Change implementation of start and restart to use the compiler

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3364 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-23 16:13:18 +01:00 · 2006-01-23 23:30:58 +00:00 · 2006-01-23 23:30:58 +00:00 · e850d6cc7f
commit e850d6cc7f
parent dfdbdff286
3 changed files with 142 additions and 86 deletions
--- a/Shorewall/compiler
+++ b/Shorewall/compiler
@ -382,6 +382,14 @@ addnatrule() # $1 = chain name, remainder of arguments specify the rule
    run_iptables2 -t nat -A $@
 }

+#
+# Create a rule to delete a chain if it exists
+#
+deletechain() # $1 = name of chain
+{
+    save_command "qt $IPTABLES -L $1 -n && qt $IPTABLES -F $1 && qt $IPTABLES -X $1"
+}
+
 #
 # Determine if a chain is a policy chain
 #
@ -7051,6 +7059,8 @@ initialize_netfilter () {

    TERMINATOR=fatal_error

+    deletechain shorewall
+
    if [ -n "$NAT_ENABLED" ]; then
 	delete_nat
 	for chain in PREROUTING POSTROUTING OUTPUT; do
--- a/Shorewall/prog.footer
+++ b/Shorewall/prog.footer
@ -61,34 +61,51 @@ fi

 case "$COMMAND" in
    start)
-	echo "Starting Shorewall...."
+	if shorewall_is_started; then
+	    error_message "Shorewall is already Running"
+	    status=1
+	else
+	    progress_message3 "Starting Shorewall...."
 	    define_firewall
 	    status=$?
-	echo "done."
+	    progress_message3 "done."
+	fi
 	;;
    stop)
-	echo "Stopping Shorewall...."
+	progress_message3 "Stopping Shorewall...."
 	stop_firewall
 	status=0
-	echo "done."
+	progress_message3 "done."
 	;;
    restart)
-	echo "Restarting Shorewall...."
+	if shorewall_is_started; then
+	    progress_message3 "Restarting Shorewall...."
+	else
+	    echo "Shorewall is not running" >&2
+	    progress_message3 "Starting Shorewall...."
+	fi
+
 	define_firewall
 	status=$?
-	echo "done."
+	progress_message3 "done."
 	;;
    reload)
-	echo "Reloading Shorewall...."
+	if shorewall_is_started; then
+	    progress_message3 "Reloading Shorewall...."
+	else
+	    echo "Shorewall is not running" >&2
+	    progress_message3 "Starting Shorewall...."
+	fi
+
 	define_firewall
 	status=$?
 	echo "done."
 	;;
    clear)
-	echo "Clearing Shorewall...."
+	progress_message3 "Clearing Shorewall...."
 	clear_firewall
 	status=0
-	echo "done."
+	progress_message3 "done."
 	;;
    status)
 	echo "Shorewall-$VERSION Status at $HOSTNAME - $(date)"
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@ -494,6 +494,23 @@ save_config() {
 start_command() {
    local finished=0

+    do_it() {
+	[ -n "$nolock" ] || mutex_on
+
+	progress_message3 "Compiling..."
+
+	if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.start; then
+	    /var/lib/shorewall/.start start
+	fi
+
+	[ -n "$nolock" ] || mutex_off
+    }
+
+    if shorewall_is_started; then
+	error_message "Shorewall is already running"
+	exit 1
+    fi
+
    while [ $finished -eq 0 -a $# -gt 0 ]; do
 	option=$1
 	case $option in
@ -558,6 +575,7 @@ start_command() {
    esac

