Add shorewallrc files.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-03-24 13:05:39 -07:00
parent f4ed4109c6
commit eb118e4443
39 changed files with 1576 additions and 1027 deletions

View File

@ -27,12 +27,18 @@ VERSION=xxx #The Build script inserts the actual version
usage() # $1 = exit status
{
ME=$(basename $0)
echo "usage: $ME"
echo "usage: $ME [ <rcfile> ] "
echo " $ME -v"
echo " $ME -h"
exit $1
}
fatal_error()
{
echo " ERROR: $@" >&2
exit 1
}
split() {
local ifs
ifs=$IFS
@ -85,43 +91,90 @@ install_file() # $1 = source $2 = target $3 = mode
run_install $T $OWNERSHIP -m $3 $1 ${2}
}
cd "$(dirname $0)"
require()
{
eval [ -n "\$$1" ] || fatal_error "Required option $1 not set"
}
#
# Load packager's settings if any
#
[ -f ../shorewall-pkg.config ] && . ../shorewall-pkg.config
cd "$(dirname $0)"
[ -n "$DESTDIR" ] || DESTDIR="$PREFIX"
#
# Parse the run line
#
# ARGS is "yes" if we've already parsed an argument
finished=0
while [ $finished -eq 0 ]; do
option=$1
case "$option" in
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
h)
usage 0
;;
v)
echo "Shorewall Firewall Installer Version $VERSION"
exit 0
;;
*)
usage 1
;;
esac
done
shift
;;
*)
finished=1
;;
esac
done
local file
#
# Read the RC file
#
if [ $# -eq 0 ]; then
#
# Load packager's settings if any
#
if [ -n "${DESTDIR}" -a -f ../shorewall-pkg.config ]; then
. ../shorewall-pkg.config || exit 1
elif [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
file=~/.shorewallrc
else
file=./shorewallrc.default
. $file
fi
elif [ $# -eq 1 ]; then
file=$1
case $file in
/*|.*)
;;
*)
file=./$file
;;
esac
. $file
else
usage 1
fi
for var in SHAREDIR LIBEXECDIR PERLLIBDIR CONFDIR SBINDIR VARDIR; do
require $var
done
[ "${INITFILE}" != 'none/' ] && require INITSOURCE && require INITDIR
T="-T"
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
case "$LIBEXEC" in
/*)
;;
*)
echo "The LIBEXEC setting must be an absolute path name" >&2
exit 1
;;
esac
case "$PERLLIB" in
/*)
;;
*)
echo "The PERLLIB setting must be an absolute path name" >&2
exit 1
;;
esac
INSTALLD='-D'
if [ -z "$BUILD" ]; then
@ -180,41 +233,6 @@ esac
OWNERSHIP="-o $OWNER -g $GROUP"
finished=0
while [ $finished -eq 0 ]; do
option=$1
case "$option" in
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
h)
usage 0
;;
v)
echo "Shorewall Firewall Installer Version $VERSION"
exit 0
;;
*)
usage 1
;;
esac
done
shift
;;
*)
[ -n "$option" ] && usage 1
finished=1
;;
esac
done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
#
# Determine where to install the firewall script
#
@ -245,56 +263,47 @@ if [ -n "$DESTDIR" ]; then
fi
fi
#
# Change to the directory containing this script
#
cd "$(dirname $0)"
echo "Installing Shorewall Core Version $VERSION"
#
# Create /usr/share/shorewall
#
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall
chmod 755 ${DESTDIR}${LIBEXEC}/shorewall
mkdir -p ${DESTDIR}${LIBEXECDIR}/shorewall
chmod 755 ${DESTDIR}${LIBEXECDIR}/shorewall
if [ $LIBEXEC != /usr/shorewall/ ]; then
mkdir -p ${DESTDIR}/usr/share/shorewall
chmod 755 ${DESTDIR}/usr/share/shorewall
fi
mkdir -p ${DESTDIR}${SHAREDIR}/shorewall
chmod 755 ${DESTDIR}${SHAREDIR}/shorewall
#
# Install wait4ifup
#
install_file wait4ifup ${DESTDIR}${LIBEXEC}/shorewall/wait4ifup 0755
install_file wait4ifup ${DESTDIR}${LIBEXECDIR}/shorewall/wait4ifup 0755
echo
echo "wait4ifup installed in ${DESTDIR}${LIBEXEC}/shorewall/wait4ifup"
echo "wait4ifup installed in ${DESTDIR}${LIBEXECDIR}/shorewall/wait4ifup"
#
# Install the libraries
#
for f in lib.* ; do
install_file $f ${DESTDIR}/usr/share/shorewall/$f 0644
echo "Library ${f#*.} file installed as ${DESTDIR}/usr/share/shorewall/$f"
install_file $f ${DESTDIR}${SHAREDIR}/shorewall/$f 0644
echo "Library ${f#*.} file installed as ${DESTDIR}${SHAREDIR}/shorewall/$f"
done
if [ $BUILD != apple ]; then
eval sed -i \'s\|g_libexec=.\*\|g_libexec=$LIBEXEC\|\' ${DESTDIR}/usr/share/shorewall/lib.cli
eval sed -i \'s\|g_perllib=.\*\|g_perllib=$PERLLIB\|\' ${DESTDIR}/usr/share/shorewall/lib.cli
else
eval sed -i \'\' -e \'s\|g_libexec=.\*\|g_libexec=$LIBEXEC\|\' ${DESTDIR}/usr/share/shorewall/lib.cli
eval sed -i \'\' -e \'s\|g_perllib=.\*\|g_perllib=$PERLLIB\|\' ${DESTDIR}/usr/share/shorewall/lib.cli
fi
#
# Symbolically link 'functions' to lib.base
#
ln -sf lib.base ${DESTDIR}/usr/share/shorewall/functions
ln -sf lib.base ${DESTDIR}${SHAREDIR}/shorewall/functions
#
# Create the version file
#
echo "$VERSION" > ${DESTDIR}/usr/share/shorewall/coreversion
chmod 644 ${DESTDIR}/usr/share/shorewall/coreversion
echo "$VERSION" > ${DESTDIR}${SHAREDIR}/shorewall/coreversion
chmod 644 ${DESTDIR}${SHAREDIR}/shorewall/coreversion
cp $file ${DESTDIR}${SHAREDIR}/shorewall/shorewallrc
if [ -z "${DESTDIR}" ]; then
[ -f ~/.shorewallrc ] || cp $file ~/.shorewallrc
fi
#
# Report Success
#

View File

@ -32,41 +32,57 @@ SHOREWALL_CAPVERSION=40501
[ -n "${g_program:=shorewall}" ]
if [ -z "$g_readrc" ]; then
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SHAREDIR=/usr/share
CONFDIR=/etc
SBINDIR=/sbin
LIBEXECDIR=/usr/share
fi
g_libexec="$LIBEXECDIR"
g_sharedir="$SHAREDIR"
g_sbindir="$SBINDIR"
g_readrc=1
fi
case $g_program in
shorewall)
SHAREDIR=/usr/share/shorewall
CONFDIR=/etc/shorewall
SHAREDIR=${SHAREDIR}/shorewall
CONFDIR=${CONFDIR}/shorewall
g_product="Shorewall"
g_family=4
g_tool=
g_basedir=/usr/share/shorewall
g_basedir=${SHAREDIR}/shorewall
g_lite=
;;
shorewall6)
SHAREDIR=/usr/share/shorewall6
CONFDIR=/etc/shorewall6
SHAREDIR=${SHAREDIR}/shorewall6
CONFDIR=${CONFDIR}/shorewall6
g_product="Shorewall6"
g_family=6
g_tool=
g_basedir=/usr/share/shorewall
g_basedir=${SHAREDIR}/shorewall
g_lite=
;;
shorewall-lite)
SHAREDIR=/usr/share/shorewall-lite
CONFDIR=/etc/shorewall-lite
SHAREDIR=${SHAREDIR}/shorewall-lite
CONFDIR=${CONFDIR}/shorewall-lite
g_product="Shorewall Lite"
g_family=4
g_tool=iptables
g_basedir=/usr/share/shorewall-lite
g_basedir=${SHAREDIR}/shorewall-lite
g_lite=Yes
;;
shorewall6-lite)
SHAREDIR=/usr/share/shorewall6-lite
CONFDIR=/etc/shorewall6-lite
SHAREDIR=${SHAREDIR}/shorewall6-lite
CONFDIR=${CONFDIR}/shorewall6-lite
g_product="Shorewall6 Lite"
g_family=6
g_tool=ip6tables
g_basedir=/usr/share/shorewall6-lite
g_basedir=${SHAREDIR}/shorewall6-lite
g_lite=Yes
;;
esac
@ -186,7 +202,7 @@ mutex_off()
rm -f ${LOCKFILE:=${VARDIR}/lock}
}
[ -z "$LEFTSHIFT" ] && . /usr/share/shorewall/lib.common
[ -z "$LEFTSHIFT" ] && . ${g_sharedir}/shorewall/lib.common
#
# Validate an IP address

View File

@ -23,7 +23,25 @@
# This library contains the command processing code common to /sbin/shorewall[6] and
# /sbin/shorewall[6]-lite.
#
. /usr/share/shorewall/lib.base
if [ -z "$g_readrc" ]; then
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SHAREDIR=/usr/share
CONFDIR=${CONFDIR}
SBINDIR=/sbin
LIBEXECDIR=/usr/share
fi
g_libexec="$LIBEXECDIR"
g_sharedir="$SHAREDIR"
g_sbindir="$SBINDIR"
g_readrc=1
fi
. ${SHAREDIR}/shorewall/lib.base
#
# Fatal Error
#
@ -842,11 +860,13 @@ show_command() {
echo "CONFIG_PATH=$CONFIG_PATH"
echo "VARDIR=$VARDIR"
echo "LIBEXEC=$g_libexec"
echo "SBINDIR=$g_sbindir"
[ -n "$g_lite" ] && ${VARDIR} ne /var/lib/$program && echo "LITEDIR=${VARDIR}"
else
echo "Default CONFIG_PATH is $CONFIG_PATH"
echo "Default VARDIR is /var/lib/$g_program"
echo "LIBEXEC is $g_libexec"
echo "SBINDIR is $g_sbindir"
[ -n "$g_lite" ] && [ ${VARDIR} != /var/lib/$g_program ] && echo "LITEDIR is ${VARDIR}"
fi
;;
@ -2950,14 +2970,12 @@ shorewall_cli() {
g_annotate=
g_recovering=
g_timestamp=
g_libexec=/usr/share
g_perllib=/usr/share/shorewall
g_shorewalldir=
VERBOSE=
VERBOSITY=
[ -n "$g_lite" ] || . /usr/share/shorewall/lib.cli-std
[ -n "$g_lite" ] || . ${g_sharedir}/shorewall/lib.cli-std
finished=0

View File

@ -0,0 +1,18 @@
#
# Apple OS X Shorewall 4.5 rc file
#
BUILD=apple
HOST=apple
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man
INITDIR=
INITFILE=none/
INITSOURCE=
ANNOTATED=
SYSCONFDIR=
SYSTEMD=
VARDIR=/var/lib

