Allow INITLOG to be set in /etc/default/shorewall[6]; fix syntax error in Zones module

Shorewall/Perl/Shorewall/Zones.pm

@@ -1094,7 +1094,7 @@ sub process_host( ) {
 		$type = IPSEC;
 		$zoneref->{options}{complex} = 1;
 		$ipsec = 1;
-	    } elseif ( $option eq 'norfc1918' ) {
+	    } elsif ( $option eq 'norfc1918' ) {
 		warning_message "The 'norfc1918' option is no longer supported"
 	    } elsif ( $validhostoptions{$option}) {
 		$options{$option} = 1;

Shorewall/Perl/prog.footer

@@ -14,13 +14,10 @@ usage() {
 #
 # Start trace if first arg is "debug" or "trace"
 #
-tracing=
-
 if [ $# -gt 1 ]; then 
     if [ "x$1" = "xtrace" ]; then
 	set -x
 	shift
-	tracing=1
     elif [ "x$1" = "xdebug" ]; then
 	DEBUG=Yes
 	shift
@@ -30,17 +27,12 @@ fi
 initialize
 
 if [ -n "$STARTUP_LOG" ]; then
-    if [ -a ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then
+    if [ ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then
 	#
 	# We're being run by a startup script that isn't redirecting STDOUT
 	# Redirect it to the log
 	#
-	exec 2> $STARTUP_LOG
+	exec 2>>$STARTUP_LOG
-    elif [ -z "${SHOREWALL_INIT_SCRIPT}${DEBUG}${tracing}" ]; then
-	#
-	# We're not tracing or debugging -- tee STDOUT to the log
-	#
-	exec 2>| tee -a $STARTUP_LOG
     fi
 fi
 

Shorewall/Perl/prog.footer6

@@ -27,17 +27,12 @@ fi
 initialize
 
 if [ -n "$STARTUP_LOG" ]; then
-    if [ -a ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then
+    if [ ${SHOREWALL_INIT_SCRIPT:-0} -eq 1 ]; then
 	#
 	# We're being run by a startup script that isn't redirecting STDOUT
 	# Redirect it to the log
 	#
-	exec 2> $STARTUP_LOG
+	exec 2>>$STARTUP_LOG
-    elif [ -z "${SHOREWALL_INIT_SCRIPT}${DEBUG}${tracing}" ]; then
-	#
-	# We're not tracing or debugging -- tee STDOUT to the log
-	#
-	exec 2>| tee -a $STARTUP_LOG
     fi
 fi
 

Shorewall/init.archlinux.sh

@@ -17,6 +17,8 @@ fi
 
 DAEMON_NAME="shorewall" # of course shorewall is NOT a deamon.
 
+export SHOREWALL_INIT_SCRIPT=1
+
 case "$1" in
 	start)
 		stat_busy "Starting $DAEMON_NAME"

Shorewall/init.debian.sh

@@ -19,10 +19,6 @@ WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
 # use Shorewall's STARTUP_LOG feature.
 INITLOG=/var/log/shorewall-init.log
 
-[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
-
-export SHOREWALL_INIT_SCRIPT
-
 test -x $SRWL || exit 0
 test -x $WAIT_FOR_IFUP || exit 0
 test -n $INITLOG || {
@@ -72,6 +68,10 @@ else
 	not_configured
 fi
 
+[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
+
+export SHOREWALL_INIT_SCRIPT
+
 # wait for an unconfigured interface 
 wait_for_pppd () {
 	if [ "$wait_interface" != "" ]

Shorewall6/init.archlinux.sh

@@ -17,6 +17,8 @@ fi
 
 DAEMON_NAME="shorewall6" # of course shorewall6 is NOT a deamon.
 
+export SHOREWALL_INIT_SCRIPT=1
+
 case "$1" in
 	start)
 		stat_busy "Starting $DAEMON_NAME"

Shorewall6/init.debian.sh

@@ -19,10 +19,6 @@ WAIT_FOR_IFUP=/usr/share/shorewall6/wait4ifup
 # keep logs of the firewall (not recommended)
 INITLOG=/var/log/shorewall6-init.log
 
-[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
-
-export SHOREWALL_INIT_SCRIPT
-
 test -x $SRWL || exit 0
 test -x $WAIT_FOR_IFUP || exit 0
 test -n $INITLOG || {
@@ -72,6 +68,10 @@ else
 	not_configured
 fi
 
+[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
+
+export SHOREWALL_INIT_SCRIPT
+
 # wait for an unconfigured interface 
 wait_for_pppd () {
 	if [ "$wait_interface" != "" ]