Add extra-quiet mode using -qq

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-01-09 17:11:30 +00:00
parent d1bf397545
commit ee3a9a9456
5 changed files with 166 additions and 125 deletions

View File

@ -3,3 +3,5 @@ Changes in 3.1.0
1) Removal of dynamic zones.
2) Implement 'generate' command.
3) Implement 'super-quiet' mode using multiple -q options (e.g., -qq).

View File

@ -1122,7 +1122,7 @@ determine_hosts() {
eval ${zone}_hosts="\$hosts"
if [ -n "$hosts" ]; then
display_list "$zone Zone:" $hosts
[ $QUIET -lt 2 ] && display_list "$zone Zone:" $hosts
else
error_message "WARNING: Zone $zone is empty"
fi
@ -1393,11 +1393,11 @@ setup_providers()
if [ -s $TMP_DIR/providers ]; then
if [ $COMMAND != check ]; then
echo "Processing $1..."
progress_message2 "Processing $1..."
save_progress_message "Restoring Providers..."
else
echo "Validating $1..."
progress_message2 "Validating $1..."
fi
while read table number mark duplicate interface gateway options copy; do
@ -1547,7 +1547,7 @@ validate_hosts_file() {
done < $TMP_DIR/hosts
[ -n "$ALL_PORTS" ] && echo " Bridge ports are: $ALL_PORTS"
[ -n "$ALL_PORTS" ] && progress_message2 " Bridge ports are: $ALL_PORTS"
}
#
@ -1889,11 +1889,11 @@ setup_forwarding() {
case "$IP_FORWARDING" in
[Oo][Nn])
run_and_save_command "echo 1 > /proc/sys/net/ipv4/ip_forward"
echo "IP Forwarding Enabled"
progress_message2 "IP Forwarding Enabled"
;;
[Oo][Ff][Ff])
run_and_save_command "echo 0 > /proc/sys/net/ipv4/ip_forward"
echo "IP Forwarding Disabled!"
progress_message2 "IP Forwarding Disabled!"
;;
esac
}
@ -2108,7 +2108,7 @@ stop_firewall() {
if [ -x $RESTOREPATH ]; then
if [ -x ${RESTOREPATH}-ipsets ]; then
echo Restoring Ipsets...
progress_message2 Restoring Ipsets...
#
# We must purge iptables to be sure that there are no
# references to ipsets
@ -2245,11 +2245,11 @@ stop_firewall() {
case "$IP_FORWARDING" in
[Oo][Nn])
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "IP Forwarding Enabled"
progress_message2 "IP Forwarding Enabled"
;;
[Oo][Ff][Ff])
echo 0 > /proc/sys/net/ipv4/ip_forward
echo "IP Forwarding Disabled!"
progress_message2 "IP Forwarding Disabled!"
;;
esac
@ -3147,7 +3147,7 @@ setup_ecn() # $1 = file name
strip_file ecn $1
echo "Processing $1..."
progress_message2 "Processing $1..."
while read interface host; do
expandv interface host
@ -3311,7 +3311,7 @@ setup_traffic_shaping()
}
validate_tcdevices_file() {
echo "Validating $devfile..."
progress_message2 "Validating $devfile..."
local device local device inband outband
while read device inband outband; do
expandv device inband outband
@ -3328,7 +3328,7 @@ setup_traffic_shaping()
}
validate_tcclasses_file() {
echo "Validating $classfile..."
progress_message2 "Validating $classfile..."
local classlist device mark rate ceil prio bandw wrongopt allopts opt
allopts=""
while read device mark rate ceil prio options; do
@ -3417,7 +3417,7 @@ setup_traffic_shaping()
if [ $COMMAND != check ]; then
if [ -s $TMP_DIR/tcdevices ]; then
save_progress_message "Restoring Traffic Control..."
echo "Processing $devfile..."
progress_message2 "Processing $devfile..."
