From e11652b86a9f2a2d802026ba12d38cac1e80c7bf Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 29 Apr 2004 14:09:41 +0000
Subject: [PATCH] Bug fixes for iptables-save/-restore code

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1288 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/firewall  | 15 +++++++++++++++
 Shorewall2/shorewall | 15 ++++++++++-----
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index b26891587..11bcbab71 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -107,6 +107,15 @@ save_command()
     echo "$@" >> /var/lib/shorewall/restore-$$
 }
 
+#
+# Append a file to /var/lib/shorewall/restore-$$
+#
+append_file() {
+    save_command "cat > $STATEDIR/$1 << EOF"
+    cat $STATEDIR/$1 >> /var/lib/shorewall/restore-$$
+    save_command EOF
+}
+
 #
 # Run iptables and if an error occurs, stop the firewall and quit
 #
@@ -5332,11 +5341,17 @@ define_firewall() # $1 = Command (Start or Restart)
 
     date > $STATEDIR/restarted
 
+    save_command "date > $STATEDIR/restarted"
+
     report "Shorewall ${1}ed"
 
     rm -rf $TMP_DIR
 
     save_command "iptables-restore < /var/lib/shorewall/iptsave"
+
+    for file in chains nat proxyarp zones; do
+	append_file $file
+    done
     
     mv -f /var/lib/shorewall/restore-$$ /var/lib/shorewall/restore-new
 
diff --git a/Shorewall2/shorewall b/Shorewall2/shorewall
index da37162d5..eea7d430a 100755
--- a/Shorewall2/shorewall
+++ b/Shorewall2/shorewall
@@ -729,11 +729,16 @@ case "$1" in
     start)
 	[ $# -ne 1 ] && usage 1
 	get_config
-	if [ -f /var/lib/shorewall/restore -a -f /var/lib/shorewall/iptsave ]; then
-	    echo Restoring Shorewall...
-	    . /var/lib/shorewall/restore
-            echo Shorewall restored
-	else
+	if [ -n "$FAST" ]; then
+	    if [ -f /var/lib/shorewall/restore -a -f /var/lib/shorewall/iptsave ]; then
+		echo Restoring Shorewall...
+		. /var/lib/shorewall/restore
+		date > $STATEDIR/restarted
+		echo Shorewall restored
+	    else
+		exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start
+	    fi
+        else
 	    exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start
 	fi
 	;;