diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 4c13325f7..d556e1194 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -124,6 +124,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script set_shorewall_dir set_debug find_file + find_writable_file split_list split_list1 split_list2 @@ -1869,6 +1870,20 @@ sub find_file($) "$config_path[0]$filename"; } +sub find_writable_file($) { + my ( $filename, $nosearch ) = @_; + + return $filename if $filename =~ '/'; + + for my $directory ( @config_path ) { + next if $directory =~ m|^$globals{SHAREDIR}/configfiles/?$| || $directory =~ m|^$shorewallrc{SHAREDIR}/doc/default-config/?$|; + my $file = "$directory$filename"; + return $file if -f $file && -w _; + } + + "$config_path[0]$filename"; +} + # # Split a comma-separated list into a Perl array # @@ -4807,6 +4822,12 @@ sub conditional_quote( $ ) { # # Update the shorewall[6].conf file. Save the current file with a .bak suffix. # +sub update_default($$) { + my ( $var, $val ) = @_; + + $config{$var} = $val unless defined $config{$var}; +} + sub update_config_file( $$ ) { my ( $annotate, $directives ) = @_; @@ -4862,9 +4883,8 @@ sub update_config_file( $$ ) { } } - $config{USE_DEFAULT_RT} = 'No' unless defined $config{USE_DEFAULT_RT}; - - $config{EXPORTMODULES} = 'No' unless defined $config{EXPORTMODULES}; + update_default( 'USE_DEFAULT_RT', 'No' ); + update_default( 'EXPORTMODULES', 'No' ); my $fn; diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm index d6f9f571f..717de54b9 100644 --- a/Shorewall/Perl/Shorewall/Misc.pm +++ b/Shorewall/Perl/Shorewall/Misc.pm @@ -480,7 +480,7 @@ sub convert_blacklist() { } if ( @rules ) { - my $fn1 = find_file( 'blrules' ); + my $fn1 = find_writable_file( 'blrules' ); my $blrules; my $date = localtime; @@ -701,7 +701,7 @@ sub convert_routestopped() { my ( $stoppedrules, $fn1 ); - if ( -f ( $fn1 = find_file( 'stoppedrules' ) ) ) { + if ( -f ( $fn1 = find_writable_file( 'stoppedrules' ) ) ) { open $stoppedrules, '>>', $fn1 or fatal_error "Unable to open $fn1: $!"; } else { open $stoppedrules, '>', $fn1 or fatal_error "Unable to open $fn1: $!"; @@ -723,12 +723,16 @@ sub convert_routestopped() { EOF } - print( $stoppedrules - "#\n" , - "# Rules generated from routestopped file $fn by Shorewall $globals{VERSION} - $date\n" , - "#\n" ); - - first_entry "$doing $fn..."; + first_entry( + sub { + my $date = localtime; + progress_message2 "$doing $fn..."; + print( $stoppedrules + "#\n" , + "# Rules generated from routestopped file $fn by Shorewall $globals{VERSION} - $date\n" , + "#\n" ); + } + ); while ( read_a_line ( NORMAL_READ ) ) { diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm index be1f5e6fc..516c15426 100644 --- a/Shorewall/Perl/Shorewall/Tc.pm +++ b/Shorewall/Perl/Shorewall/Tc.pm @@ -3177,6 +3177,16 @@ sub convert_tos($$) { } if ( my $fn = open_file 'tos' ) { + first_entry + sub { + my $date = localtime; + progress_message2 "Converting $fn..."; + print( $mangle + "#\n" , + "# Rules generated from tos file $fn by Shorewall $globals{VERSION} - $date\n" , + "#\n" ); + }; + while ( read_a_line( NORMAL_READ ) ) { $have_tos = 1; @@ -3243,10 +3253,10 @@ sub convert_tos($$) { sub open_mangle_for_output() { my ( $mangle, $fn1 ); - if ( -f ( find_file( 'mangle' ) ) ) { - open( $mangle , '>>', $fn1 = find_file('mangle') ) || fatal_error "Unable to open $fn1:$!"; + if ( -f ( $fn1 = find_writeable_file( 'mangle' ) ) ) { + open( $mangle , '>>', $fn1 ) || fatal_error "Unable to open $fn1:$!"; } else { - open( $mangle , '>', $fn1 = find_file('mangle') ) || fatal_error "Unable to open $fn1:$!"; + open( $mangle , '>', $fn1 ) || fatal_error "Unable to open $fn1:$!"; print $mangle <<'EOF'; # # Shorewall version 4 - Mangle File @@ -3337,7 +3347,20 @@ sub setup_tc( $ ) { directive_callback( sub () { print $mangle "$_[1]\n" unless $_[0] eq 'FORMAT'; 0; } ); } - first_entry "$doing $fn..."; + + first_entry + sub { + if ( $convert ) { + my $date = localtime; + progress_message2 "Converting $fn..."; + print( $mangle + "#\n" , + "# Rules generated from tcrules file $fn by Shorewall $globals{VERSION} - $date\n" , + "#\n" ); + } else { + progress_message2 "$doing $fn..."; + } + }; process_tc_rule, $have_tcrules++ while read_a_line( NORMAL_READ );