mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-27 10:03:41 +01:00
Allow default verbosity to be set in shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
a996fd988f
commit
cf8344b26d
@ -43,11 +43,21 @@ New Features added in 3.1.4
|
||||
packet to be logged.
|
||||
|
||||
2) Shorewall has always been very noisy (lots of messages). No more. The default
|
||||
is now to be very quiet and you get more detail using the -v option (or -vv if
|
||||
you want the old noisy behavior). The -q option is still supported but only
|
||||
reverses the effect of -v. So "shorewall start -qqvv" is still completely quiet
|
||||
while "shorewall start -vv" gives the same amount of output as the old "shorewall
|
||||
start" did.
|
||||
for new users is now to be very quiet and you get more detail using the -v option
|
||||
(or -vv if you want the old noisy behavior).
|
||||
|
||||
You set the default level of verbosity using the VERBOSE option in
|
||||
shorewall.conf. If you don't set it (as would be the case of you use your
|
||||
old shorewall.conf file) then VERBOSE defaults to a value of 2 which is
|
||||
the old default. A value of 1 supporesses some of the output (like the old
|
||||
-q option did) while a value of 0 makes Shorewall almost silent. That is
|
||||
the value specified in the 3.2 shorewall.conf
|
||||
|
||||
If the default is set at 2, you can still make a command silent by using two
|
||||
"q"s (e.g., shorewall -qq restart).
|
||||
|
||||
In summary, each "q" subtracts one from VERBOSE while each "v" adds one to
|
||||
VERBOSE.
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
@ -57,11 +67,11 @@ New Features:
|
||||
|
||||
1) A new 'shorewall generate' command has been added.
|
||||
|
||||
shorewall generate [ -q ] [ -e ] [ <config directory> ] <script file>
|
||||
shorewall generate [ -v ] [ -q ] [ -e ] [ <config directory> ] <script file>
|
||||
|
||||
where:
|
||||
|
||||
-q Suppresses many of the progress messages
|
||||
-v and -q are described elsewhere in this document.
|
||||
-e Generates an error if the configuration used
|
||||
an option that would prevent the generated
|
||||
script from running on a system other than
|
||||
@ -82,7 +92,7 @@ New Features:
|
||||
|
||||
'compile' is a synonym for 'generate':
|
||||
|
||||
shorewall compile [ -q ] [ -e ] [ <config directory> ] <script file>
|
||||
shorewall compile [ -v ] [ -q ] [ -e ] [ <config directory> ] <script file>
|
||||
|
||||
The generated script contains error checking and will terminate if an
|
||||
important command fails. Before terminating:
|
||||
@ -113,9 +123,9 @@ New Features:
|
||||
|
||||
In addition to 'generate', a 'shorewall reload' command has been added.
|
||||
|
||||
shorewall [ -q ] reload [ <config directory> ]
|
||||
shorewall reload [ -v ] [ -q ] [ <config directory> ]
|
||||
|
||||
where -q and <config directory> are as above.
|
||||
where -v, -q and <config directory> are as above.
|
||||
|
||||
The 'reload' command creates a script using 'generate' and if there are
|
||||
no errors, it then restores that script. It is equivalent to:
|
||||
@ -126,20 +136,20 @@ New Features:
|
||||
connections being dropped for a much shorter time. Here are the results of
|
||||
tests that I conducted on my own firewall:
|
||||
|
||||
A) shorewall -q restart
|
||||
A) shorewall restart
|
||||
|
||||
real 0m17.540s
|
||||
user 0m5.956s
|
||||
sys 0m10.737s
|
||||
|
||||
B) shorewall -q restore foo # foo created using "shorewall generate"
|
||||
B) ./foo # foo created using "shorewall compile"
|
||||
|
||||
real 0m3.505s
|
||||
user 0m1.332s
|
||||
sys 0m2.164s
|
||||
|
||||
|
||||
C) shorewall -q restore # Restores from file generated by "shorewall save"
|
||||
C) shorewall restore # Restores from file generated by "shorewall save"
|
||||
|
||||
real 0m1.164s
|
||||
user 0m0.556s
|
||||
@ -150,16 +160,6 @@ New Features:
|
||||
1.4Ghz Celeron with 512MB RAM.
|
||||
|
||||
The "-p' option creates a complete program. This program is suitable for
|
||||
installation into /etc/init.d and, when generated with the "-e" option
|
||||
installation into /etc/init.d and, when generated with the "-e" option,
|
||||
can serve as your firewall on a system that doesn't even have Shorewall
|
||||
installed.
|
||||
|
||||
2) You may now repeat the -q option to cause Shorewall to be extra quiet.
|
||||
|
||||
Example:
|
||||
|
||||
gateway:~ # shorewall -qq reload
|
||||
Shorewall configuration compiled to /var/lib/shorewall/.reload
|
||||
Restoring Shorewall...
|
||||
Shorewall restored from /var/lib/shorewall/.reload
|
||||
gateway:~ #
|
||||
|
@ -1343,10 +1343,12 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then
|
||||
shift
|
||||
fi
|
||||
|
||||
[ -n "${VERBOSE:=2}" ]
|
||||
|
||||
SHOREWALL_DIR=
|
||||
IPT_OPTIONS="-nv"
|
||||
FAST=
|
||||
export VERBOSE=0
|
||||
export VERBOSE
|
||||
NOROUTES=
|
||||
EXPORT=
|
||||
noroutes=
|
||||
|
@ -55,6 +55,23 @@
|
||||
|
||||
STARTUP_ENABLED=No
|
||||
|
||||
###############################################################################
|
||||
# V E R B O S I T Y
|
||||
###############################################################################
|
||||
#
|
||||
# Shorewall has traditionally been very noisy. You may now set the default
|
||||
# level of verbosity here.
|
||||
#
|
||||
# Values are:
|
||||
#
|
||||
# 0 -- Silent. You may make it more verbose using the -v option
|
||||
# 1 -- Major progress messages displayed
|
||||
# 2 -- All progress messages displayed (old default behavior)
|
||||
#
|
||||
# If not specified, the 2 is assumed
|
||||
|
||||
VERBOSE=0
|
||||
|
||||
###############################################################################
|
||||
# L O G G I N G
|
||||
###############################################################################
|
||||
|
Loading…
Reference in New Issue
Block a user