diff --git a/Shorewall-init/ifupdown.sh b/Shorewall-init/ifupdown.sh index a9e6dbbe6..d5a1bc8be 100644 --- a/Shorewall-init/ifupdown.sh +++ b/Shorewall-init/ifupdown.sh @@ -68,7 +68,22 @@ elif [ -f /etc/SuSE-release ]; then ;; esac else - exit 0 + # + # Assume RedHat/Fedora/CentOS/Foobar/... + # + IFACE="$1" + + case $0 in + *ifup*) + COMMAND=up + ;; + *ifdown*) + COMMAND=down + ;; + *) + exit 0 + ;; + esac fi for PRODUCT in $PRODUCTS; do diff --git a/Shorewall-init/init.sh b/Shorewall-init/init.sh index 73abfa818..2fadbd208 100755 --- a/Shorewall-init/init.sh +++ b/Shorewall-init/init.sh @@ -63,7 +63,7 @@ shorewall_start () { vardir=/var/lib/$product [ -f /etc/$PRODUCT/vardir ] && . /etc/$PRODUCT/vardir if [ -x ${vardir}/firewall ]; then - ${vardir}/firewall close || notdone + ${vardir}/firewall stop || notdone fi done diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh index d5241e8e8..04efe5fa1 100755 --- a/Shorewall-init/install.sh +++ b/Shorewall-init/install.sh @@ -131,6 +131,7 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin # DEBIAN= SUSE= +REDHAT= case $(uname) in *) @@ -156,9 +157,14 @@ elif [ -f /etc/slackware-version ] ; then DEST="/etc/rc.d" INIT="rc.firewall" elif [ -f /etc/arch-release ] ; then - DEST="/etc/rc.d" - INIT="shorewall-init" - ARCHLINUX=yes + DEST="/etc/rc.d" + INIT="shorewall-init" + ARCHLINUX=yes +else + # + # Assume RedHat + # + REDHAT=Yes fi # @@ -237,6 +243,13 @@ if [ -z "$PREFIX" ]; then if [ -n "$SUSE" ]; then ln -sf /usr/share/shorewall-init/ifupdown /etc/sysconfig/network/if-up.d/shorewall ln -sf /usr/share/shorewall-init/ifupdown /etc/sysconfig/network/if-down.d/shorewall + elif [ -n "$REDHAT" ]; then + if [ -f /sbin/ifup-local -o -f /sbin/ifdown-local ]; then + echo "WARNING: /sbin/ifup-local and/or /sbin/ifdown-local already exist; up/down events will not be handled" + else + ln -s /usr/share/shorewall-init/ifupdown /sbin/ifup-local + ln -s /usr/share/shorewall-init/ifupdown /sbin/ifdown-local + fi fi if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index c9ac9b86b..1cdb1f256 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -1211,9 +1211,13 @@ sub verify_required_interfaces() { } } - $interfaces = find_interfaces_by_option 'required'; + $interfaces = find_interfaces_by_option 'required'; if ( @$interfaces ) { + emit( 'case "$COMMAND" in' ); + push_indent; + emit( 'start|restart|restore|refresh)' ); + push_indent; for my $interface (@$interfaces ) { my $physical = get_physical $interface; @@ -1222,6 +1226,11 @@ sub verify_required_interfaces() { emit qq(fi\n); } + emit( ';;' ); + pop_indent; + pop_indent; + emit( 'esac' ); + $returnvalue = 1; }