    export NOROUTES
+    export PROGRAM=Yes

    if [ -n "$FAST" ]; then
 	if qt mywhich make; then
@ -585,13 +603,13 @@ start_command() {
 		date > /var/lib/shorewall/restarted
 		echo Shorewall restored from $RESTOREPATH
 	    else
-		exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start
+		do_it
 	    fi
 	else
-	    exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start
+	    do_it
 	fi
    else
-	exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock start
+	do_it
    fi
 }
 #
@ -675,75 +693,6 @@ compile_command() {
    exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging generate $file
 }
 #
-# Restart Command Executor
-#
-restart_command() {
-    local finished=0
-
-    while [ $finished -eq 0 -a $# -gt 0 ]; do
-	option=$1
-	case $option in
-	    -*)
-		option=${option#-}
-
-		while [ -n "$option" ]; do
-		    case $option in
-			-)
-			    finished=1
-			    option=
-			    ;;
-			q*)
-			    VERBOSE=$(($VERBOSE - 1 ))
-			    option=${option#q}
-			    ;;
-			v*)
-			    VERBOSE=$(($VERBOSE + 1 ))
-			    option=${option#v}
-			    ;;
-			n*)
-			    NOROUTES=Yes
-			    option=${option#n}
-			    ;;
-			*)
-			    usage 1
-			    ;;
-		    esac
-		done
-		shift
-		;;
-	    *)
-		finished=1
-		;;
-	esac
-    done
-
-    case $# in
-	0)
-	    ;;
-	1)
-	    [ -n "$SHOREWALL_DIR" ] && usage 2
-
-	    if [ ! -d $1 ]; then
-		if [ -e $1 ]; then
-		    echo "$1 is not a directory" >&2 && exit 2
-		else
-		    echo "Directory $1 does not exist" >&2 && exit 2
-		fi
-	    fi
-
-	    SHOREWALL_DIR=$1
-	    export SHOREWALL_DIR
-	    ;;
-	*)
-	    usage 1
-	    ;;
-    esac
-
-    export NOROUTES
-
-    exec $SHOREWALL_SHELL $FIREWALL $debugging $nolock restart
-}
-#
 # Check Command Executor
 #
 check_command() {
@ -808,6 +757,7 @@ check_command() {

    exec $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock check
 }
+
 #
 # Reload Command Executor
 #
@ -881,12 +831,91 @@ reload_command() {
    progress_message3 "Compiling..."

    if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.reload; then
-	progress_message3 "Installing..."
 	/var/lib/shorewall/.reload reload
    fi

    [ -n "$nolock" ] || mutex_off
 }
+
+#
+# Restart Command Executor
+#
+restart_command() {
+    local finished=0
+
+    while [ $finished -eq 0 -a $# -gt 0 ]; do
+	option=$1
+	case $option in
+	    -*)
+		option=${option#-}
+
+		while [ -n "$option" ]; do
+		    case $option in
+			-)
+			    finished=1
+			    option=
+			    ;;
+			q*)
+			    VERBOSE=$(($VERBOSE - 1 ))
+			    option=${option#q}
+			    ;;
+			v*)
+			    VERBOSE=$(($VERBOSE + 1 ))
+			    option=${option#v}
+			    ;;
+			n*)
+			    NOROUTES=Yes
+			    option=${option#n}
+			    ;;
+			*)
+			    usage 1
+			    ;;
+		    esac
+		done
+		shift
+		;;
+	    *)
+		finished=1
+		;;
+	esac
+    done
+
+    case $# in
+	0)
+	    ;;
+	1)
+	    [ -n "$SHOREWALL_DIR" ] && usage 2
+
+	    if [ ! -d $1 ]; then
+		if [ -e $1 ]; then
+		    echo "$1 is not a directory" >&2 && exit 2
+		else
+		    echo "Directory $1 does not exist" >&2 && exit 2
+		fi
+	    fi
+
+	    SHOREWALL_DIR=$1
+	    export SHOREWALL_DIR
+	    ;;
+	*)
+	    usage 1
+	    ;;
+    esac
+
+    export NOROUTES
+    export PROGRAM=Yes
+
+    [ -n "$nolock" ] || mutex_on
+
+    progress_message3 "Compiling..."
+
+    if $SHOREWALL_SHELL /usr/share/shorewall/compiler $debugging $nolock compile /var/lib/shorewall/.restart; then
+	/var/lib/shorewall/.restart restart
+    fi
+
+    [ -n "$nolock" ] || mutex_off
+}
+
 #
 # Show Command Executor
 #
@ -1249,8 +1278,8 @@ usage() # $1 = exit status
    echo "   refresh"
    echo "   reject <address> ..."
    echo "   reset"
-    echo "   reload [ -n ] [ -q ] [ <directory> ]"
-    echo "   restart [ -n ] [ -q ] [ <directory> ]"
+    echo "   reload [ -n ] [ -q ] [ -v ] [ <directory> ]"
+    echo "   restart [ -n ] [ -q ] [ -v ] [ <directory> ]"
    echo "   restore [ -n ] [ -q ] [ <file name> ]"
    echo "   save [ <file name> ]"
    echo "   show [ -v ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"