEBUG}${tracing}" ]; then - # - # We're not tracing or debugging -- tee STDOUT to the log - # - exec 2>| tee -a $STARTUP_LOG + exec 2>>$STARTUP_LOG fi fi diff --git a/Shorewall/Perl/prog.footer6 b/Shorewall/Perl/prog.footer6 index 575ff5205..3bf7a5400 100644 --- a/Shorewall/Perl/prog.footer6 +++ b/Shorewall/Perl/prog.footer6 @@ -27,17 +27,12 @@ fi initialize if [ -n "$STARTUP_LOG" ]; then - if [ -a ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then + if [ ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then # # We're being run by a startup script that isn't redirecting STDOUT # Redirect it to the log # - exec 2> $STARTUP_LOG - elif [ -z "${SHOREWALL_INIT_SCRIPT}${DEBUG}${tracing}" ]; then - # - # We're not tracing or debugging -- tee STDOUT to the log - # - exec 2>| tee -a $STARTUP_LOG + exec 2>>$STARTUP_LOG fi fi diff --git a/Shorewall/init.archlinux.sh b/Shorewall/init.archlinux.sh index 91040787c..8f2f81edb 100755 --- a/Shorewall/init.archlinux.sh +++ b/Shorewall/init.archlinux.sh @@ -17,6 +17,8 @@ fi DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon. +export SHOREWALL_INIT_SCRIPT=1 + case "$1" in start) stat_busy "Starting $DAEMON_NAME" diff --git a/Shorewall/init.debian.sh b/Shorewall/init.debian.sh index 7a49ff3ef..70f492d0d 100755 --- a/Shorewall/init.debian.sh +++ b/Shorewall/init.debian.sh @@ -19,10 +19,6 @@ WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup # use Shorewall's STARTUP_LOG feature. INITLOG=/var/log/shorewall-init.log -[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0 - -export SHOREWALL_INIT_SCRIPT - test -x $SRWL || exit 0 test -x $WAIT_FOR_IFUP || exit 0 test -n $INITLOG || { @@ -72,6 +68,10 @@ else not_configured fi +[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0 + +export SHOREWALL_INIT_SCRIPT + # wait for an unconfigured interface wait_for_pppd () { if [ "$wait_interface" != "" ] diff --git a/Shorewall6/init.archlinux.sh b/Shorewall6/init.archlinux.sh index 024715105..6d0b36c31 100755 --- a/Shorewall6/init.archlinux.sh +++ b/Shorewall6/init.archlinux.sh @@ -17,6 +17,8 @@ fi DAEMON_NAME="shorewall6" # of course shorewall6 is NOT a deamon. +export SHOREWALL_INIT_SCRIPT=1 + case "$1" in start) stat_busy "Starting $DAEMON_NAME" diff --git a/Shorewall6/init.debian.sh b/Shorewall6/init.debian.sh index e740c3ee6..135aac5a1 100755 --- a/Shorewall6/init.debian.sh +++ b/Shorewall6/init.debian.sh @@ -19,10 +19,6 @@ WAIT_FOR_IFUP=/usr/share/shorewall6/wait4ifup # keep logs of the firewall (not recommended) INITLOG=/var/log/shorewall6-init.log -[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0 - -export SHOREWALL_INIT_SCRIPT - test -x $SRWL || exit 0 test -x $WAIT_FOR_IFUP || exit 0 test -n $INITLOG || { @@ -72,6 +68,10 @@ else not_configured fi +[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0 + +export SHOREWALL_INIT_SCRIPT + # wait for an unconfigured interface wait_for_pppd () { if [ "$wait_interface" != "" ]