View File

@ -0,0 +1,18 @@
#
# Archlinux Shorewall 4.5 rc file
#
BUILD=archlinux
HOST=archlinux
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man
INITDIR=/etc/rc.d
INITFILE=$PRODUCT
INITSOURCE=init.sh
ANNOTATED=
SYSCONFDIR=
SYSTEMD=
VARDIR=/var/lib

View File

@ -0,0 +1,18 @@
#
# Cygwin Shorewall 4.5 rc file
#
BUILD=cygwin
HOST=cygwin
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/bin
MANDIR=/usr/share/man
INITDIR=/etc/init.d
INITFILE=
INITSOURCE=
ANNOTATED=
SYSCONFDIR=
SYSTEMD=
VARDIR=/var/lib

View File

@ -0,0 +1,20 @@
#
# Debian Shorewall 4.5 rc file
#
BUILD= #Default is to detect the build system
HOST=debian
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man
INITDIR=/etc/init.d
INITFILE=$PRODUCT
INITSOURCE=init.debian.sh
ANNOTATED=
SPARSE=Yes
SYSCONFFILE=default.debian
SYSCONFDIR=/etc/default
SYSTEMD=
VARDIR=/var/lib

View File

@ -0,0 +1,19 @@
#
# Default Shorewall 4.5 rc file
#
HOST= #Default is to detect the host system
BUILD= #Default is to detect the build system
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man
INITDIR=/etc/init.d
INITFILE=$PRODUCT
INITSOURCE=init.sh
ANNOTATED=
SYSTEMD=
SYSCONFDIR=
SPARSE=
VARDIR=/var/lib

View File

@ -0,0 +1,18 @@
#
# RedHat/FedoraShorewall 4.5 rc file
#
BUILD= #Default is to detect the build system
HOST=redhat
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man
INITDIR=/etc/rc.d/init.d
INITFILE=$PRODUCT
INITSOURCE=init.fedora.sh
ANNOTATED=
SYSCONFDIR=/etc/sysconfig/
SYSTEMD=/lib/systemd/system
VARDIR=/var/lib

View File

@ -0,0 +1,20 @@
#
# Slackware Shorewall 4.5 rc file
#
BUILD=slackware
HOST=slackware
SHAREDIR=/usr/share
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/man
INITDIR=/etc/rc.d
INITSOURCE=init.slackware.firewall
INITFILE=rc.firewall
AUXINITSOURCE=init.slackware.$PRODUCT
AUXINITFILE=rc.$PRODUCT
SYSCONFDIR=
ANNOTATED=
SYSTEMD=
VARDIR=/var/lib

View File

@ -0,0 +1,19 @@
#
# SuSE Shorewall 4.5 rc file
#
BUILD= #Default is to detect the build system
HOST=suse
SHAREDIR=/usr/share
LIBEXECDIR=/usr/libexec
PERLLIBDIR=/usr/share/shorewall
CONFDIR=/etc
SBINDIR=/sbin
MANDIR=/usr/share/man/
INITDIR=/etc/init.d
INITFILE=$PRODUCT
INITSOURCE=init.sh
ANNOTATED=
SYSTEMD=
SYSCONFDIR=/etc/sysconfig/
SPARSE=
VARDIR=/var/lib

View File

@ -60,6 +60,10 @@ remove_file() # $1 = file to restore
fi
}
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
fi
if [ -f /usr/share/shorewall/coreversion ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall/coreversion)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
@ -72,12 +76,9 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
echo "Uninstalling Shorewall Core $VERSION"
rm -rf /usr/share/shorewall
rm -rf ${SHAREDIR}/shorewall
echo "Shorewall Core Uninstalled"

View File

@ -182,10 +182,8 @@ else
fi
for PRODUCT in $PRODUCTS; do
VARDIR=/var/lib/$PRODUCT
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
if [ -x $VARDIR/firewall ]; then
( . /usr/share/$PRODUCT/lib.base
( . ${SHAREDIR}/shorewall/lib.base
mutex_on
${VARDIR}/firewall -V0 $COMMAND $INTERFACE || echo_notdone
mutex_off

View File

@ -62,10 +62,19 @@ not_configured () {
exit 0
}
#determine where the files were installed
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
SRWL=${SBIN}/shorewall-init
else
CONFDIR=/etc
SYSCONFDIR=/etc/default
fi
# check if shorewall-init is configured or not
if [ -f "/etc/default/shorewall-init" ]
if [ -f "$SYSCONFDIR/shorewall-init" ]
then
. /etc/default/shorewall-init
. $SYSCONFDIR/shorewall-init
if [ -z "$PRODUCTS" ]
then
not_configured

View File

@ -53,6 +53,12 @@ else
exit 0
fi
if [ ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
VARDIR=/var/lib
fi
# Initialize the firewall
shorewall_start () {
local PRODUCT
@ -60,10 +66,8 @@ shorewall_start () {
echo -n "Initializing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
VARDIR=/var/lib/$PRODUCT
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
if [ -x ${VARDIR}/firewall ]; then
if ! /sbin/$PRODUCT status > /dev/null 2>&1; then
if ! ${SBIN}/$PRODUCT status > /dev/null 2>&1; then
${VARDIR}/firewall stop || echo_notdone
fi
fi
@ -83,8 +87,6 @@ shorewall_stop () {
echo -n "Clearing \"Shorewall-based firewalls\": "
for PRODUCT in $PRODUCTS; do
VARDIR=/var/lib/$PRODUCT
[ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir
if [ -x ${VARDIR}/firewall ]; then
${VARDIR}/firewall clear || exit 1
fi

View File

@ -34,6 +34,12 @@ usage() # $1 = exit status
exit $1
}
fatal_error()
{
echo " ERROR: $@" >&2
exit 1
}
split() {
local ifs
ifs=$IFS
@ -76,9 +82,9 @@ cant_autostart()
echo "WARNING: Unable to configure shorewall init to start automatically at boot" >&2
}
delete_file() # $1 = file to delete
require()
{
rm -f $1
eval [ -n "\$$1" ] || fatal_error "Required option $1 not set"
}
install_file() # $1 = source $2 = target $3 = mode
@ -88,44 +94,78 @@ install_file() # $1 = source $2 = target $3 = mode
cd "$(dirname $0)"
#
# Load packager's settings if any
#
[ -f ../shorewall-pkg.config ] && . ../shorewall-pkg.config
PRODUCT=shorewall-init
[ -n "$DESTDIR" ] || DESTDIR="$PREFIX"
#
# Parse the run line
#
finished=0
while [ $# -gt 0 ] ; do
while [ $finished -eq 0 ] ; do
case "$1" in
-h|help|?)
usage 0
;;
-v)
echo "Shorewall Init Installer Version $VERSION"
exit 0
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
h)
usage 0
;;
v)
echo "Shorewall-init Firewall Installer Version $VERSION"
exit 0
;;
*)
usage 1
;;
esac
done
shift
;;
*)
usage 1
finished=1
;;
esac
shift
done
local file
#
# Read the RC file
#
if [ $# -eq 0 ]; then
#
# Load packager's settings if any
#
if [ -n "${DESTDIR}" -a -f ../shorewall-pkg.config ]; then
. ../shorewall-pkg.config || exit 1
elif [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
file=~/.shorewallrc
else
fatal_error "No rcfile specified and ~/.shorewallrc not found"
fi
elif [ $# -eq 1 ]; then
file=$1
case $file in
/*|.*)
;;
*)
file=./$file
;;
esac
. $file
else
usage 1
fi
for var in SHAREDIR LIBEXECDIR CONFDIR SBINDIR VARDIR; do
require $var
done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
[ -n "${LIBEXEC:=/usr/share}" ]
case "$LIBEXEC" in
/*)
;;
*)
echo "The LIBEXEC setting must be an absolute path name" >&2
exit 1
;;
esac
INITFILE="shorewall-init"
if [ -z "$BUILD" ]; then
case $(uname) in
cygwin*)
@ -174,11 +214,9 @@ OWNERSHIP="-o $OWNER -g $GROUP"
case "$HOST" in
debian)
echo "Installing Debian-specific configuration..."
SPARSE=yes
;;
redhat|redhat)
echo "Installing Redhat/Fedora-specific configuration..."
[ -n "$INITDIR" ] || INITDIR=/etc/rc.d/init.d
;;
slackware)
echo "Shorewall-init is currently not supported on Slackware" >&2
@ -202,10 +240,6 @@ esac
[ -z "$TARGET" ] && TARGET=$HOST
if [ -z "$INITDIR" -a -n "$INITFILE" ] ; then
INITDIR="/etc/init.d"
fi
if [ -n "$DESTDIR" ]; then
if [ `id -u` != 0 ] ; then
echo "Not setting file owner/group permissions, not running as root."
@ -215,57 +249,42 @@ if [ -n "$DESTDIR" ]; then
install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
fi
if [ -z "$DESTDIR" ]; then
if [ -d /lib/systemd/system ]; then
SYSTEMD=Yes
INITFILE=
fi
elif [ -n "$SYSTEMD" ]; then
mkdir -p ${DESTDIR}/lib/systemd/system
INITFILE=
fi
echo "Installing Shorewall Init Version $VERSION"
#
# Check for /usr/share/shorewall-init/version
#
if [ -f ${DESTDIR}/usr/share/shorewall-init/version ]; then
if [ -f ${DESTDIR}${SHAREDIR}/shorewall-init/version ]; then
first_install=""
else
first_install="Yes"
fi
#
# Install the Firewall Script
#
if [ -n "$INITFILE" ]; then
#
# Install the Init Script
#
case $TARGET in
debian)
install_file init.debian.sh ${DESTDIR}${INITDIR}/${INITFILE} 0544
;;
redhat)
install_file init.fedora.sh ${DESTDIR}${INITDIR}/${INITFILE} 0544
;;
*)
install_file init.sh ${DESTDIR}${INITDIR}/${INITFILE} 0544
;;
esac
install_file $INITSOURCE ${DESTDIR}${INITDIR}/$INITFILE 0544
if [ -n "${AUXINITSOURCE}" ]; then
install_file $INITSOURCE ${DESTDIR}${INITDIR}/$AUXINITFILE 0544
fi
echo "Shorewall-init script installed in ${DESTDIR}${INITDIR}/${INITFILE}"
echo "Shorewall-init script installed in ${DESTDIR}${INITDIR}/$INITFILE"
fi
#
# Install the .service file
#
if [ -n "$SYSTEMD" ]; then
run_install $OWNERSHIP -m 600 shorewall-init.service ${DESTDIR}/lib/systemd/system/shorewall-init.service
echo "Service file installed as ${DESTDIR}/lib/systemd/system/shorewall-init.service"
run_install $OWNERSHIP -m 600 shorewall-init.service ${DESTDIR}${SYSTEMD}/shorewall-init.service
echo "Service file installed as ${DESTDIR}${SYSTEMD}/shorewall-init.service"
if [ -n "$DESTDIR" ]; then
mkdir -p ${DESTDIR}/sbin/
chmod 755 ${DESTDIR}/sbin
mkdir -p ${DESTDIR}${SBINDIR}
chmod 755 ${DESTDIR}${SBINDIR}
fi
run_install $OWNERSHIP -m 700 shorewall-init ${DESTDIR}/sbin/shorewall-init
echo "CLI installed as ${DESTDIR}/sbin/shorewall-init"
run_install $OWNERSHIP -m 700 shorewall-init ${DESTDIR}${SBINDIR}/shorewall-init
echo "CLI installed as ${DESTDIR}${SBINDIR}/shorewall-init"
fi
#
@ -285,7 +304,7 @@ chmod 644 ${DESTDIR}/usr/share/shorewall-init/version
#
if [ -z "$DESTDIR" ]; then
rm -f /usr/share/shorewall-init/init
ln -s ${INITDIR}/${INITFILE} /usr/share/shorewall-init/init
ln -s ${INITDIR}/${INITFILE} ${SHAREDIR}/shorewall-init/init
fi
if [ $HOST = debian ]; then
@ -324,9 +343,9 @@ fi
# Install the ifupdown script
#
mkdir -p ${DESTDIR}${LIBEXEC}/shorewall-init
mkdir -p ${DESTDIR}${LIBEXECDIR}/shorewall-init
install_file ifupdown.sh ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown 0544
install_file ifupdown.sh ${DESTDIR}${LIBEXECDIR}/shorewall-init/ifupdown 0544
if [ -d ${DESTDIR}/etc/NetworkManager ]; then
install_file ifupdown.sh ${DESTDIR}/etc/NetworkManager/dispatcher.d/01-shorewall 0544
@ -344,11 +363,11 @@ case $HOST in
fi
;;
redhat)
if [ -f ${DESTDIR}/sbin/ifup-local -o -f ${DESTDIR}/sbin/ifdown-local ]; then
echo "WARNING: /sbin/ifup-local and/or /sbin/ifdown-local already exist; up/down events will not be handled"
if [ -f ${DESTDIR}${SBINDIR}/ifup-local -o -f ${DESTDIR}${SBINDIR}/ifdown-local ]; then
echo "WARNING: ${SBINDIR}/ifup-local and/or ${SBINDIR}/ifdown-local already exist; up/down events will not be handled"
elif [ -z "$DESTDIR" ]; then
install_file ifupdown.sh ${DESTDIR}/sbin/ifup-local 0544
install_file ifupdown.sh ${DESTDIR}/sbin/ifdown-local 0544
install_file ifupdown.sh ${DESTDIR}${SBINDIR}/ifup-local 0544
install_file ifupdown.sh ${DESTDIR}${SBINDIR}/ifdown-local 0544
fi
;;
esac
@ -365,20 +384,20 @@ if [ -z "$DESTDIR" ]; then
if systemctl enable shorewall-init; then
echo "Shorewall Init will start automatically at boot"
fi
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif [ -x ${SBINDIR}/insserv -o -x /usr${SBINDIR}/insserv ]; then
if insserv /etc/init.d/shorewall-init ; then
echo "Shorewall Init will start automatically at boot"
else
cant_autostart
fi
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif [ -x ${SBINDIR}/chkconfig -o -x /usr${SBINDIR}/chkconfig ]; then
if chkconfig --add shorewall-init ; then
echo "Shorewall Init will start automatically in run levels as follows:"
chkconfig --list shorewall-init
else
cant_autostart
fi
elif [ -x /sbin/rc-update ]; then
elif [ -x ${SBINDIR}/rc-update ]; then
if rc-update add shorewall-init default; then
echo "Shorewall Init will start automatically at boot"
else
@ -387,7 +406,6 @@ if [ -z "$DESTDIR" ]; then
else
cant_autostart
fi
fi
fi
else
@ -408,7 +426,7 @@ if [ -f ${DESTDIR}/etc/ppp ]; then
debian|suse)
for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall
cp -fp ${DESTDIR}${LIBEXECDIR}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall
done
;;
redhat)
@ -419,13 +437,13 @@ if [ -f ${DESTDIR}/etc/ppp ]; then
FILE=${DESTDIR}/etc/ppp/$file
if [ -f $FILE ]; then
if fgrep -q Shorewall-based $FILE ; then
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown $FILE
cp -fp ${DESTDIR}${LIBEXECDIR}/shorewall-init/ifupdown $FILE
else
echo "$FILE already exists -- ppp devices will not be handled"
break
fi
else
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown $FILE
cp -fp ${DESTDIR}${LIBEXECDIR}/shorewall-init/ifupdown $FILE
fi
done
;;