while read device inband outband defmark ackmark; do
expandv device inband outband defmark ackmark
@ -3435,7 +3435,7 @@ setup_traffic_shaping()
fi
if [ -s $TMP_DIR/tcclasses ]; then
echo "Processing $classfile..."
progress_message2 "Processing $classfile..."
while read device mark rate ceil prio options; do
expandv device mark rate ceil prio options
@ -3787,7 +3787,7 @@ setup_tc1() {
setup_tc() {
echo "Setting up Traffic Control Rules..."
progress_message2 "Setting up Traffic Control Rules..."
setup_tc1
}
@ -4058,7 +4058,7 @@ process_accounting_rule() {
setup_accounting() # $1 = Name of accounting file
{
echo "Setting up Accounting..."
progress_message2 "Setting up Accounting..."
[ $COMMAND = generate ] && save_progress_message "Restoring Accounting..."
@ -4108,31 +4108,33 @@ check_config() {
startup_error "MACLIST_TTL requires the Recent Match capability which is not present in your Kernel and/or iptables"
fi
echo "Determining Zones..."
progress_message2 "Determining Zones..."
determine_zones
display_list "IPv4_Zones:" $IPV4_ZONES
[ -n "$IPSEC_ZONES" ] && \
display_list "IPSEC Zones:" $IPSEC_ZONES
display_list "Firewall Zone:" $FW
if [ $QUIET -lt 2 ]; then
display_list "IPv4_Zones:" $IPV4_ZONES
[ -n "$IPSEC_ZONES" ] && \
display_list "IPSEC Zones:" $IPSEC_ZONES
display_list "Firewall Zone:" $FW
fi
setup_ipsec
echo "Validating interfaces file..."
progress_message2 "Validating interfaces file..."
validate_interfaces_file
echo "Validating hosts file..."
progress_message2 "Validating hosts file..."
validate_hosts_file
echo "Determining Hosts in Zones..."
progress_message2 "Determining Hosts in Zones..."
determine_interfaces
determine_hosts
echo "Validating policy file..."
progress_message2 "Validating policy file..."
validate_policy
@ -4140,25 +4142,25 @@ check_config() {
validate_blacklist
echo "Validating Proxy ARP"
progress_message2 "Validating Proxy ARP"
strip_file proxyarp
setup_proxy_arp
echo "Validating NAT..."
progress_message2 "Validating NAT..."
strip_file nat
setup_nat
echo "Pre-validating Actions..."
progress_message2 "Pre-validating Actions..."
process_actions1
echo "Validating rules file..."
progress_message2 "Validating rules file..."
rules=$(find_file rules)
strip_file rules $rules
process_rules
echo "Validating Actions..."
progress_message2 "Validating Actions..."
process_actions2
process_actions3
@ -4182,7 +4184,7 @@ check_config() {
#
refresh_tc() {
echo "Refreshing Traffic Control Rules..."
progress_message2 "Refreshing Traffic Control Rules..."
[ -n "$CLEAR_TC" ] && delete_tc1
@ -5021,7 +5023,7 @@ process_actions1() {
eval requiredby_${action}=
if [ -f $fn ]; then
echo " Pre-processing $fn..."
progress_message2 " Pre-processing $fn..."
strip_file $f $fn
while read xtarget xclients xservers xprotocol xports xcports xratelimit $xuserspec; do
expandv xtarget
@ -5278,7 +5280,7 @@ process_actions3() {
#
f=action.$xaction1
echo "Processing $(find_file $f) for Chain $xchain..."
progress_message2 "Processing $(find_file $f) for Chain $xchain..."
while read xtarget xclients xservers xprotocol xports xcports xratelimit xuserspec; do
expandv xtarget
@ -6782,7 +6784,7 @@ process_tos_rule() {
#
process_tos() # $1 = name of tos file
{
echo "Processing $1..."
progress_message2 "Processing $1..."
