Finish implementation of save/restore/forget

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3378 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/compiler

@@ -8497,7 +8497,7 @@ __EOF__
 #
 # Start/Restart/Reload the firewall
 #
-define_firewall() {}
+define_firewall() {
 __EOF__
 
     INDENT="    "
@@ -8593,6 +8593,14 @@ __EOF__
 	append_file $file
     done
 
+    cat >> $OUTPUT << __EOF__
+
+    if [ \$COMMAND = restore ]; then
+	iptables-restore <
+	 \$1
+    fi
+
+__EOF__
     save_command "date > /var/lib/shorewall/restarted"
 
     run_user_exit start
@@ -8605,14 +8613,51 @@ __EOF__
 
     run_user_exit started
 
-    save_command "cp -f \$SCRIPT /var/lib/shorewall/.restore"
+    cat >> $OUTPUT << __EOF__
+
+    cp -f \$(my_pathname) /var/lib/shorewall/.restore
+
+}
+
+#
+# Silently efine Firewall and ignore errors
+#
+restore_firewall()
+{
+    iptables_save_file=/var/lib/shorewall/\$(basename \$0)-iptables
+
+    fatal_error()
+    {
+	echo "   ERROR: \$@" >&2
+    }
+
+    startup_error() # \$@ = Error Message
+    {
+	echo "   ERROR: \$@" >&2
+    }
+
+    run_iptables() { return 0; }
+
+    VERBOSE=-1
+
+    IPTABLES=run_iptables
+
+    if [ -f \$iptables_save_file ]; then
+	{
+	    define_firewall \$iptables_save_file
+	}
+    else
+	fatal_error "\$iptables_save_file does not exist"
+	exit 2
+    fi
+}
+
+__EOF__
 
     if [ $COMMAND = check ]; then
 	echo "Shorewall configuration verified"
     else
 	INDENT=
-	save_command "}"
-	save_command ""
 	cat $(find_file prog.header) $OUTPUT $(find_file prog.footer) > $outfile
 	chmod 700 $outfile
 	progress_message2 "Shorewall configuration compiled to $outfile"

Shorewall/functions

@@ -136,6 +136,14 @@ fix_bang() {
     done
 }
 
+#
+# Echos the fully-qualified name of the calling shell program
+#
+my_pathname() {
+    cd $(dirname $0)
+    echo $PWD/$(basename $0)
+}
+
 #
 # Set default config path
 #

Shorewall/prog.footer

@@ -1,29 +1,3 @@
-#
-# Define Firewall and ignore errors
-#
-restore_firewall()
-{
-    fatal_error()
-    {
-	echo "   ERROR: $@" >&2
-    }
-
-    startup_error() # foo = Error Message
-    {
-	echo "   ERROR: $@" >&2
-    }
-
-    define_firewall
-}
-
-#
-# Returns the fully-qualified name of this script
-#
-current_command() {
-    cd $(dirname $0)
-    echo $PWD/$(basename $0)
-}
-
 #
 # Give Usage Information
 #
@@ -34,8 +8,6 @@ usage() {
 ################################################################################
 # E X E C U T I O N    B E G I N S   H E R E				       #
 ################################################################################
-SCRIPT=$(current_command)
-
 initialize
 
 finished=0

Shorewall/shorewall

@@ -430,7 +430,9 @@ save_config() {
 		    if $IPTABLES -L dynamic -n > /var/lib/shorewall/save; then
 			echo "   Dynamic Rules Saved"
 			if [ -f /var/lib/shorewall/.restore ]; then
+			    if iptables-save | iptablesbug > /var/lib/shorewall/restore-$$; then
 				cp -f /var/lib/shorewall/.restore $RESTOREPATH
+				mv -f /var/lib/shorewall/restore-$$ ${RESTOREPATH}-iptables
 				chmod +x $RESTOREPATH
 				echo "   Currently-running Configuration Saved to $RESTOREPATH"
 
@@ -469,7 +471,11 @@ save_config() {
 					;;
 				esac
 			    else
-			    echo "   ERROR: /var/lib/shorewall/.restoredoes not exist"
+			        rm -f /var/lib/shorewall/restore-$$
+				echo "   ERROR: Currently-running Configuration Not Saved"
+			    fi
+			else
+			    echo "   ERROR: /var/lib/shorewall/.restored oes not exist"
 			fi
 		    else
 		        echo "Error Saving the Dynamic Rules"
@@ -1910,6 +1916,7 @@ case "$COMMAND" in
 	    fi
 
 	    rm -f $RESTOREPATH
+	    rm -f ${RESTOREPATH}-iptables
 	    echo "    $RESTOREPATH removed"
 	elif [ -f $RESTOREPATH ]; then
 	    echo "   $RESTOREPATH exists and is not a saved Shorewall configuration"