View File

@ -40,6 +40,27 @@ qt()
"$@" >/dev/null 2>&1
}
split() {
local ifs
ifs=$IFS
IFS=:
set -- $1
echo $*
IFS=$ifs
}
mywhich() {
local dir
for dir in $(split $PATH); do
if [ -x $dir/$1 ]; then
return 0
fi
done
return 2
}
remove_file() # $1 = file to restore
{
if [ -f $1 -o -L $1 ] ; then
@ -48,8 +69,31 @@ remove_file() # $1 = file to restore
fi
}
if [ -f /usr/share/shorewall-init/version ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall-init/version)"
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
else
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc}" ]
if [ -z "$SYSCONFDIR" ]; then
if [ -d /etc/default ]; then
SYSCONFDIR=/etc/default
else
SYSCONFDIR=/etc/sysconfig
fi
fi
[ -n "${SBINDIR:=/sbin}" ]
[ -n "${SHAREDIR:=/usr/share}" ]
[ -n "${VARDIR:=/var/lib}" ]
[ -n "${INITFILE:=shorewall}" ]
[ -n "${INITDIR:=/etc/init.d}" ]
[ -n "${MANDIR:=/usr/share/man}" ]
fi
if [ -f ${SHAREDIR}/shorewall-init/version ]; then
INSTALLED_VERSION="$(cat ${SHAREDIR}/shorewall-init/version)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
echo "WARNING: Shorewall Init Version $INSTALLED_VERSION is installed"
echo " and this is the $VERSION uninstaller."
@ -60,56 +104,55 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${LIBEXEC:=${SHAREDIR}}" ]
echo "Uninstalling Shorewall Init $VERSION"
INITSCRIPT=/etc/init.d/shorewall-init
INITSCRIPT=${CONFDIR}/init.d/shorewall-init
if [ -n "$INITSCRIPT" ]; then
if [ -x /usr/sbin/updaterc.d ]; then
if [ -f "$INITSCRIPT" ]; then
if mywhich updaterc.d ; then
updaterc.d shorewall-init remove
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif mywhich insserv ; then
insserv -r $INITSCRIPT
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif mywhich chkconfig ; then
chkconfig --del $(basename $INITSCRIPT)
elif [ -x /sbin/systemctl ]; then
elif mywhich systemctl ; then
systemctl disable shorewall-init
else
rm -f /etc/rc*.d/*$(basename $INITSCRIPT)
fi
remove_file $INITSCRIPT
fi
[ "$(readlink -m -q /sbin/ifup-local)" = /usr/share/shorewall-init ] && remove_file /sbin/ifup-local
[ "$(readlink -m -q /sbin/ifdown-local)" = /usr/share/shorewall-init ] && remove_file /sbin/ifdown-local
[ "$(readlink -m -q ${SBINDIR}/ifup-local)" = ${SHAREDIR}/shorewall-init ] && remove_file ${SBINDIR}/ifup-local
[ "$(readlink -m -q ${SBINDIR}/ifdown-local)" = ${SHAREDIR}/shorewall-init ] && remove_file ${SBINDIR}/ifdown-local
remove_file /etc/default/shorewall-init
remove_file /etc/sysconfig/shorewall-init
remove_file ${CONFDIR}/default/shorewall-init
remove_file ${CONFDIR}/sysconfig/shorewall-init
remove_file /etc/NetworkManager/dispatcher.d/01-shorewall
remove_file ${CONFDIR}/NetworkManager/dispatcher.d/01-shorewall
remove_file /etc/network/if-up.d/shorewall
remove_file /etc/network/if-down.d/shorewall
remove_file ${CONFDIR}/network/if-up.d/shorewall
remove_file ${CONFDIR}/network/if-down.d/shorewall
remove_file /etc/sysconfig/network/if-up.d/shorewall
remove_file /etc/sysconfig/network/if-down.d/shorewall
remove_file /lib/systemd/system/shorewall.service
remove_file ${CONFDIR}/sysconfig/network/if-up.d/shorewall
remove_file ${CONFDIR}/sysconfig/network/if-down.d/shorewall
if [ -d /etc/ppp ]; then
[ -n "$SYSTEMD" ] && remove_file ${SYSTEMD}/shorewall.service
if [ -d ${CONFDIR}/ppp ]; then
for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
remove_file /etc/ppp/$directory/shorewall
remove_file ${CONFDIR}/ppp/$directory/shorewall
done
for file in if-up.local if-down.local; do
if fgrep -q Shorewall-based /etc/ppp/$FILE; then
remove_file /etc/ppp/$FILE
if fgrep -q Shorewall-based ${CONFDIR}/ppp/$FILE; then
remove_file ${CONFDIR}/ppp/$FILE
fi
done
fi
rm -rf /usr/share/shorewall-init
rm -rf ${SHAREDIR}/shorewall-init
rm -rf ${LIBEXEC}/shorewall-init
echo "Shorewall Init Uninstalled"

View File

@ -57,17 +57,27 @@ not_configured () {
exit 0
}
#determine where the files were installed
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
SRWL=${SBIN}/shorewall-lite
else
CONFDIR=/etc
SYSCONFDIR=/etc/default
fi
# parse the shorewall params file in order to use params in
# /etc/default/shorewall
if [ -f "/etc/shorewall-lite/params" ]
if [ -f "$CONFDIR/shorewall-lite/params" ]
then
. /etc/shorewall-lite/params
. $CONFDIR/shorewall-lite/params
fi
# check if shorewall is configured or not
if [ -f "/etc/default/shorewall-lite" ]
if [ -f "$SYSCONFDIR/shorewall-lite" ]
then
. /etc/default/shorewall-lite
. $SYSCONFDIR/shorewall-lite
SRWL_OPTS="$SRWL_OPTS $OPTIONS"
if [ "$startup" != "1" ]
then

View File

@ -61,10 +61,16 @@ usage() {
# Get startup options (override default)
################################################################################
OPTIONS=
if [ -f /etc/sysconfig/shorewall ]; then
. /etc/sysconfig/shorewall
elif [ -f /etc/default/shorewall ] ; then
. /etc/default/shorewall
if [ ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SBIN=/sbin
SYSCONFDIR=/etc/sysconfig
fi
if [ -f ${SYSCONFDIR}/shorewall-lite ]; then
. ${SYSCONFDIR}/shorewall-lite
fi
SHOREWALL_INIT_SCRIPT=1
@ -76,13 +82,13 @@ command="$1"
case "$command" in
start)
exec /sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
exec ${SBIN}/shorewall-lite $OPTIONS start $STARTOPTIONS
;;
restart|reload)
exec /sbin/shorewall-lite $OPTIONS restart $RESTARTOPTIONS
exec ${SBIN}/shorewall-lite $OPTIONS restart $RESTARTOPTIONS
;;
status|stop)
exec /sbin/shorewall-lite $OPTIONS $command $@
exec ${SBIN}/shorewall-lite $OPTIONS $command $@
;;
*)
usage