strip_file tos $1
@ -7367,14 +7369,17 @@ setup_masq()
strip_file masq $1
if [ -n "$NAT_ENABLED" ]; then
echo "Masqueraded Networks and Hosts:"
progress_message2 "Masqueraded Networks and Hosts:"
[ $COMMAND = check ] || save_progress_message "Restoring Masquerading/SNAT..."
fi
while read fullinterface networks addresses proto ports ipsec; do
expandv fullinterface networks addresses proto ports ipsec
[ -n "$NAT_ENABLED" ] && setup_one || \
if [ -n "$NAT_ENABLED" ]; then
setup_one
else
error_message "WARNING: NAT disabled; masq rule ignored"
fi
done < $TMP_DIR/masq
}
@ -7489,7 +7494,7 @@ setup_blacklist() {
local ipsec policy
if [ -n "$hosts" -a -f $f ]; then
echo "Setting up Blacklisting..."
progress_message2 "Setting up Blacklisting..."
[ $COMMAND = restore ] && save_progress_message "Restoring Blacklisting..."
@ -7534,7 +7539,7 @@ refresh_blacklist() {
local disposition=$BLACKLIST_DISPOSITION
if qt $IPTABLES -L blacklst -n ; then
echo "Loading Black List..."
progress_message2 "Loading Black List..."
strip_file blacklist $f
@ -7556,7 +7561,7 @@ validate_blacklist() {
local f=$(find_file blacklist)
local disposition=$BLACKLIST_DISPOSITION
echo "Checking Black List..."
progress_message2 "Checking Black List..."
strip_file blacklist $f
@ -7746,28 +7751,30 @@ initialize_netfilter () {
[ -n "$RFC1918_STRICT" -a -z "$CONNTRACK_MATCH" ] && \
startup_error "RFC1918_STRICT=Yes requires Connection Tracking match"
echo "Determining Zones..."
progress_message2 "Determining Zones..."
determine_zones
display_list "IPv4 Zones:" $IPV4_ZONES
[ -n "$IPSEC_ZONES" ] && \
display_list "IPSEC Zones:" $IPSEC_ZONES
display_list "Firewall Zone:" $FW
if [ $QUIET -lt 2 ]; then
display_list "IPv4 Zones:" $IPV4_ZONES
[ -n "$IPSEC_ZONES" ] && \
display_list "IPSEC Zones:" $IPSEC_ZONES
display_list "Firewall Zone:" $FW
fi
echo "Validating interfaces file..."
progress_message2 "Validating interfaces file..."
validate_interfaces_file
echo "Validating hosts file..."
progress_message2 "Validating hosts file..."
validate_hosts_file
echo "Validating Policy file..."
progress_message2 "Validating Policy file..."
validate_policy
echo "Determining Hosts in Zones..."
progress_message2 "Determining Hosts in Zones..."
determine_interfaces
determine_hosts
@ -7786,7 +7793,7 @@ initialize_netfilter () {
strip_file nat
strip_file netmap
echo "Pre-processing Actions..."
progress_message2 "Pre-processing Actions..."
process_actions1
TERMINATOR=fatal_error
@ -7820,7 +7827,7 @@ initialize_netfilter () {
[ -n "$CLEAR_TC" ] && delete_tc
echo "Deleting user chains..."
progress_message2 "Deleting user chains..."
[ $COMMAND = generate ] && save_progress_message "Deleting user chains..."
@ -7866,7 +7873,7 @@ initialize_netfilter () {
f=$(find_file ipsets)
if [ -f $f ]; then
echo "Processing $f ..."
progress_message2 "Processing $f ..."
save_progress_message "Restoring IPSETS..."
run_and_save_command "ipset -U :all: :all:"
run_and_save_command "run_ipset -F"
@ -7878,7 +7885,7 @@ initialize_netfilter () {
f=$(find_file routestopped)
echo "Processing $f ..."
progress_message2 "Processing $f ..."
strip_file routestopped $f
@ -7911,7 +7918,7 @@ initialize_netfilter () {
createchain smurfs no
if [ -f /var/lib/shorewall/save ]; then
echo "Restoring dynamic rules..."
progress_message2 "Restoring dynamic rules..."
