extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-23 16:13:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Install the Makefile -- Patch by Cristian Rodriquez

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-08-06 16:58:18 +00:00
parent 39ca0828db
commit e2253d6092
3 changed files with 28 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Shorewall/firewall
View File

@ -4688,7 +4688,7 @@ add_nat_rule() {
done done
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then
log_rule $loglevel $chain $logtarget -t nat log_rule_limit $loglevel $chain OUTPUT $logtarget "$ratelimit" "$logtag" -A -t nat
fi fi
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
@ -4703,8 +4703,6 @@ add_nat_rule() {
done done
fi fi
else else
chain=$(dnat_chain $source)
if [ -n "${excludezones}${excludedests}" ]; then if [ -n "${excludezones}${excludedests}" ]; then
chain=$( build_exclusion_chain nat "" $excludedests chain=$( build_exclusion_chain nat "" $excludedests
@ -4720,11 +4718,12 @@ add_nat_rule() {
done done
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A -t nat log_rule_limit $loglevel $chain $(dnat_chain $source) $logtarget "$ratelimit" "$logtag" -A -t nat
fi fi
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
else else
chain=$(dnat_chain $source)
for adr in $(separate_list $addr); do for adr in $(separate_list $addr); do
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then
ensurenatchain $chain ensurenatchain $chain
@ -4768,6 +4767,7 @@ add_nat_rule() {
# multioption = String to invoke multiport match if appropriate # multioption = String to invoke multiport match if appropriate
# servport = Port the server listens on # servport = Port the server listens on
# chain = The canonical chain for this rule # chain = The canonical chain for this rule
# logchain = The chain that should be mentioned in log messages
# ratelimit = Optional rate limiting clause # ratelimit = Optional rate limiting clause
# userandgroup= -m owner clause # userandgroup= -m owner clause
# userspec = User name # userspec = User name
@ -4937,7 +4937,7 @@ add_a_rule()
if [ -n "$addr" -a -n "$CONNTRACK_MATCH" ]; then if [ -n "$addr" -a -n "$CONNTRACK_MATCH" ]; then
for adr in $(separate_list $addr); do for adr in $(separate_list $addr); do
if [ -n "$loglevel" -a -z "$natrule" ]; then if [ -n "$loglevel" -a -z "$natrule" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A -m conntrack --ctorigdst $adr \ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A -m conntrack --ctorigdst $adr \
$userandgroup $(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports) $userandgroup $(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports)
fi fi
@ -4946,7 +4946,7 @@ add_a_rule()
done done
else else
if [ -n "$loglevel" -a -z "$natrule" ]; then if [ -n "$loglevel" -a -z "$natrule" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
$(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports) $(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports)
fi fi
@ -4964,7 +4964,7 @@ add_a_rule()
done done
else else
if [ -n "$loglevel" -a -z "$natrule" ]; then if [ -n "$loglevel" -a -z "$natrule" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
$(fix_bang $proto $sports $multiport $cli $dports) $(fix_bang $proto $sports $multiport $cli $dports)
fi fi
@ -4986,7 +4986,7 @@ add_a_rule()
if [ -n "$addr" ]; then if [ -n "$addr" ]; then
for adr in $(separate_list $addr); do for adr in $(separate_list $addr); do
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
$(fix_bang $proto $multiport $cli $dest_interface $sports $dports -m conntrack --ctorigdst $adr) $(fix_bang $proto $multiport $cli $dest_interface $sports $dports -m conntrack --ctorigdst $adr)
fi fi
@ -5004,7 +5004,7 @@ add_a_rule()
done done
else else
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
$(fix_bang $proto $multiport $cli $dest_interface $sports $dports) $(fix_bang $proto $multiport $cli $dest_interface $sports $dports)
fi fi
@ -5271,6 +5271,7 @@ process_rule() # $1 = target
# Ensure that this rule doesn't apply to a NONE policy pair of zones # Ensure that this rule doesn't apply to a NONE policy pair of zones
chain=${source}2${dest} chain=${source}2${dest}
logchain=$chain
eval policy=\$${chain}_policy eval policy=\$${chain}_policy

17
Shorewall/install.sh
View File

@ -148,6 +148,10 @@ elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then
elif [ -f /etc/slackware-version ] ; then elif [ -f /etc/slackware-version ] ; then
DEST="/etc/rc.d" DEST="/etc/rc.d"
INIT="rc.firewall" INIT="rc.firewall"
elif [ -f /etc/arch-release ] ; then
DEST="/etc/rc.d"
INIT="shorewall"
ARCHLINUX=yes
fi fi
# #
@ -199,6 +203,11 @@ else
echo echo
echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf" echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf"
fi fi
if [ -n "$ARCHLINUX" ] ; then
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${PREFIX}/etc/shorewall/shorewall.conf
fi
# #
# Install the zones file # Install the zones file
# #
@ -550,6 +559,14 @@ else
echo echo
echo "Actions file installed as ${PREFIX}/etc/shorewall/actions" echo "Actions file installed as ${PREFIX}/etc/shorewall/actions"
fi fi
if [ -f ${PREFIX}/etc/shorewall/Makefile ]; then
backup_file /etc/shorewall/Makefile
else
run_install $OWNERSHIP -m 0600 actions ${PREFIX}/etc/shorewall/Makefile
echo
echo "Makefile installed as ${PREFIX}/etc/shorewall/Makefile"
fi
# #
# Install the Action files # Install the Action files
# #

1
Shorewall/shorewall.spec
View File

@ -96,6 +96,7 @@ fi
%attr(0600,root,root) %config(noreplace) /etc/shorewall/continue %attr(0600,root,root) %config(noreplace) /etc/shorewall/continue
%attr(0600,root,root) %config(noreplace) /etc/shorewall/started %attr(0600,root,root) %config(noreplace) /etc/shorewall/started
%attr(0600,root,root) %config(noreplace) /etc/shorewall/providers %attr(0600,root,root) %config(noreplace) /etc/shorewall/providers
%attr(0600,root,root) %config(noreplace) /etc/shorewall/Makefile
%attr(0544,root,root) /sbin/shorewall %attr(0544,root,root) /sbin/shorewall