View File

@ -33,6 +33,12 @@ usage() # $1 = exit status
exit $1
}
fatal_error()
{
echo " ERROR: $@" >&2
exit 1
}
split() {
local ifs
ifs=$IFS
@ -85,16 +91,16 @@ install_file() # $1 = source $2 = target $3 = mode
run_install $T $OWNERSHIP -m $3 $1 ${2}
}
require()
{
eval [ -n "\$$1" ] || fatal_error "Required option $1 not set"
}
#
# Change to the directory containing this script
#
cd "$(dirname $0)"
#
# Load packager's settings if any
#
[ -f ../shorewall-pkg.config ] && . ../shorewall-pkg.config
if [ -f shorewall-lite ]; then
PRODUCT=shorewall-lite
Product="Shorewall Lite"
@ -108,34 +114,72 @@ fi
#
# Parse the run line
#
while [ $# -gt 0 ] ; do
finished=0
while [ $finished -eq 0 ] ; do
case "$1" in
-h|help|?)
usage 0
;;
-v)
echo "$Product Firewall Installer Version $VERSION"
exit 0
-*)
option=${option#-}
while [ -n "$option" ]; do
case $option in
h)
usage 0
;;
v)
echo "$Product Firewall Installer Version $VERSION"
exit 0
;;
*)
usage 1
;;
esac
done
shift
;;
*)
usage 1
finished=1
;;
esac
shift
done
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
local file
#
# Read the RC file
#
if [ $# -eq 0 ]; then
#
# Load packager's settings if any
#
if [ -n "${DESTDIR}" -a -f ../shorewall-pkg.config ]; then
. ../shorewall-pkg.config || exit 1
elif [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
file=~/.shorewallrc
else
fatal_error "No rcfile specified and ~/.shorewallrc not found"
fi
elif [ $# -eq 1 ]; then
file=$1
case $file in
/*|.*)
;;
*)
file=./$file
;;
esac
[ -n "${LIBEXEC:=/usr/share}" ]
. $file
else
usage 1
fi
case "$LIBEXEC" in
/*)
;;
*)
echo "The LIBEXEC setting must be an absolute path name" >&2
exit 1
;;
esac
for var in SHAREDIR LIBEXECDIRDIRDIR CONFDIR SBINDIR VARDIR; do
require $var
done
PATH=${SBINDIR}:/bin:/usr${SBINDIR}:/usr/bin:/usr/local/bin:/usr/local${SBINDIR}
#
# Determine where to install the firewall script
@ -154,15 +198,15 @@ if [ -z "$BUILD" ]; then
BUILD=apple
;;
*)
if [ -f /etc/debian_version ]; then
if [ -f ${CONFDIR}/debian_version ]; then
BUILD=debian
elif [ -f /etc/redhat-release ]; then
elif [ -f ${CONFDIR}/redhat-release ]; then
BUILD=redhat
elif [ -f /etc/SuSE-release ]; then
elif [ -f ${CONFDIR}/SuSE-release ]; then
BUILD=suse
elif [ -f /etc/slackware-version ] ; then
elif [ -f ${CONFDIR}/slackware-version ] ; then
BUILD=slackware
elif [ -f /etc/arch-release ] ; then
elif [ -f ${CONFDIR}/arch-release ] ; then
BUILD=archlinux
else
BUILD=linux
@ -203,21 +247,15 @@ case "$HOST" in
;;
debian)
echo "Installing Debian-specific configuration..."
SPARSE=yes
;;
redhat)
echo "Installing Redhat/Fedora-specific configuration..."
[ -n "$INITDIR" ] || INITDIR=/etc/rc.d/init.d
;;
slackware)
echo "Installing Slackware-specific configuration..."
[ -n "$INITDIR" ] || INITDIR="/etc/rc.d"
[ -n "$INITFILE" ] || INITFILE="rc.firewall"
[ -n "$MANDIR=" ] || MANDIR=/usr/man
;;
archlinux)
echo "Installing ArchLinux-specific configuration..."
[ -n "$INITDIR" ] || INITDIR="/etc/rc.d"
;;
linux|suse)
;;
@ -227,7 +265,7 @@ case "$HOST" in
;;
esac
[ -z "$INITDIR" ] && INITDIR="/etc/init.d"
[ -z "$INITDIR" ] && INITDIR="${CONFDIR}/init.d"
if [ -n "$DESTDIR" ]; then
if [ `id -u` != 0 ] ; then
@ -235,8 +273,8 @@ if [ -n "$DESTDIR" ]; then
OWNERSHIP=""
fi
install -d $OWNERSHIP -m 755 ${DESTDIR}/sbin
install -d $OWNERSHIP -m 755 ${DESTDIR}${DESTFILE}
install -d $OWNERSHIP -m 755 ${DESTDIR}/${SBINDIR}
install -d $OWNERSHIP -m 755 ${DESTDIR}${INITDIR}
if [ -n "$SYSTEMD" ]; then
mkdir -p ${DESTDIR}/lib/systemd/system
@ -257,27 +295,27 @@ fi
echo "Installing $Product Version $VERSION"
#
# Check for /etc/$PRODUCT
# Check for ${CONFDIR}/$PRODUCT
#
if [ -z "$DESTDIR" -a -d /etc/$PRODUCT ]; then
if [ -z "$DESTDIR" -a -d ${CONFDIR}/$PRODUCT ]; then
if [ ! -f /usr/share/shorewall/coreversion ]; then
echo "$PRODUCT $VERSION requires Shorewall Core which does not appear to be installed" >&2
exit 1
fi
[ -f /etc/$PRODUCT/shorewall.conf ] && \
mv -f /etc/$PRODUCT/shorewall.conf /etc/$PRODUCT/$PRODUCT.conf
[ -f ${CONFDIR}/$PRODUCT/shorewall.conf ] && \
mv -f ${CONFDIR}/$PRODUCT/shorewall.conf ${CONFDIR}/$PRODUCT/$PRODUCT.conf
else
rm -rf ${DESTDIR}/etc/$PRODUCT
rm -rf ${DESTDIR}${CONFDIR}/$PRODUCT
rm -rf ${DESTDIR}/usr/share/$PRODUCT
rm -rf ${DESTDIR}/var/lib/$PRODUCT
[ "$LIBEXEC" = /usr/share ] || rm -rf ${DESTDIR}/usr/share/$PRODUCT/wait4ifup ${DESTDIR}/usr/share/$PRODUCT/shorecap
[ "$LIBEXECDIR" = /usr/share ] || rm -rf ${DESTDIR}/usr/share/$PRODUCT/wait4ifup ${DESTDIR}/usr/share/$PRODUCT/shorecap
fi
#
# Check for /sbin/$PRODUCT
# Check for ${SBINDIR}/$PRODUCT
#
if [ -f ${DESTDIR}/sbin/$PRODUCT ]; then
if [ -f ${DESTDIR}${SBINDIR}/$PRODUCT ]; then
first_install=""
else
first_install="Yes"
@ -285,24 +323,24 @@ fi
delete_file ${DESTDIR}/usr/share/$PRODUCT/xmodules
install_file $PRODUCT ${DESTDIR}/sbin/$PRODUCT 0544
install_file $PRODUCT ${DESTDIR}${SBINDIR}/$PRODUCT 0544
echo "$Product control program installed in ${DESTDIR}/sbin/$PRODUCT"
echo "$Product control program installed in ${DESTDIR}${SBINDIR}/$PRODUCT"
#
# Create /etc/$PRODUCT, /usr/share/$PRODUCT and /var/lib/$PRODUCT if needed
# Create ${CONFDIR}/$PRODUCT, /usr/share/$PRODUCT and /var/lib/$PRODUCT if needed
#
mkdir -p ${DESTDIR}/etc/$PRODUCT
mkdir -p ${DESTDIR}${CONFDIR}/$PRODUCT
mkdir -p ${DESTDIR}/usr/share/$PRODUCT
mkdir -p ${DESTDIR}${LIBEXEC}/$PRODUCT
mkdir -p ${DESTDIR}${LIBEXECDIR}/$PRODUCT
mkdir -p ${DESTDIR}/var/lib/$PRODUCT
chmod 755 ${DESTDIR}/etc/$PRODUCT
chmod 755 ${DESTDIR}${CONFDIR}/$PRODUCT
chmod 755 ${DESTDIR}/usr/share/$PRODUCT
if [ -n "$DESTDIR" ]; then
mkdir -p ${DESTDIR}/etc/logrotate.d
chmod 755 ${DESTDIR}/etc/logrotate.d
mkdir -p ${DESTDIR}${CONFDIR}/logrotate.d
chmod 755 ${DESTDIR}${CONFDIR}/logrotate.d
mkdir -p ${DESTDIR}${INITDIR}
chmod 755 ${DESTDIR}${INITDIR}
fi
@ -329,74 +367,74 @@ fi
# Install the .service file
#
if [ -n "$SYSTEMD" ]; then
run_install $OWNERSHIP -m 600 $PRODUCT.service ${DESTDIR}/lib/systemd/system/$PRODUCT.service
run_install $OWNERSHIP -m 600 $PRODUCT.service ${DESTDIR}/${SYSTEMD}/$PRODUCT.service
echo "Service file installed as ${DESTDIR}/lib/systemd/system/$PRODUCT.service"
fi
#
# Install the config file
#
if [ ! -f ${DESTDIR}/etc/$PRODUCT/$PRODUCT.conf ]; then
install_file $PRODUCT.conf ${DESTDIR}/etc/$PRODUCT/$PRODUCT.conf 0744
echo "Config file installed as ${DESTDIR}/etc/$PRODUCT/$PRODUCT.conf"
if [ ! -f ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf ]; then
install_file $PRODUCT.conf ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf 0744
echo "Config file installed as ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf"
fi
if [ $HOST = archlinux ] ; then
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${DESTDIR}/etc/$PRODUCT/$PRODUCT.conf
sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${DESTDIR}${CONFDIR}/$PRODUCT/$PRODUCT.conf
fi
#
# Install the Makefile
#
run_install $OWNERSHIP -m 0600 Makefile ${DESTDIR}/etc/$PRODUCT
echo "Makefile installed as ${DESTDIR}/etc/$PRODUCT/Makefile"
run_install $OWNERSHIP -m 0600 Makefile ${DESTDIR}${CONFDIR}/$PRODUCT
echo "Makefile installed as ${DESTDIR}${CONFDIR}/$PRODUCT/Makefile"
#
# Install the default config path file
#
install_file configpath ${DESTDIR}/usr/share/$PRODUCT/configpath 0644