[ $COMMAND = generate ] && save_progress_message "Restoring dynamic rules..."
@ -7930,7 +7937,7 @@ initialize_netfilter () {
[ -n "$BLACKLISTNEWONLY" ] && state="-m state --state NEW,INVALID" || state=
echo "Creating Interface Chains..."
progress_message2 "Creating Interface Chains..."
[ $COMMAND = generate ] && save_progress_message "Creating Interface Chains..."
@ -8015,7 +8022,7 @@ add_common_rules() {
if [ -n "$hosts" ]; then
echo "Adding Anti-smurf Rules"
progress_message2 "Adding Anti-smurf Rules"
[ $COMMAND = generate ] && save_progress_message "Adding Anti-smurf Jumps..."
@ -8038,7 +8045,7 @@ add_common_rules() {
if [ -n "$interfaces" ]; then
echo "Adding rules for DHCP"
progress_message2 "Adding rules for DHCP"
[ $COMMAND = generate ] && save_progress_message "Restoring rules for DHCP..."
@ -8058,7 +8065,7 @@ add_common_rules() {
hosts="$(find_hosts_by_option norfc1918)"
if [ -n "$hosts" ]; then
echo "Enabling RFC1918 Filtering"
progress_message2 "Enabling RFC1918 Filtering"
[ $COMMAND = generate ] && save_progress_message "Restoring RFC1918 Filtering..."
@ -8151,7 +8158,7 @@ add_common_rules() {
hosts=$(find_hosts_by_option tcpflags)
if [ -n "$hosts" ]; then
echo "Setting up TCP Flags checking..."
progress_message2 "Setting up TCP Flags checking..."
[ $COMMAND = generate ] && save_progress_message "Restoring TCP Flags checking..."
@ -8219,7 +8226,7 @@ add_common_rules() {
interfaces1=$(find_interfaces_by_option1 arp_ignore)
if [ -n "${interfaces}${interfaces1}" ]; then
echo "Setting up ARP Filtering..."
progress_message2 "Setting up ARP Filtering..."
for interface in $interfaces; do
file=/proc/sys/net/ipv4/conf/$interface/arp_filter
@ -8248,7 +8255,7 @@ add_common_rules() {
interfaces="$(find_interfaces_by_option routefilter)"
if [ -n "$interfaces" -o -n "$ROUTE_FILTER" ]; then
echo "Setting up Kernel Route Filtering..."
progress_message2 "Setting up Kernel Route Filtering..."
save_progress_message "Restoring Route Filtering..."
@ -8282,7 +8289,7 @@ add_common_rules() {
interfaces="$(find_interfaces_by_option logmartians)"
if [ -n "$interfaces" -o -n "$LOG_MARTIANS" ]; then
echo "Setting up Martian Logging..."
progress_message2 "Setting up Martian Logging..."
save_progress_message "Restoring Martian Logging..."
@ -8319,7 +8326,7 @@ add_common_rules() {
interfaces=$(find_interfaces_by_option sourceroute)
if [ -n "$interfaces" ]; then
echo "Setting up Accept Source Routing..."
progress_message2 "Setting up Accept Source Routing..."
save_progress_message "Restoring Source Routing..."
@ -8340,7 +8347,7 @@ add_common_rules() {
interfaces=$(find_interfaces_by_option upnp)
if [ -n "$interfaces" ]; then
echo "Setting up UPnP..."
progress_message2 "Setting up UPnP..."
[ $COMMAND = generate ] && save_progress_message "Restoring UPnP..."
