extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-04 00:45:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix install.sh on Debian/Ubuntu

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3811 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-04-25 22:46:36 +00:00
parent 17c906092e
commit ead63852f4
5 changed files with 36 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/changelog.txt
View File

@ -15,6 +15,8 @@ Changes in 3.2.0 Beta 5
7) Accomodate ancient kernel's with no FORWARD or POSTROUTING in mangle. 7) Accomodate ancient kernel's with no FORWARD or POSTROUTING in mangle.
8) Clear SUBSYSLOCK on Debian/Ubuntu installs.
Changes in 3.2.0 Beta 4 Changes in 3.2.0 Beta 4
1) Fix 'routeback' with bridge ports. 1) Fix 'routeback' with bridge ports.

12
Shorewall/compiler
View File

@ -2733,7 +2733,7 @@ setup_nat() {
add_ip_aliases= add_ip_aliases=
;; ;;
*) *)
[ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $external dev $iface [ -n "$RETAIN_ALIASES" ] || save_command del_ip_addr $external $iface
;; ;;
esac esac
else else
@ -2793,7 +2793,7 @@ delete_nat() {
if [ -f /var/lib/shorewall/nat ]; then if [ -f /var/lib/shorewall/nat ]; then
while read external interface; do while read external interface; do
qt ip addr del \$external dev \$interface ip_addr_del \$external \$interface
done < /var/lib/shorewall/nat done < /var/lib/shorewall/nat
rm -f {/var/lib/shorewall}/nat rm -f {/var/lib/shorewall}/nat
@ -6946,7 +6946,7 @@ __EOF__
if [ -n "$address" ]; then if [ -n "$address" ]; then
for addr in $(ip_range_explicit ${address%:*}) ; do for addr in $(ip_range_explicit ${address%:*}) ; do
if ! list_search $addr $ALIASES_TO_ADD; then if ! list_search $addr $ALIASES_TO_ADD; then
[ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $addr dev $interface [ -n "$RETAIN_ALIASES" ] || save_command ip_addr_del $addr $interface
ALIASES_TO_ADD="$ALIASES_TO_ADD $addr $fullinterface" ALIASES_TO_ADD="$ALIASES_TO_ADD $addr $fullinterface"
case $fullinterface in case $fullinterface in
*:*) *:*)
@ -8308,7 +8308,7 @@ stop_firewall() {
if [ -f /var/lib/shorewall/nat ]; then if [ -f /var/lib/shorewall/nat ]; then
while read external interface; do while read external interface; do
qt ip addr del \$external dev \$interface ip_addr_del \$external dev \$interface
done < /var/lib/shorewall/nat done < /var/lib/shorewall/nat
rm -f /var/lib/shorewall/nat rm -f /var/lib/shorewall/nat
@ -8744,8 +8744,8 @@ __EOF__
local version=\$(cat /usr/share/shorewall/version) local version=\$(cat /usr/share/shorewall/version)
if [ \${LIBVERSION:-0} -lt 30105 ]; then if [ \${LIBVERSION:-0} -lt 30200 ]; then
fatal_error "This script requires Shorewall version 3.1.5 or later; current version is \$version" fatal_error "This script requires Shorewall version 3.2.0 or later; current version is \$version"
fi fi
__EOF__ __EOF__

24
Shorewall/functions
View File

@ -2,7 +2,7 @@
# #
# Shorewall 3.2 -- /usr/share/shorewall/functions # Shorewall 3.2 -- /usr/share/shorewall/functions
LIBVERSION=30105 LIBVERSION=30200
# #
# Message to stderr # Message to stderr
@ -1058,6 +1058,19 @@ find_first_interface_address() # $1 = interface
echo $addr | sed 's/inet //;s/\/.*//;s/ peer.*//' echo $addr | sed 's/inet //;s/\/.*//;s/ peer.*//'
} }
find_first_interface_address_if_any() # $1 = interface
{
#
# get the line of output containing the first IP address
#
addr=$(ip -f inet addr show $1 2> /dev/null | grep 'inet .* global' | head -n1)
#
# Strip off the trailing VLSM mask (or the peer IP in case of a P-t-P link)
# along with everything else on the line
#
[ -n "$addr" ] && echo $addr | sed 's/inet //;s/\/.*//;s/ peer.*//' || echo 0.0.0.0
}
# #
# Find interface addresses--returns the set of addresses assigned to the passed # Find interface addresses--returns the set of addresses assigned to the passed
# device # device
@ -1253,6 +1266,15 @@ report_capabilities() {
} }
#
# Delete IP address
#
del_ip_addr() # $1 = address, $2 = interface
{
[ $(find_first_interface_address_if_any $2) = $1 ] || qt ip addr del $1 dev $2
}
# Add IP Aliases # Add IP Aliases
# #
add_ip_aliases() # $* = List of addresses add_ip_aliases() # $* = List of addresses

2
Shorewall/install.sh
View File

@ -609,7 +609,7 @@ if [ -z "$PREFIX" -a -n "$first_install" ]; then
echo "shorewall will start automatically at boot" echo "shorewall will start automatically at boot"
echo "Set startup=1 in /etc/default/shorewall to enable" echo "Set startup=1 in /etc/default/shorewall to enable"
touch /var/log/shorewall-init.log touch /var/log/shorewall-init.log
qt mywhich perl && perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/' /etc/shorewall/shorewall.conf qt mywhich perl && perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' /etc/shorewall/shorewall.conf
else else
if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
if insserv /etc/init.d/shorewall ; then if insserv /etc/init.d/shorewall ; then

4
Shorewall/releasenotes.txt
View File

@ -55,6 +55,10 @@ Problems Corrected in 3.2.0 Beta 5
try to mark packets in either of them using entries in try to mark packets in either of them using entries in
/etc/shorewall/tcrules, [re]start will fail. /etc/shorewall/tcrules, [re]start will fail.
6) When install.sh is used to install on a Debian or Ubuntu system, the
SUBSYSLOCK option in shorewall.conf was not being cleared.
It will now be cleared, provided that Perl is installed on the system.
Other changes in 3.2.0 Beta 5 Other changes in 3.2.0 Beta 5
1) The "shorewall refresh" command no longer refreshes traffic shaping. 1) The "shorewall refresh" command no longer refreshes traffic shaping.