echo "Default config path file installed as ${DESTDIR}/usr/share/$PRODUCT/configpath"
install_file configpath ${DESTDIR}${SHAREDIR}/$PRODUCT/configpath 0644
echo "Default config path file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/configpath"
#
# Install the libraries
#
for f in lib.* ; do
if [ -f $f ]; then
install_file $f ${DESTDIR}/usr/share/$PRODUCT/$f 0644
echo "Library ${f#*.} file installed as ${DESTDIR}/usr/share/$PRODUCT/$f"
install_file $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f 0644
echo "Library ${f#*.} file installed as ${DESTDIR}/${SHAREDIR}/$PRODUCT/$f"
fi
done
ln -sf lib.base ${DESTDIR}/usr/share/$PRODUCT/functions
ln -sf lib.base ${DESTDIR}${SHAREDIR}/$PRODUCT/functions
echo "Common functions linked through ${DESTDIR}/usr/share/$PRODUCT/functions"
echo "Common functions linked through ${DESTDIR}${SHAREDIR}/$PRODUCT/functions"
#
# Install Shorecap
#
install_file shorecap ${DESTDIR}${LIBEXEC}/$PRODUCT/shorecap 0755
install_file shorecap ${DESTDIR}${LIBEXECDIR}/$PRODUCT/shorecap 0755
echo
echo "Capability file builder installed in ${DESTDIR}${LIBEXEC}/$PRODUCT/shorecap"
echo "Capability file builder installed in ${DESTDIR}${LIBEXECDIR}/$PRODUCT/shorecap"
#
# Install the Modules files
#
if [ -f modules ]; then
run_install $OWNERSHIP -m 0600 modules ${DESTDIR}/usr/share/$PRODUCT
echo "Modules file installed as ${DESTDIR}/usr/share/$PRODUCT/modules"
run_install $OWNERSHIP -m 0600 modules ${DESTDIR}${SHAREDIR}/$PRODUCT
echo "Modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/modules"
fi
if [ -f helpers ]; then
run_install $OWNERSHIP -m 0600 helpers ${DESTDIR}/usr/share/$PRODUCT
echo "Helper modules file installed as ${DESTDIR}/usr/share/$PRODUCT/helpers"
run_install $OWNERSHIP -m 0600 helpers ${DESTDIR}${SHAREDIR}/$PRODUCT
echo "Helper modules file installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/helpers"
fi
for f in modules.*; do
run_install $OWNERSHIP -m 0644 $f ${DESTDIR}/usr/share/$PRODUCT/$f
echo "Module file $f installed as ${DESTDIR}/usr/share/$PRODUCT/$f"
run_install $OWNERSHIP -m 0644 $f ${DESTDIR}${SHAREDIR}/$PRODUCT/$f
echo "Module file $f installed as ${DESTDIR}${SHAREDIR}/$PRODUCT/$f"
done
#
@ -406,18 +444,18 @@ done
if [ -d manpages ]; then
cd manpages
[ -n "$INSTALLD" ] || mkdir -p ${DESTDIR}/usr/share/man/man5/ ${DESTDIR}/usr/share/man/man8/
[ -n "$INSTALLD" ] || mkdir -p ${DESTDIR}${SHAREDIR}/man/man5/ ${DESTDIR}${SHAREDIR}/man/man8/
for f in *.5; do
gzip -c $f > $f.gz
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}/usr/share/man/man5/$f.gz
echo "Man page $f.gz installed to ${DESTDIR}/usr/share/man/man5/$f.gz"
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${SHAREDIR}/man/man5/$f.gz
echo "Man page $f.gz installed to ${DESTDIR}${SHAREDIR}/man/man5/$f.gz"
done
for f in *.8; do
gzip -c $f > $f.gz
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}/usr/share/man/man8/$f.gz
echo "Man page $f.gz installed to ${DESTDIR}/usr/share/man/man8/$f.gz"
run_install $T $INSTALLD $OWNERSHIP -m 0644 $f.gz ${DESTDIR}${SHAREDIR}/man/man8/$f.gz
echo "Man page $f.gz installed to ${DESTDIR}${SHAREDIR}/man/man8/$f.gz"
done
cd ..
@ -425,73 +463,73 @@ if [ -d manpages ]; then
echo "Man Pages Installed"
fi
if [ -d ${DESTDIR}/etc/logrotate.d ]; then
run_install $OWNERSHIP -m 0644 logrotate ${DESTDIR}/etc/logrotate.d/$PRODUCT
echo "Logrotate file installed as ${DESTDIR}/etc/logrotate.d/$PRODUCT"
if [ -d ${DESTDIR}${CONFDIR}/logrotate.d ]; then
run_install $OWNERSHIP -m 0644 logrotate ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT
echo "Logrotate file installed as ${DESTDIR}${CONFDIR}/logrotate.d/$PRODUCT"
fi
#
# Create the version file
#
echo "$VERSION" > ${DESTDIR}/usr/share/$PRODUCT/version
chmod 644 ${DESTDIR}/usr/share/$PRODUCT/version
echo "$VERSION" > ${DESTDIR}${SHAREDIR}/$PRODUCT/version
chmod 644 ${DESTDIR}${SHAREDIR}/$PRODUCT/version
#
# Remove and create the symbolic link to the init script
#
if [ -z "$DESTDIR" ]; then
rm -f /usr/share/$PRODUCT/init
ln -s ${INITDIR}/${INITFILE} /usr/share/$PRODUCT/init
rm -f ${SHAREDIR}/$PRODUCT/init
ln -s ${INITDIR}/${INITFILE} ${SHAREDIR}/$PRODUCT/init
fi
delete_file ${DESTDIR}/usr/share/$PRODUCT/lib.common
delete_file ${DESTDIR}/usr/share/$PRODUCT/lib.cli
delete_file ${DESTDIR}/usr/share/$PRODUCT/wait4ifup
delete_file ${DESTDIR}${SHAREDIR}/$PRODUCT/lib.common
delete_file ${DESTDIR}${SHAREDIR}/$PRODUCT/lib.cli
delete_file ${DESTDIR}${SHAREDIR}/$PRODUCT/wait4ifup
if [ -z "$DESTDIR" ]; then
touch /var/log/$PRODUCT-init.log
if [ -n "$SYSCONFFILE" -a ! -f ${DESTDIR}${SYSCONFDIR}/${PRODUCT} ]; then
if [ ${DESTDIR} ]; then
mkdir -p ${DESTDIR}${SYSCONFDIR}
chmod 755 ${DESTDIR}${SYSCONFDIR}
fi
if [ -n "$first_install" ]; then
if [ $HOST = debian ]; then
run_install $OWNERSHIP -m 0644 default.debian /etc/default/$PRODUCT
update-rc.d $PRODUCT defaults
if [ -x /sbin/insserv ]; then
insserv /etc/init.d/$PRODUCT
else
ln -s ../init.d/$PRODUCT /etc/rcS.d/S40$PRODUCT
fi
run_install $OWNERSHIP -m 0644 default.debian ${DESTDIR}${SYSCONFDIR}/${PRODUCT}
echo "$SYSCONFFILE installed in ${DESTDIR}${SYSCONFDIR}/${PRODUCT}"
fi
if [ -z "$DESTDIR" -a -n "$first_install" -a -z "${cygwin}${mac}" ]; then
if mywhich update-rc.d ; then
echo "$PRODUCT will start automatically at boot"
echo "Set startup=1 in ${SYSCONFDIR}/$PRODUCT to enable"
touch /var/log/$PRODUCT-init.log
perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' ${CONFDIR}/${PRODUCT}/${PRODUCT}.conf
elif [ -n "$SYSTEMD" ]; then
if systemctl enable $PRODUCT; then
echo "$Product will start automatically at boot"
else
if [ -n "$SYSTEMD" ]; then
if systemctl enable $PRODUCT; then
echo "$Product will start automatically at boot"
fi
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
if insserv /etc/init.d/$PRODUCT ; then
echo "$Product will start automatically at boot"
else
cant_autostart
fi
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
if chkconfig --add $PRODUCT ; then
echo "$Product will start automatically in run levels as follows:"
chkconfig --list $PRODUCT
else
cant_autostart
fi
elif [ -x /sbin/rc-update ]; then
if rc-update add $PRODUCT default; then
echo "$Product will start automatically at boot"
else
cant_autostart
fi
elif [ "$INITFILE" != rc.firewall ]; then #Slackware starts this automatically
cant_autostart
fi
fi
elif mywhich insserv; then
if insserv ${INITDIR}/${INITFILE} ; then
echo "$PRODUCT will start automatically at boot"
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/${PRODUCT}.conf to enable"
else
cant_autostart
fi
elif mywhich chkconfig; then
if chkconfig --add $PRODUCT ; then
echo "$PRODUCT will start automatically in run levels as follows:"
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/${PRODUCT}.conf to enable"
chkconfig --list $PRODUCT
else
cant_autostart
fi
elif mywhich rc-update ; then
if rc-update add $PRODUCT default; then
echo "$PRODUCT will start automatically at boot"
echo "Set STARTUP_ENABLED=Yes in ${CONFDIR}/$PRODUCT/$PRODUCT.conf to enable"
else
cant_autostart
fi
elif [ "$INITFILE" != rc.${PRODUCT} ]; then #Slackware starts this automatically
cant_autostart
fi
fi