@ -8739,52 +8746,52 @@ define_firewall() # $1 = Command (Start or Restart)
save_load_kernel_modules
echo "Initializing..."; initialize_netfilter
progress_message2 "Initializing..."; initialize_netfilter
echo "Configuring Proxy ARP"; setup_proxy_arp
progress_message2 "Configuring Proxy ARP"; setup_proxy_arp
#
# [re]-Establish routing
#
setup_providers $(find_file providers)
[ -n "$ROUTEMARK_INTERFACES" ] && setup_routes
[ -n "$ROUTEMARK_INTERFACES" ] && setup_routes
echo "Setting up NAT..."; setup_nat
echo "Setting up NETMAP..."; setup_netmap
echo "Adding Common Rules"; add_common_rules
progress_message2 "Setting up NAT..."; setup_nat
progress_message2 "Setting up NETMAP..."; setup_netmap
progress_message2 "Adding Common Rules"; add_common_rules
setup_syn_flood_chains
setup_ipsec
maclist_hosts=$(find_hosts_by_option maclist)
[ -n "$maclist_hosts" ] && setup_mac_lists
[ -n "$maclist_hosts" ] && setup_mac_lists
echo "Processing $(find_file rules)..."; process_rules
progress_message2 "Processing $(find_file rules)..."; process_rules
tunnels=$(find_file tunnels)
[ -f $tunnels ] && \
echo "Processing $tunnels..." && setup_tunnels $tunnels
progress_message2 "Processing $tunnels..." && setup_tunnels $tunnels
echo "Processing Actions..."; process_actions2
process_actions3
echo "Processing $(find_file policy)..."; apply_policy_rules
progress_message2 "Processing Actions..."; process_actions2
process_actions3
progress_message2 "Processing $(find_file policy)..."; apply_policy_rules
masq=$(find_file masq)
[ -f $masq ] && setup_masq $masq
[ -f $masq ] && setup_masq $masq
tos=$(find_file tos)
[ -f $tos ] && [ -n "$MANGLE_ENABLED" ] && process_tos $tos
[ -f $tos ] && [ -n "$MANGLE_ENABLED" ] && process_tos $tos
ecn=$(find_file ecn)
[ -f $ecn ] && [ -n "$MANGLE_ENABLED" ] && setup_ecn $ecn
[ -f $ecn ] && [ -n "$MANGLE_ENABLED" ] && setup_ecn $ecn
[ -n "$MANGLE_ENABLED" ] && setup_tc
[ -n "$MANGLE_ENABLED" ] && setup_tc
echo "Activating Rules..."; activate_rules
progress_message2 "Activating Rules..."; activate_rules
if [ -n "$ALIASES_TO_ADD" ]; then
echo "Adding IP Addresses..."
progress_message2 "Adding IP Addresses..."
add_ip_aliases
fi
@ -8959,20 +8966,20 @@ compile_firewall() # $1 = File Name
save_load_kernel_modules
echo "Initializing..."
progress_message2 "Initializing..."
save_progress_message "Initializing..."
initialize_netfilter
echo "Compiling Proxy ARP"; setup_proxy_arp
progress_message2 "Compiling Proxy ARP"; setup_proxy_arp
#
# [re]-Establish routing
#
setup_providers $(find_file providers)
[ -n "$ROUTEMARK_INTERFACES" ] && setup_routes
[ -n "$ROUTEMARK_INTERFACES" ] && setup_routes
echo "Compiling NAT..."; setup_nat
echo "Compiling NETMAP..."; setup_netmap
echo "Compiling Common Rules"; add_common_rules
progress_message2 "Compiling NAT..."; setup_nat
progress_message2 "Compiling NETMAP..."; setup_netmap
progress_message2 "Compiling Common Rules"; add_common_rules
save_progress_message "Restoring SYN Flood Protection..."
