Add the LEGACY_RESTART option.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-07-27 09:19:52 -07:00
parent b1d75e53a1
commit fa7248c58c
14 changed files with 86 additions and 18 deletions

View File

@ -855,6 +855,7 @@ sub initialize( $;$$) {
INLINE_MATCHES => undef, INLINE_MATCHES => undef,
BASIC_FILTERS => undef, BASIC_FILTERS => undef,
WORKAROUNDS => undef , WORKAROUNDS => undef ,
LEGACY_RESTART => undef ,
# #
# Packet Disposition # Packet Disposition
# #
@ -5728,6 +5729,7 @@ sub get_configuration( $$$$$ ) {
default_yes_no 'INLINE_MATCHES' , ''; default_yes_no 'INLINE_MATCHES' , '';
default_yes_no 'BASIC_FILTERS' , ''; default_yes_no 'BASIC_FILTERS' , '';
default_yes_no 'WORKAROUNDS' , 'Yes'; default_yes_no 'WORKAROUNDS' , 'Yes';
default_yes_no 'LEGACY_RESTART' , '';
require_capability( 'BASIC_EMATCH', 'BASIC_FILTERS=Yes', 's' ) if $config{BASIC_FILTERS}; require_capability( 'BASIC_EMATCH', 'BASIC_FILTERS=Yes', 's' ) if $config{BASIC_FILTERS};
@ -6272,7 +6274,7 @@ sub generate_aux_config() {
emit "#\n# Shorewall auxiliary configuration file created by Shorewall version $globals{VERSION} - $date\n#"; emit "#\n# Shorewall auxiliary configuration file created by Shorewall version $globals{VERSION} - $date\n#";
for my $option ( qw(VERBOSITY LOGFILE LOGFORMAT ARPTABLES IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL SUBSYSLOCK LOCKFILE RESTOREFILE WORKAROUNDS) ) { for my $option ( qw(VERBOSITY LOGFILE LOGFORMAT ARPTABLES IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL SUBSYSLOCK LOCKFILE RESTOREFILE WORKAROUNDS LEGACY_RESTART) ) {
conditionally_add_option $option; conditionally_add_option $option;
} }

View File

@ -65,6 +65,25 @@ stop_command() {
return 0 return 0
} }
reload_command() {
if product_is_started; then
progress_message3 "Reloading $g_product...."
else
error_message "$g_product is not running"
progress_message3 "Starting $g_product...."
COMMAND=start
fi
detect_configuration
define_firewall
status=$?
if [ -n "$SUBSYSLOCK" ]; then
[ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
fi
[ $status -eq 0 ] && progress_message3 "done."
}
################################################################################ ################################################################################
# E X E C U T I O N B E G I N S H E R E # # E X E C U T I O N B E G I N S H E R E #
################################################################################ ################################################################################
@ -264,26 +283,17 @@ case "$COMMAND" in
;; ;;
reload) reload)
[ $# -ne 1 ] && usage 2 [ $# -ne 1 ] && usage 2
if product_is_started; then reload_command
progress_message3 "Reloading $g_product...."
else
error_message "$g_product is not running"
progress_message3 "Starting $g_product...."
COMMAND=start
fi
detect_configuration
define_firewall
status=$?
if [ -n "$SUBSYSLOCK" ]; then
[ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
fi
[ $status -eq 0 ] && progress_message3 "done."
;; ;;
restart) restart)
[ $# -ne 1 ] && usage 2 [ $# -ne 1 ] && usage 2
if [ -z "$LEGACY_RESTART" ]; then
COMMAND=stop stop_command && COMMAND=start start_command COMMAND=stop stop_command && COMMAND=start start_command
else
COMMAND=reload
reload_command
fi
;; ;;
refresh) refresh)
[ $# -ne 1 ] && usage 2 [ $# -ne 1 ] && usage 2

View File

@ -178,6 +178,8 @@ LOAD_HELPERS_ONLY=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter
MACLIST_TTL= MACLIST_TTL=

View File

@ -189,6 +189,8 @@ LOAD_HELPERS_ONLY=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter
MACLIST_TTL= MACLIST_TTL=

View File

@ -186,6 +186,8 @@ LOAD_HELPERS_ONLY=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter
MACLIST_TTL= MACLIST_TTL=

View File

@ -189,6 +189,8 @@ LOAD_HELPERS_ONLY=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter
MACLIST_TTL= MACLIST_TTL=

View File

@ -176,6 +176,8 @@ KEEP_RT_TABLES=No
LEGACY_FASTSTART=Yes LEGACY_FASTSTART=Yes
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -1291,6 +1291,24 @@ net all DROP info</programlisting>then the chain name is 'net-all'
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">LEGACY_RESTART=</emphasis>{<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
<listitem>
<para>Added in Shorewall 5.0.0. In that release, the <emphasis
role="bold">reload</emphasis> command was redefined to do what
<emphasis role="bold">restart</emphasis> had done in earlier
releases and <emphasis role="bold">restart</emphasis> became a true
restart (equivalent to <emphasis role="bold">stop</emphasis>
followed by <emphasis role="bold">start</emphasis>). When
LEGACY_FASTSTART=Yes, the <emphasis role="bold">restart</emphasis>
command performs the same operation as the reload command making it
compatible with earlier releases. If not specified,
LAGACY_RESTART=No is assumed.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">LOAD_HELPERS_ONLY=</emphasis>{<emphasis <term><emphasis role="bold">LOAD_HELPERS_ONLY=</emphasis>{<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term> role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>

View File

@ -165,6 +165,8 @@ KEEP_RT_TABLES=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -165,6 +165,8 @@ KEEP_RT_TABLES=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -165,6 +165,8 @@ KEEP_RT_TABLES=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -165,6 +165,8 @@ KEEP_RT_TABLES=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -165,6 +165,8 @@ KEEP_RT_TABLES=Yes
LEGACY_FASTSTART=No LEGACY_FASTSTART=No
LEGACY_RESTART=Yes
LOAD_HELPERS_ONLY=Yes LOAD_HELPERS_ONLY=Yes
MACLIST_TABLE=filter MACLIST_TABLE=filter

View File

@ -1142,6 +1142,24 @@ net all DROP info</programlisting>then the chain name is 'net-all'
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><emphasis role="bold">LEGACY_RESTART=</emphasis>{<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
<listitem>
<para>Added in Shorewall 5.0.0. In that release, the <emphasis
role="bold">reload</emphasis> command was redefined to do what
<emphasis role="bold">restart</emphasis> had done in earlier
releases and <emphasis role="bold">restart</emphasis> became a true
restart (equivalent to <emphasis role="bold">stop</emphasis>
followed by <emphasis role="bold">start</emphasis>). When
LEGACY_FASTSTART=Yes, the <emphasis role="bold">restart</emphasis>
command performs the same operation as the reload command making it
compatible with earlier releases. If not specified,
LAGACY_RESTART=No is assumed.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">LOAD_HELPERS_ONLY=</emphasis>{<emphasis <term><emphasis role="bold">LOAD_HELPERS_ONLY=</emphasis>{<emphasis
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term> role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>