View File

@ -27,6 +27,22 @@
################################################################################################
g_program=shorewall-lite
. /usr/share/shorewall/lib.cli
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SHAREDIR=/usr/share
CONFDIR=${CONFDIR}
SBINDIR=/sbin
VARDIR=/var/lib
LIBEXECDIR=/usr/share
fi
g_libexec="$LIBEXECDIR"
g_sharedir="$SHAREDIR"
g_sbindir="$SBINDIR"
g_readrc=1
. $g_sharedir/shorewall/lib.cli
shorewall_cli $@

View File

@ -40,16 +40,25 @@ qt()
"$@" >/dev/null 2>&1
}
restore_file() # $1 = file to restore
{
if [ -f ${1}-shorewall.bkout ]; then
if (mv -f ${1}-shorewall-lite.bkout $1); then
echo
echo "$1 restored"
else
exit 1
fi
fi
split() {
local ifs
ifs=$IFS
IFS=:
set -- $1
echo $*
IFS=$ifs
}
mywhich() {
local dir
for dir in $(split $PATH); do
if [ -x $dir/$1 ]; then
return 0
fi
done
return 2
}
remove_file() # $1 = file to restore
@ -60,8 +69,31 @@ remove_file() # $1 = file to restore
fi
}
if [ -f /usr/share/shorewall-lite/version ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall-lite/version)"
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
else
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc}" ]
if [ -z "$SYSCONFDIR" ]; then
if [ -d /etc/default ]; then
SYSCONFDIR=/etc/default
else
SYSCONFDIR=/etc/sysconfig
fi
fi
[ -n "${SBINDIR:=/sbin}" ]
[ -n "${SHAREDIR:=/usr/share}" ]
[ -n "${VARDIR:=/var/lib}" ]
[ -n "${INITFILE:=shorewall}" ]
[ -n "${INITDIR:=/etc/init.d}" ]
[ -n "${MANDIR:=/usr/share/man}" ]
fi
if [ -f ${SHAREDIR}/shorewall-lite/version ]; then
INSTALLED_VERSION="$(cat ${SHAREDIR}/shorewall-lite/version)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
echo "WARNING: Shorewall Lite Version $INSTALLED_VERSION is installed"
echo " and this is the $VERSION uninstaller."
@ -72,49 +104,40 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
echo "Uninstalling Shorewall Lite $VERSION"
if qt iptables -L shorewall -n && [ ! -f /sbin/shorewall ]; then
/sbin/shorewall-lite clear
if qt iptables -L shorewall -n && [ ! -f ${SBINDIR}/shorewall ]; then
shorewall-lite clear
fi
if [ -L /usr/share/shorewall-lite/init ]; then
FIREWALL=$(readlink -m -q /usr/share/shorewall-lite/init)
else
FIREWALL=/etc/init.d/shorewall-lite
if [ -L ${SHAREDIR}/shorewall-lite/init ]; then
FIREWALL=$(readlink -m -q ${SHAREDIR}/shorewall-lite/init)
elIF [ -n "$INITFILE" ]; then
FIREWALL=${INITDIR}/${INITFILE}
fi
if [ -n "$FIREWALL" ]; then
if [ -x /usr/sbin/updaterc.d ]; then
if [ -f "$FIREWALL" ]; then
if mywhich updaterc.d ; then
updaterc.d shorewall-lite remove
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif if mywhich insserv ; then
insserv -r $FIREWALL
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif [ mywhich chkconfig ; then
chkconfig --del $(basename $FIREWALL)
elif [ -x /sbin/systemctl ]; then
elif mywhich systemctl ; then
systemctl disable shorewall-lite
else
rm -f /etc/rc*.d/*$(basename $FIREWALL)
fi
remove_file $FIREWALL
rm -f ${FIREWALL}-*.bkout
fi
rm -f /sbin/shorewall-lite
rm -f /sbin/shorewall-lite-*.bkout
rm -f ${SBINDIR}/shorewall-lite
rm -rf /etc/shorewall-lite
rm -rf /etc/shorewall-lite-*.bkout
rm -rf /var/lib/shorewall-lite
rm -rf /var/lib/shorewall-lite-*.bkout
rm -rf /usr/share/shorewall-lite
rm -rf ${SBINDIR}/shorewall-lite
rm -rf ${VARDIR}/shorewall-lite
rm -rf ${SHAREDIR}/shorewall-lite
rm -rf ${LIBEXEC}/shorewall-lite
rm -rf /usr/share/shorewall-lite-*.bkout
rm -f /etc/logrotate.d/shorewall-lite
rm -f /lib/systemd/system/shorewall-lite.service
rm -f ${CONFDIR}/logrotate.d/shorewall-lite
[ -n "$SYSTEMD" ] && rm -f ${SYSTEMD}/shorewall-lite.service
echo "Shorewall Lite Uninstalled"

View File

@ -160,15 +160,17 @@ sub generate_script_2() {
emit( 'g_family=4' );
if ( $export ) {
emit ( 'SHAREDIR=/usr/share/shorewall-lite',
'CONFDIR=/etc/shorewall-lite',
emit ( 'SHAREDIR=$SHARDIR/shorewall-lite',
'CONFDIR=$CONFDIR/shorewall-lite',
'VARDIR=$VARDIR/shorewall-lite',
'g_product="Shorewall Lite"',
'g_program=shorewall-lite',
'g_basedir=/usr/share/shorewall-lite',
);
} else {
emit ( 'SHAREDIR=/usr/share/shorewall',
'CONFDIR=/etc/shorewall',
emit ( 'SHAREDIR=$SHARDIR/shorewall',
'CONFDIR=$CONFDIR/shorewall',
'VARDIR=$VARDIR/shorewall',
'g_product=Shorewall',
'g_program=shorewall',
'g_basedir=/usr/share/shorewall',
@ -178,8 +180,9 @@ sub generate_script_2() {
emit( 'g_family=6' );
if ( $export ) {
emit ( 'SHAREDIR=/usr/share/shorewall6-lite',
'CONFDIR=/etc/shorewall6-lite',
emit ( 'SHAREDIR=/$SHARDIR/shorewall6-lite',
'CONFDIR=$CONFDIR/shorewall6-lite',
'VARDIR=$VARDIR/shorewall6-lite',
'g_product="Shorewall6 Lite"',
'g_program=shorewall6-lite',
'g_basedir=/usr/share/shorewall6',
@ -187,6 +190,7 @@ sub generate_script_2() {
} else {
emit ( 'SHAREDIR=/usr/share/shorewall6',
'CONFDIR=/etc/shorewall6',
'VARDIR=$VARDIR/shorewall6',
'g_product=Shorewall6',
'g_program=shorewall6',
'g_basedir=/usr/share/shorewall'

View File

@ -141,6 +141,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
%config
%globals
%config_files
%shorewallrc
@auditoptions
@ -431,7 +432,12 @@ my %converted = ( WIDE_TC_MARKS => 1,
my $omitting;
my @ifstack;
my $ifstack;
#
# From .shorewallrc
#
our %shorewallrc;
sub process_shorewallrc();
#
# Rather than initializing globals in an INIT block or during declaration,
# we initialize them in a function. This is done for two reasons:
@ -472,9 +478,9 @@ sub initialize( $ ) {
#
# Misc Globals
#
%globals = ( SHAREDIRPL => '/usr/share/shorewall/' ,
CONFDIR => '/etc/shorewall', # Run-time configuration directory
CONFIGDIR => '', # Compile-time configuration directory (location of $product.conf)
%globals = ( SHAREDIRPL => '' ,
CONFDIR => '', # Run-time configuration directory
CONFIGDIR => '', # Compile-time configuration directory (location of $product.conf)
LOGPARMS => '',
TC_SCRIPT => '',
EXPORT => 0,
@ -745,15 +751,24 @@ sub initialize( $ ) {
@actparms = ();
%shorewallrc = (
SHAREDIR => '/usr/share/',
CONFDIR => '/etc/',
);
process_shorewallrc;
$globals{SHAREDIRPL} = "$shorewallrc{SHAREDIR}/shorewall/";
if ( $family == F_IPV4 ) {
$globals{SHAREDIR} = '/usr/share/shorewall';
$globals{CONFDIR} = '/etc/shorewall';
$globals{SHAREDIR} = "$shorewallrc{SHAREDIR}/shorewall";
$globals{CONFDIR} = "$shorewallrc{CONFDIR}/shorewall";
$globals{PRODUCT} = 'shorewall';
$config{IPTABLES} = undef;
$validlevels{ULOG} = 'ULOG';
} else {
$globals{SHAREDIR} = '/usr/share/shorewall6';
$globals{CONFDIR} = '/etc/shorewall6';
$globals{SHAREDIR} = "$shorewallrc{SHAREDIR}/shorewall6";
$globals{CONFDIR} = "$shorewallrc{CONFDIR}/shorewall6";
$globals{PRODUCT} = 'shorewall6';
$config{IP6TABLES} = undef;
}
@ -2256,6 +2271,21 @@ sub read_a_line1() {
}
}
sub process_shorewallrc() {
my $home = $ENV{HOME} || `echo ~`;
if ( $home && open_file "$home/.shorewallrc" ) {
while ( read_a_line1 ) {
if ( $currentline =~ /^([a-zA-Z]\w*)=(.*)$/ ) {
my ($var, $val) = ($1, $2);
$shorewallrc{$var} = $val =~ /^\"([^\"]*)\"$/ ? $1 : $val;
} else {
fatal_error "Unrecognized shorewallrc entry";
}
}
}
}
#
# Provide the passed default value for the passed configuration variable
#
@ -3183,7 +3213,7 @@ sub ensure_config_path() {
my $f = "$globals{SHAREDIR}/configpath";
$globals{CONFDIR} = "/usr/share/$product/configfiles/" if $> != 0;
$globals{CONFDIR} = "$shorewallrc{SHAREDIR}/$product/configfiles/" if $> != 0;
unless ( $config{CONFIG_PATH} ) {
fatal_error "$f does not exist" unless -f $f;

View File

@ -1039,7 +1039,7 @@ sub validate_tc_class( ) {
fatal_error "Unknown Parent class ($parentnum)" unless $parentref && $parentref->{occurs} == 1;
fatal_error "The class ($parentnum) specifies UMAX and/or DMAX; it cannot serve as a parent" if $parentref->{dmax};
fatal_error "The class ($parentnum) specifies flow; it cannot serve as a parent" if $parentref->{flow};
fatal_error "The default class ($parentnum) may not have sub-classes" if $devref->{default} == $parentclass;
fatal_error "The default class ($parentnum) may not have sub-classes" if ( $devref->{default} || 0 ) == $parentclass;
$parentref->{leaf} = 0;
$ratemax = $parentref->{rate};
$ratename = q(the parent class's RATE);

View File

@ -33,7 +33,22 @@ else
g_program=shorewall
fi
. /usr/share/shorewall/lib.cli
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SHAREDIR=/usr/share
CONFDIR=${CONFDIR}
SBINDIR=/sbin
VARDIR=/var/lib
LIBEXECDIR=/usr/share
fi
g_libexec="$LIBEXECDIR"
g_sharedir="$SHAREDIR"
g_sbindir="$SBINDIR"
g_readrc=1
. $g_sharedir/shorewall/lib.cli
CONFIG_PATH="$2"

View File

@ -85,6 +85,14 @@ g_noroutes=$NOROUTES
g_timestamp=$TIMESTAMP
g_recovering=$RECOVERING
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
CONFDIR=/etc
SHAREDIR=/usr/share
VARDIR=/var/lib
fi
initialize
if [ -n "$STARTUP_LOG" ]; then

View File

@ -11,7 +11,6 @@
### END INIT INFO
SRWL=/sbin/shorewall
SRWL_OPTS="-tvv"
WAIT_FOR_IFUP=/usr/share/shorewall/wait4ifup
@ -54,10 +53,18 @@ not_configured () {
exit 0
}
#determine where the files were installed
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
SRWL=${SBIN}/shorewall
else
SYSCONFDIR=/etc/default
fi
# check if shorewall is configured or not
if [ -f "/etc/default/shorewall" ]
if [ -f "${SYSCONFDIR}/shorewall" ]
then
. /etc/default/shorewall
. ${SYSCONFDIR}/shorewall
SRWL_OPTS="$SRWL_OPTS $OPTIONS"
if [ "$startup" != "1" ]
then

