mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-23 16:13:18 +01:00
Install the Makefile -- Patch by Cristian Rodriquez
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
39ca0828db
commit
e2253d6092
@ -4688,7 +4688,7 @@ add_nat_rule() {
|
||||
done
|
||||
|
||||
if [ -n "$loglevel" ]; then
|
||||
log_rule $loglevel $chain $logtarget -t nat
|
||||
log_rule_limit $loglevel $chain OUTPUT $logtarget "$ratelimit" "$logtag" -A -t nat
|
||||
fi
|
||||
|
||||
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
|
||||
@ -4703,8 +4703,6 @@ add_nat_rule() {
|
||||
done
|
||||
fi
|
||||
else
|
||||
chain=$(dnat_chain $source)
|
||||
|
||||
if [ -n "${excludezones}${excludedests}" ]; then
|
||||
chain=$( build_exclusion_chain nat "" $excludedests
|
||||
|
||||
@ -4720,11 +4718,12 @@ add_nat_rule() {
|
||||
done
|
||||
|
||||
if [ -n "$loglevel" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A -t nat
|
||||
log_rule_limit $loglevel $chain $(dnat_chain $source) $logtarget "$ratelimit" "$logtag" -A -t nat
|
||||
fi
|
||||
|
||||
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
|
||||
else
|
||||
chain=$(dnat_chain $source)
|
||||
for adr in $(separate_list $addr); do
|
||||
if [ -n "$loglevel" ]; then
|
||||
ensurenatchain $chain
|
||||
@ -4768,6 +4767,7 @@ add_nat_rule() {
|
||||
# multioption = String to invoke multiport match if appropriate
|
||||
# servport = Port the server listens on
|
||||
# chain = The canonical chain for this rule
|
||||
# logchain = The chain that should be mentioned in log messages
|
||||
# ratelimit = Optional rate limiting clause
|
||||
# userandgroup= -m owner clause
|
||||
# userspec = User name
|
||||
@ -4937,7 +4937,7 @@ add_a_rule()
|
||||
if [ -n "$addr" -a -n "$CONNTRACK_MATCH" ]; then
|
||||
for adr in $(separate_list $addr); do
|
||||
if [ -n "$loglevel" -a -z "$natrule" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A -m conntrack --ctorigdst $adr \
|
||||
log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A -m conntrack --ctorigdst $adr \
|
||||
$userandgroup $(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports)
|
||||
fi
|
||||
|
||||
@ -4946,7 +4946,7 @@ add_a_rule()
|
||||
done
|
||||
else
|
||||
if [ -n "$loglevel" -a -z "$natrule" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
$(fix_bang $proto $sports $multiport $cli $(dest_ip_range $srv) $dports)
|
||||
fi
|
||||
|
||||
@ -4964,7 +4964,7 @@ add_a_rule()
|
||||
done
|
||||
else
|
||||
if [ -n "$loglevel" -a -z "$natrule" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
$(fix_bang $proto $sports $multiport $cli $dports)
|
||||
fi
|
||||
|
||||
@ -4986,7 +4986,7 @@ add_a_rule()
|
||||
if [ -n "$addr" ]; then
|
||||
for adr in $(separate_list $addr); do
|
||||
if [ -n "$loglevel" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
$(fix_bang $proto $multiport $cli $dest_interface $sports $dports -m conntrack --ctorigdst $adr)
|
||||
fi
|
||||
|
||||
@ -5004,7 +5004,7 @@ add_a_rule()
|
||||
done
|
||||
else
|
||||
if [ -n "$loglevel" ]; then
|
||||
log_rule_limit $loglevel $chain $chain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $userandgroup \
|
||||
$(fix_bang $proto $multiport $cli $dest_interface $sports $dports)
|
||||
fi
|
||||
|
||||
@ -5271,6 +5271,7 @@ process_rule() # $1 = target
|
||||
# Ensure that this rule doesn't apply to a NONE policy pair of zones
|
||||
|
||||
chain=${source}2${dest}
|
||||
logchain=$chain
|
||||
|
||||
eval policy=\$${chain}_policy
|
||||
|
||||
|
||||
@ -148,6 +148,10 @@ elif [ -d /etc/apt -a -e /usr/bin/dpkg ]; then
|
||||
elif [ -f /etc/slackware-version ] ; then
|
||||
DEST="/etc/rc.d"
|
||||
INIT="rc.firewall"
|
||||
elif [ -f /etc/arch-release ] ; then
|
||||
DEST="/etc/rc.d"
|
||||
INIT="shorewall"
|
||||
ARCHLINUX=yes
|
||||
fi
|
||||
|
||||
#
|
||||
@ -199,6 +203,11 @@ else
|
||||
echo
|
||||
echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf"
|
||||
fi
|
||||
|
||||
if [ -n "$ARCHLINUX" ] ; then
|
||||
|
||||
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${PREFIX}/etc/shorewall/shorewall.conf
|
||||
fi
|
||||
#
|
||||
# Install the zones file
|
||||
#
|
||||
@ -550,6 +559,14 @@ else
|
||||
echo
|
||||
echo "Actions file installed as ${PREFIX}/etc/shorewall/actions"
|
||||
fi
|
||||
|
||||
if [ -f ${PREFIX}/etc/shorewall/Makefile ]; then
|
||||
backup_file /etc/shorewall/Makefile
|
||||
else
|
||||
run_install $OWNERSHIP -m 0600 actions ${PREFIX}/etc/shorewall/Makefile
|
||||
echo
|
||||
echo "Makefile installed as ${PREFIX}/etc/shorewall/Makefile"
|
||||
fi
|
||||
#
|
||||
# Install the Action files
|
||||
#
|
||||
|
||||
@ -96,6 +96,7 @@ fi
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/continue
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/started
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/providers
|
||||
%attr(0600,root,root) %config(noreplace) /etc/shorewall/Makefile
|
||||
|
||||
%attr(0544,root,root) /sbin/shorewall
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user