@ -8989,25 +8996,25 @@ compile_firewall() # $1 = File Name
setup_mac_lists
fi
echo "Compiling $(find_file rules)..."
progress_message2 "Compiling $(find_file rules)..."
save_progress_message "Restoring Rules..."
process_rules
tunnels=$(find_file tunnels)
if [ -f $tunnels ]; then
echo "Compiling $tunnels..."
progress_message2 "Compiling $tunnels..."
save_progress_message "Restoring Tunnels..."
setup_tunnels $tunnels
fi
save_progress_message "Restoring Actions..."
echo "Compiling Actions..."; process_actions2
process_actions3
progress_message2 "Compiling Actions..."; process_actions2
process_actions3
save_progress_message "Applying Policies..."
echo "Compiling $(find_file policy)..."; apply_policy_rules
progress_message2 "Compiling $(find_file policy)..."; apply_policy_rules
masq=$(find_file masq)
if [ -f $masq ]; then
@ -9031,12 +9038,12 @@ compile_firewall() # $1 = File Name
setup_tc
fi
echo "Compiling Rule Activation..."
progress_message2 "Compiling Rule Activation..."
save_progress_message "Activating Rules..."
activate_rules
[ -n "$ALIASES_TO_ADD" ] && \
echo "Adding IP Addresses..." && add_ip_aliases
progress_message2 "Adding IP Addresses..." && add_ip_aliases
for file in chains nat proxyarp zones; do
append_file $file
@ -9046,7 +9053,7 @@ compile_firewall() # $1 = File Name
run_user_exit start
[ -n "$DELAYBLACKLISTLOAD" ] && refresh_blacklist
[ -n "$DELAYBLACKLISTLOAD" ] && refresh_blacklist
createchain shorewall no
@ -9090,7 +9097,7 @@ refresh_firewall()
echo "Refreshing Shorewall..."
echo "Determining Zones and Interfaces..."
progress_message2 "Determining Zones and Interfaces..."
determine_zones
@ -9256,7 +9263,7 @@ do_initialize() {
FUNCTIONS=$SHARED_DIR/functions
if [ -f $FUNCTIONS ]; then
[ -n "$QUIET" ] || echo "Loading $FUNCTIONS..."
[ $QUIET -lt 1 ] && echo "Loading $FUNCTIONS..."
. $FUNCTIONS
else
startup_error "$FUNCTIONS does not exist!"
@ -9281,7 +9288,7 @@ do_initialize() {
if [ -f $config ]; then
if [ -r $config ]; then
[ -n "$QUIET" ] || echo "Processing $config..."
progress_message "Processing $config..."
. $config
else
startup_error "Cannot read $config (Hint: Are you root?)"

View File

@ -59,7 +59,12 @@ list_count() {
#
progress_message() # $* = Message
{
[ -n "$QUIET" ] || echo "$@"
[ $QUIET -lt 1 ] && echo "$@"
}
progress_message2() # $* = Message
{
[ $QUIET -lt 2 ] && echo "$@"
}
#
@ -949,25 +954,28 @@ report_capability() # $1 = Capability Description , $2 Capability Setting (if an
}
report_capabilities() {
echo "Shorewall has detected the following iptables/netfilter capabilities:"
report_capability "NAT" $NAT_ENABLED
report_capability "Packet Mangling" $MANGLE_ENABLED
report_capability "Multi-port Match" $MULTIPORT
[ -n "$MULTIPORT" ] && report_capability "Extended Multi-port Match" $XMULTIPORT
report_capability "Connection Tracking Match" $CONNTRACK_MATCH
report_capability "Packet Type Match" $USEPKTTYPE
if [ $QUIET -lt 2 ]; then
echo "Shorewall has detected the following iptables/netfilter capabilities:"
report_capability "NAT" $NAT_ENABLED
report_capability "Packet Mangling" $MANGLE_ENABLED
report_capability "Multi-port Match" $MULTIPORT
[ -n "$MULTIPORT" ] && report_capability "Extended Multi-port Match" $XMULTIPORT