View File

@ -54,7 +54,7 @@ RCDLINKS="2,S41 3,S41 6,K41"
# Give Usage Information #
################################################################################
usage() {
echo "Usage: $0 start|stop|reload|restart|status"
echo "Usage: $0 start|stop|reload|restart|status" > &2
exit 1
}
@ -62,10 +62,16 @@ usage() {
# Get startup options (override default)
################################################################################
OPTIONS="-v0"
if [ -f /etc/sysconfig/shorewall ]; then
. /etc/sysconfig/shorewall
elif [ -f /etc/default/shorewall ] ; then
. /etc/default/shorewall
if [ ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SBIN=/sbin
SYSCONFDIR=/etc/sysconfig
fi
if [ -f ${SYSCONFDIR}/shorewall ]; then
. ${SYSCONFDIR}/shorewall
fi
export SHOREWALL_INIT_SCRIPT=1
@ -78,13 +84,13 @@ shift
case "$command" in
start)
exec /sbin/shorewall $OPTIONS start $STARTOPTIONS
exec $SBIN/shorewall $OPTIONS start $STARTOPTIONS
;;
restart|reload)
exec /sbin/shorewall $OPTIONS restart $RESTARTOPTIONS
exec $SBIN/shorewall $OPTIONS restart $RESTARTOPTIONS
;;
status|stop)
exec /sbin/shorewall $OPTIONS $command
exec $SBIN/shorewall $OPTIONS $command
;;
*)
usage

File diff suppressed because it is too large Load Diff

View File

@ -1353,11 +1353,13 @@ reload_command() # $* = original arguments less the command.
;;
esac
temp=$(rsh_command /sbin/${g_program}-lite show config 2> /dev/null | grep ^LITEDIR | sed 's/LITEDIR is //')
config=$(rsh_command ${g_program}-lite show config 2> /dev/null)
temp=$(echo $config | grep ^LITEDIR | sed 's/LITEDIR is //')
[ -n "$temp" ] && litedir="$temp"
temp=$(rsh_command /sbin/${g_program}-lite show config 2> /dev/null | grep ^LIBEXEC | sed 's/LIBEXEC is //')
temp=$(echo $config | grep ^LIBEXEC | sed 's/LIBEXEC is //')
if [ -n "$temp" ]; then
case $temp in
@ -1370,6 +1372,14 @@ reload_command() # $* = original arguments less the command.
esac
fi
temp=$(echo $config | grep ^SBINDIR | sed 's/SBINDIR is //')
if [ -n "$temp" ]; then
sbindir="$temp"
else
sbindir=/sbin
fi
if [ -z "$getcaps" ]; then
g_shorewalldir=$(resolve_file $directory)
ensure_config_path
@ -1414,15 +1424,15 @@ reload_command() # $* = original arguments less the command.
progress_message3 "Copy complete"
if [ $COMMAND = reload ]; then
rsh_command "/sbin/${g_program}-lite $g_debugging $verbose $timestamp restart" && \
rsh_command "${sbin}/${g_program}-lite $g_debugging $verbose $timestamp restart" && \
progress_message3 "System $system reloaded" || saveit=
else
rsh_command "/sbin/${g_program}-lite $g_debugging $verbose $timestamp start" && \
rsh_command "${sbin}/${g_program}-lite $g_debugging $verbose $timestamp start" && \
progress_message3 "System $system loaded" || saveit=
fi
if [ -n "$saveit" ]; then
rsh_command "/sbin/${g_program}-lite $g_debugging $verbose $timestamp save" && \
rsh_command "${sbin}/${g_program}-lite $g_debugging $verbose $timestamp save" && \
progress_message3 "Configuration on system $system saved"
fi
fi

View File

@ -27,6 +27,24 @@
################################################################################################
g_program=shorewall
. /usr/share/shorewall/lib.cli
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SHAREDIR=/usr/share
CONFDIR=${CONFDIR}
SBINDIR=/sbin
VARDIR=/var/lib
LIBEXECDIR=/usr/share
PERLLIBDIR=/usr/share/shorewall
fi
g_libexec="$LIBEXECDIR"
g_sharedir="$SHAREDIR"
g_sbindir="$SBINDIR"
g_perllib="$PERLLIBDIR"
g_readrc=1
. $g_sharedir/shorewall/lib.cli
shorewall_cli $@

View File

@ -40,16 +40,25 @@ qt()
"$@" >/dev/null 2>&1
}
restore_file() # $1 = file to restore
{
if [ -f ${1}-shorewall.bkout ]; then
if (mv -f ${1}-shorewall.bkout $1); then
echo
echo "$1 restored"
else
exit 1
fi
fi
split() {
local ifs
ifs=$IFS
IFS=:
set -- $1
echo $*
IFS=$ifs
}
mywhich() {
local dir
for dir in $(split $PATH); do
if [ -x $dir/$1 ]; then
return 0
fi
done
return 2
}
remove_file() # $1 = file to restore
@ -60,8 +69,31 @@ remove_file() # $1 = file to restore
fi
}
if [ -f /usr/share/shorewall/version ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall/version)"
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
else
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc}" ]
if [ -z "$SYSCONFDIR" ]; then
if [ -d /etc/default ]; then
SYSCONFDIR=/etc/default
else
SYSCONFDIR=/etc/sysconfig
fi
fi
[ -n "${SBINDIR:=/sbin}" ]
[ -n "${SHAREDIR:=/usr/share}" ]
[ -n "${VARDIR:=/var/lib}" ]
[ -n "${INITFILE:=shorewall}" ]
[ -n "${INITDIR:=/etc/init.d}" ]
[ -n "${MANDIR:=/usr/share/man}" ]
fi
if [ -f ${SHAREDIR}/shorewall/version ]; then
INSTALLED_VERSION="$(cat ${SHAREDIR}/shorewall/version)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
echo "WARNING: Shorewall Version $INSTALLED_VERSION is installed"
echo " and this is the $VERSION uninstaller."
@ -72,62 +104,54 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
echo "Uninstalling shorewall $VERSION"
if qt iptables -L shorewall -n && [ ! -f /sbin/shorewall-lite ]; then
/sbin/shorewall clear
if qt iptables -L shorewall -n && [ ! -f ${SBINDIR}/shorewall-lite ]; then
shorewall clear
fi
if [ -L /usr/share/shorewall/init ]; then
FIREWALL=$(readlink -m -q /usr/share/shorewall/init)
else
FIREWALL=/etc/init.d/shorewall
if [ -L ${SHAREDIR}/shorewall/init ]; then
FIREWALL=$(readlink -m -q ${SHAREDIR}/shorewall/init)
elif [ -n "$INITFILE" ]; then
FIREWALL=/${INITDIR}/${INITFILE}
fi
if [ -n "$FIREWALL" ]; then
if [ -x /usr/sbin/updaterc.d ]; then
if [ -f "$FIREWALL" ]; then
if mywhich updaterc.d; then
updaterc.d shorewall remove
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif mywhich insserv; then
insserv -r $FIREWALL
elif [ -x /sbin/systemctl ]; then
elif mywhich systemctl; then
systemctl disable shorewall
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif mywhich chkconfig; then
chkconfig --del $(basename $FIREWALL)
else
rm -f /etc/rc*.d/*$(basename $FIREWALL)
fi
remove_file $FIREWALL
rm -f ${FIREWALL}-*.bkout
[ -f "$AUXINITFILE" ] && remove_file ${INITDIR}/{$AUXINITFILE}
fi
rm -f /sbin/shorewall
rm -f /sbin/shorewall-*.bkout
rm -f ${SBINDIR}/shorewall
rm -rf /usr/share/shorewall/version
rm -rf /etc/shorewall
rm -rf /etc/shorewall-*.bkout
rm -rf /var/lib/shorewall
rm -rf /var/lib/shorewall-*.bkout
rm -rf ${SHAREDIR}/shorewall/version
rm -rf ${CONFDIR}/shorewall
rm -rf ${VARDIR}/shorewall
rm -rf ${PERLLIB}/Shorewall/*
rm -rf ${LIBEXEC}/shorewall
rm -rf /usr/share/shorewall/configfiles/
rm -rf /usr/share/shorewall/Samples/
rm -rf /usr/share/shorewall/Shorewall/
rm -f /usr/share/shorewall/lib.cli-std
rm -f /usr/share/shorewall/lib.core
rm -f /usr/share/shorewall/compiler.pl
rm -f /usr/share/shorewall/prog.*
rm -f /usr/share/shorewall/module*
rm -f /usr/share/shorewall/helpers
rm -f /usr/share/shorewall/action*
rm -f /usr/share/shorewall/init
rm -rf /usr/share/shorewall-*.bkout
rm -rf ${SHAREDIR}/shorewall/configfiles/
rm -rf ${SHAREDIR}/shorewall/Samples/
rm -rf ${SHAREDIR}/shorewall/Shorewall/
rm -f ${SHAREDIR}/shorewall/lib.cli-std
rm -f ${SHAREDIR}/shorewall/lib.core
rm -f ${SHAREDIR}/shorewall/compiler.pl
rm -f ${SHAREDIR}/shorewall/prog.*
rm -f ${SHAREDIR}/shorewall/module*
rm -f ${SHAREDIR}/shorewall/helpers
rm -f ${SHAREDIR}/shorewall/action*
rm -f ${SHAREDIR}/shorewall/init
for f in /usr/share/man/man5/shorewall* /usr/share/man/man8/shorewall*; do
for f in ${MANDIR}/man5/shorewall* ${MANDIR}/man8/shorewall*; do
case $f in
shorewall6*|shorewall-lite*)
;;
@ -137,8 +161,10 @@ for f in /usr/share/man/man5/shorewall* /usr/share/man/man8/shorewall*; do
esac
done
rm -f /etc/logrotate.d/shorewall
rm -f /lib/systemd/system/shorewall.service
rm -f ${CONFDIR}/logrotate.d/shorewall
if [ -n "$SYSTEMD" ]; THEN
rm -f ${SYSTEMD}/shorewall.service
echo "Shorewall Uninstalled"

View File

@ -78,6 +78,12 @@ else
not_configured
fi
#determine where the files were installed
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
[ -n "$SBIN" ] && SRWL=${SBIN}/shorewall6-lite
fi
# start the firewall
shorewall6_start () {
echo -n "Starting \"Shorewall6 Lite firewall\": "

View File

@ -61,10 +61,16 @@ usage() {
# Get startup options (override default)
################################################################################
OPTIONS=
if [ -f /etc/sysconfig/shorewall6-lite ]; then
. /etc/sysconfig/shorewall6-lite
elif [ -f /etc/default/shorewall6-lite ] ; then
. /etc/default/shorewall6-lite
if [ ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SBIN=/sbin
SYSCONFDIR=/etc/sysconfig
fi
if [ -f ${SYSCONFDIR}/shorewall6-lite ]; then
. ${SYSCONFDIR}/shorewall6-lite
fi
export SHOREWALL_INIT_SCRIPT=1
@ -76,13 +82,13 @@ command="$1"
case "$command" in
start)
exec /sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS
exec ${SBIN}/shorewall6-lite $OPTIONS start $STARTOPTIONS
;;
restart|reload)
exec /sbin/shorewall6-lite $OPTIONS restart $RESTARTOPTIONS
exec ${SBIN}/shorewall6-lite $OPTIONS restart $RESTARTOPTIONS
;;
status|stop)
exec /sbin/shorewall6-lite $OPTIONS $command $@
exec ${SBIN}/shorewall6-lite $OPTIONS $command $@
;;
*)
usage

View File

@ -40,6 +40,27 @@ qt()
"$@" >/dev/null 2>&1
}
split() {
local ifs
ifs=$IFS
IFS=:
set -- $1
echo $*
IFS=$ifs
}
mywhich() {
local dir
for dir in $(split $PATH); do
if [ -x $dir/$1 ]; then
return 0
fi
done
return 2
}
remove_file() # $1 = file to restore
{
if [ -f $1 -o -L $1 ] ; then
@ -48,8 +69,31 @@ remove_file() # $1 = file to restore
fi
}
if [ -f /usr/share/shorewall6-lite/version ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall6-lite/version)"
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
else
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc}" ]
if [ -z "$SYSCONFDIR" ]; then
if [ -d /etc/default ]; then
SYSCONFDIR=/etc/default
else
SYSCONFDIR=/etc/sysconfig
fi
fi
[ -n "${SBINDIR:=/sbin}" ]
[ -n "${SHAREDIR:=/usr/share}" ]
[ -n "${VARDIR:=/var/lib}" ]
[ -n "${INITFILE:=shorewall}" ]
[ -n "${INITDIR:=/etc/init.d}" ]
[ -n "${MANDIR:=/usr/share/man}" ]
fi
if [ -f ${SHAREDIR}/shorewall6-lite/version ]; then
INSTALLED_VERSION="$(cat ${SHAREDIR}/shorewall6-lite/version)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
echo "WARNING: Shorewall Lite Version $INSTALLED_VERSION is installed"
echo " and this is the $VERSION uninstaller."
@ -60,49 +104,39 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
echo "Uninstalling Shorewall Lite $VERSION"
if qt ip6tables -L shorewall -n && [ ! -f /sbin/shorewall6 ]; then
/sbin/shorewall6-lite clear
if qt ip6tables -L shorewall -n && [ ! -f ${SBINDIR)/shorewall6 ]; then
${SBINDIR}/shorewall6-lite clear
fi
if [ -L /usr/share/shorewall6-lite/init ]; then
FIREWALL=$(readlink -m -q /usr/share/shorewall6-lite/init)
else
FIREWALL=/etc/init.d/shorewall6-lite
if [ -l ${SHAREDIR}/shorewall6-lite/init ]; then
FIREWALL=$(readlink -m -q ${SHAREDIR}/shorewall6-lite/init)
elif [ -n "$INITFILE" ]; then
FIREWALL=${INITDIR}/${INITFILE}
fi
if [ -n "$FIREWALL" ]; then
if [ -x /usr/sbin/updaterc.d ]; then
if [ -f "$FIREWALL" ]; then
if mywhich updaterc.d ; then
updaterc.d shorewall6-lite remove
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif mywhich insserv ; then
insserv -r $FIREWALL
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif mywhich chkconfig ; then
chkconfig --del $(basename $FIREWALL)
elif [ -x /sbin/systemctl ]; then
elif mywhich systemctl ; then
systemctl disable shorewall6-lite
else
rm -f /etc/rc*.d/*$(basename $FIREWALL)
fi
remove_file $FIREWALL
rm -f ${FIREWALL}-*.bkout
fi
rm -f /sbin/shorewall6-lite
rm -f /sbin/shorewall6-lite-*.bkout
rm -rf /etc/shorewall6-lite
rm -rf /etc/shorewall6-lite-*.bkout
rm -rf /var/lib/shorewall6-lite
rm -rf /var/lib/shorewall6-lite-*.bkout
rm -rf /usr/share/shorewall6-lite
rm -f ${SBINDIR}/shorewall6-lite
rm -rf ${CONFDIR}/shorewall6-lite
rm -rf ${VARDIR}/shorewall6-lite
rm -rf ${SHAREDIR}/shorewall6-lite
rm -rf ${LIBEXEC}/shorewall6-lite
rm -rf /usr/share/shorewall6-lite-*.bkout
rm -f /etc/logrotate.d/shorewall6-lite
rm -f /lib/systemd/system/shorewall6-lite.service
rm -f ${CONFDIR}/logrotate.d/shorewall6-lite
[ -n "$SYSTEMD" ] && rm -f ${SYSTEMD}/shorewall6-lite.service
echo "Shorewall6 Lite Uninstalled"

View File

@ -54,10 +54,18 @@ not_configured () {
exit 0
}
#determine where the files were installed
if [ -f ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
[ -n "$SBIN" ] && SRWL=${SBIN}/shorewall6
else
SYSCONFDIR=/etc/default
fi
# check if shorewall is configured or not
if [ -f "/etc/default/shorewall6" ]
if [ -f "${SYSCONFDIR}/shorewall6" ]
then
. /etc/default/shorewall6
. ${SYSCONFDIR}/shorewall6
SRWL_OPTS="$SRWL_OPTS $OPTIONS"
if [ "$startup" != "1" ]
then

View File

@ -62,6 +62,14 @@ usage() {
# Get startup options (override default)
################################################################################
OPTIONS="-v0"
if [ ~/.shorewallrc ]; then
. ~/.shorewallrc || exit 1
else
SBIN=/sbin
SYSCONFDIR=/etc/sysconfig
fi
if [ -f /etc/sysconfig/shorewall6 ]; then
. /etc/sysconfig/shorewall6
elif [ -f /etc/default/shorewall6 ] ; then
@ -77,13 +85,13 @@ command="$1"
case "$command" in
start)
exec /sbin/shorewall6 $OPTIONS start $STARTOPTIONS
exec ${SBIN}/shorewall6 $OPTIONS start $STARTOPTIONS
;;
restart|reload)
exec /sbin/shorewall6 $OPTIONS restart $RESTARTOPTIONS
exec ${SBIN}/shorewall6 $OPTIONS restart $RESTARTOPTIONS
;;
status|stop)
exec /sbin/shorewall6 $OPTIONS $command $@
exec ${SBIN}/shorewall6 $OPTIONS $command $@
;;
*)
usage

View File

@ -40,16 +40,25 @@ qt()
"$@" >/dev/null 2>&1
}
restore_file() # $1 = file to restore
{
if [ -f ${1}-shorewall.bkout ]; then
if (mv -f ${1}-shorewall.bkout $1); then
echo
echo "$1 restored"
else
exit 1
fi
fi
split() {
local ifs
ifs=$IFS
IFS=:
set -- $1
echo $*
IFS=$ifs
}
mywhich() {
local dir
for dir in $(split $PATH); do
if [ -x $dir/$1 ]; then
return 0
fi
done
return 2
}
remove_file() # $1 = file to restore
@ -60,7 +69,30 @@ remove_file() # $1 = file to restore
fi
}
if [ -f /usr/share/shorewall6/version ]; then
if [ -f ~/.shorewallrc ]; then
. ~/shorewallrc || exit 1
else
[ -n "${LIBEXEC:=/usr/share}" ]
[ -n "${PERLLIB:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc}" ]
if [ -z "$SYSCONFDIR" ]; then
if [ -d /etc/default ]; then
SYSCONFDIR=/etc/default
else
SYSCONFDIR=/etc/sysconfig
fi
fi
[ -n "${SBINDIR:=/sbin}" ]
[ -n "${SHAREDIR:=/usr/share}" ]
[ -n "${VARDIR:=/var/lib}" ]
[ -n "${INITFILE:=shorewall}" ]
[ -n "${INITDIR:=/etc/init.d}" ]
[ -n "${MANDIR:=/usr/share/man}" ]
fi
if [ -f ${SHARDIR}/shorewall6/version ]; then
INSTALLED_VERSION="$(cat /usr/share/shorewall6/version)"
if [ "$INSTALLED_VERSION" != "$VERSION" ]; then
echo "WARNING: Shorewall6 Version $INSTALLED_VERSION is installed"
@ -72,49 +104,39 @@ else
VERSION=""
fi
[ -n "${LIBEXEC:=/usr/share}" ]
echo "Uninstalling shorewall6 $VERSION"
if qt ip6tables -L shorewall6 -n && [ ! -f /sbin/shorewall6-lite ]; then
/sbin/shorewall6 clear
if qt ip6tables -L shorewall6 -n && [ ! -f ${SBINDIR}/shorewall6-lite ]; then
${SBINDIR}/shorewall6 clear
fi
if [ -L /usr/share/shorewall6/init ]; then
FIREWALL=$(readlink -m -q /usr/share/shorewall6/init)
else
FIREWALL=/etc/init.d/shorewall6
if [ -L ${SHAREDIR}/shorewall6/init ]; then
FIREWALL=$(readlink -m -q ${SHAREDIR}/shorewall6/init)
elif [ -n "$INITFILE" ]; then
FIREWALL=${INITDIR}/${INITFILE}
fi
if [ -n "$FIREWALL" ]; then
if [ -x /usr/sbin/updaterc.d ]; then
if [ -f "$FIREWALL" ]; then
if mywhich updaterc.d ; then
updaterc.d shorewall6 remove
elif [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
elif mywhich insserv ; then
insserv -r $FIREWALL
elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
elif mywhich chkconfig ; then
chkconfig --del $(basename $FIREWALL)
elif [ -x /sbin/systemctl ]; then
elif mywhich systemctl ; then
systemctl disable shorewall6
else
rm -f /etc/rc*.d/*$(basename $FIREWALL)
fi
remove_file $FIREWALL
rm -f ${FIREWALL}-*.bkout
fi
rm -f /sbin/shorewall6
rm -f /sbin/shorewall6-*.bkout
rm -rf /etc/shorewall6
rm -rf /etc/shorewall6-*.bkout
rm -rf /var/lib/shorewall6
rm -rf /var/lib/shorewall6-*.bkout
rm -f ${SBINDIR}/shorewall6
rm -rf ${CONFDIR}/shorewall6
rm -rf ${VARDIR}/shorewall6
rm -rf ${LIBEXEC}/shorewall6
rm -rf /usr/share/shorewall6
rm -rf /usr/share/shorewall6-*.bkout
rm -rf ${SHAREDIR}/shorewall6
for f in /usr/share/man/man5/shorewall6* /usr/share/man/man8/shorewall6*; do
for f in ${MANDIR}/man5/shorewall6* ${SHAREDIR}/man/man8/shorewall6*; do
case $f in
shorewall6-lite*)
;;
@ -123,8 +145,8 @@ for f in /usr/share/man/man5/shorewall6* /usr/share/man/man8/shorewall6*; do
esac
done
rm -f /etc/logrotate.d/shorewall6
rm -f /lib/systemd/system/shorewall6.service
rm -f ${CONFDIR}/logrotate.d/shorewall6
[ -n "$SYSTEMD" ] && rm -f ${SYSTEMD}/shorewall6.service
echo "Shorewall6 Uninstalled"