report_capability "Connection Tracking Match" $CONNTRACK_MATCH
report_capability "Packet Type Match" $USEPKTTYPE
report_capability "Policy Match" $POLICY_MATCH
report_capability "Physdev Match" $PHYSDEV_MATCH
report_capability "IP range Match" $IPRANGE_MATCH
report_capability "Recent Match" $RECENT_MATCH
report_capability "Owner Match" $OWNER_MATCH
report_capability "Ipset Match" $IPSET_MATCH
report_capability "CONNMARK Target" $CONNMARK
report_capability "Connmark Match" $CONNMARK_MATCH
report_capability "Raw Table" $RAW_TABLE
report_capability "CLASSIFY Target" $CLASSIFY_TARGET
report_capability "Extended REJECT" $ENHANCED_REJECT
fi
[ -n "$PKTTYPE" ] || USEPKTTYPE=
report_capability "Policy Match" $POLICY_MATCH
report_capability "Physdev Match" $PHYSDEV_MATCH
report_capability "IP range Match" $IPRANGE_MATCH
report_capability "Recent Match" $RECENT_MATCH
report_capability "Owner Match" $OWNER_MATCH
report_capability "Ipset Match" $IPSET_MATCH
report_capability "CONNMARK Target" $CONNMARK
report_capability "Connmark Match" $CONNMARK_MATCH
report_capability "Raw Table" $RAW_TABLE
report_capability "CLASSIFY Target" $CLASSIFY_TARGET
report_capability "Extended REJECT" $ENHANCED_REJECT
}

View File

@ -120,3 +120,13 @@ New Features:
The time difference from B to C reflects the difference between
"iptables-restore" and multiple executions of "iptables". The system is a
1.4Ghz Celeron with 512MB RAM.
2) You may now repeat the -q option to cause Shorewall to be extra quiet.
Example:
gateway:~ # shorewall -qq reload
Shorewall configuration compiled to /var/lib/shorewall/.reload
Restoring Shorewall...
Shorewall restored from /var/lib/shorewall/.reload
gateway:~ #

View File

@ -582,6 +582,23 @@ heading() {
echo
}
#
# Create the appropriate -q option to pass oneward
#
make_quiet() {
local q=$QUIET
if [ $QUIET -gt 0 ]; then
local option=-
while [ $q -gt 0 ]; do
option="${option}q"
q=$(($q - 1))
done
echo $option
fi
}
#
# Execution begins here
#
@ -600,7 +617,7 @@ if [ $# -gt 0 ] && [ "$1" = "nolock" ]; then
fi
SHOREWALL_DIR=
QUIET=
export QUIET=0
IPT_OPTIONS="-nv"
FAST=
VERBOSE=
@ -640,7 +657,7 @@ while [ $done -eq 0 ]; do
option=${option#x}
;;
q*)
QUIET=Yes
QUIET=$(($QUIET + 1 ))
option=${option#q}
;;
f*)
@ -673,8 +690,6 @@ if [ $# -eq 0 ]; then
fi
[ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
[ -n "$QUIET" ] && export QUIET
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
MUTEX_TIMEOUT=
@ -903,8 +918,7 @@ case "$1" in
export NOROUTES
if $SHOREWALL_SHELL $FIREWALL $debugging $nolock compile .reload; then
[ -n "$QUIET" ] && QUIET=-q
$0 $QUIET restore .reload
$0 $(make_quiet) restore .reload
fi
;;
show|list)
@ -1162,7 +1176,7 @@ case "$1" in
try)
[ -n "$SHOREWALL_DIR" ] && startup_error "ERROR: -c option may not be used with \"try\""
[ $# -lt 2 -o $# -gt 3 ] && usage 1
[ -n "$QUIET" ] && QUIET=-q
[ -n "$QUIET" ] && QUIET=$(make_quiet)
[ -n "$NOROUTES" ] && NOROUTES=-n
if ! $0 $debugging $QUIET -c $2 restart; then
if ! $IPTABLES -L shorewall > /dev/null 2> /dev/null; then
@ -1379,7 +1393,7 @@ case "$1" in
exit 2
fi
[ -n "$QUIET" ] && QUIET=-q
[ -n "$QUIET" ] && QUIET=$(make_quiet)
mutex_on