Add 'shorewall show config' command to display distribution-specific defaults

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-06-17 15:58:48 +00:00
parent 3cd962fc61
commit fb89790044
8 changed files with 255 additions and 185 deletions

View File

@ -205,7 +205,7 @@ save)
;; ;;
show) show)
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|connections|log|macros|mangle|nat|tc|zones] echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|config|connections|log|macros|mangle|nat|tc|zones]
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s). shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
(iptables -L chain -n -v) (iptables -L chain -n -v)
@ -229,6 +229,8 @@ show)
shorewall show capabilities - displays your kernel/iptables capabilities shorewall show capabilities - displays your kernel/iptables capabilities
shorewall show config - displays the default CONFIG_PATH and LITEDIR for your distribution
When -x is given, that option is also passed to iptables to display actual packet and byte counts." When -x is given, that option is also passed to iptables to display actual packet and byte counts."
;; ;;

View File

@ -746,6 +746,11 @@ show_command() {
VERBOSE=2 VERBOSE=2
report_capabilities report_capabilities
;; ;;
config)
. ${SHAREDIR}/configpath
echo "Default CONFIG_PATH is $CONFIG_PATH"
echo "LITEDIR is $LITEDIR"
;;
*) *)
echo "Shorewall Lite $version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)" echo "Shorewall Lite $version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
echo echo
@ -977,7 +982,7 @@ usage() # $1 = exit status
echo " restart [ -n ] [ <directory> ]" echo " restart [ -n ] [ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|capabilities|classifiers|connections|log|mangle|nat|tc|zones]" echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|capabilities|classifiers|config|connections|log|mangle|nat|tc|zones]"
echo " start [ -f ] [ -n ] [ <directory> ]" echo " start [ -f ] [ -n ] [ <directory> ]"
echo " stop" echo " stop"
echo " status" echo " status"

View File

@ -308,7 +308,7 @@ save)
;; ;;
show) show)
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|connections|log|macros|mangle|nat|tc|zones] echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|config|connections|log|macros|mangle|nat|tc|zones]
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s). shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
(iptables -L chain -n -v) (iptables -L chain -n -v)
@ -336,6 +336,8 @@ show)
shorewall show capabilities - displays your kernel/iptables capabilities shorewall show capabilities - displays your kernel/iptables capabilities
shorewall show config - displays the default CONFIG_PATH and LITEDIR for your distribution
When -x is given, that option is also passed to iptables to display actual packet and byte counts." When -x is given, that option is also passed to iptables to display actual packet and byte counts."
;; ;;

View File

@ -976,6 +976,11 @@ show_command() {
fi fi
done done
;; ;;
config)
. ${SHAREDIR}/configpath
echo "Default CONFIG_PATH is $CONFIG_PATH"
echo "LITEDIR is $LITEDIR"
;;
*) *)
echo "Shorewall-$version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)" echo "Shorewall-$version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
echo echo
@ -1347,7 +1352,7 @@ usage() # $1 = exit status
echo " restart [ -n ] [ <directory> ]" echo " restart [ -n ] [ <directory> ]"
echo " restore [ -n ] [ <file name> ]" echo " restore [ -n ] [ <file name> ]"
echo " save [ <file name> ]" echo " save [ <file name> ]"
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]" echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|log|macros|mangle|nat|tc|zones]"
echo " start [ -f ] [ -n ] [ <directory> ]" echo " start [ -f ] [ -n ] [ <directory> ]"
echo " stop" echo " stop"
echo " status" echo " status"

View File

@ -339,7 +339,8 @@ MODULESDIR=
# to the front of this list. # to the front of this list.
# #
# If not specified or specified as null ("CONFIG_PATH=""), # If not specified or specified as null ("CONFIG_PATH=""),
# CONFIG_PATH=/etc/shorewall:/usr/share/shorewall is assumed. # the default is distribution-defined. See the output of "shorewall show
# config" to find the default value on your distribution.
# #
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall CONFIG_PATH=/etc/shorewall:/usr/share/shorewall

View File

@ -247,9 +247,16 @@
class="directory">/var/lib/shorewall-lite</filename> in packages class="directory">/var/lib/shorewall-lite</filename> in packages
from shorewall.net. The package maintainers for the various from shorewall.net. The package maintainers for the various
distributions are free to choose the directory where the script distributions are free to choose the directory where the script
will be stored under their distribution. You can look in your will be stored under their distribution. See the output of
/usr/share/shorewall/configpath file to see what your <command>shorewall[-lite] show config</command> for the value of
distribution defines for the value of LITEDIR.</para> LITEDIR on your distribution.</para>
<para>Example:</para>
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
LITEDIR is /var/lib/shorewall-lite
gateway:~ #</programlisting>
</note> </note>
</listitem> </listitem>
</orderedlist> </orderedlist>
@ -398,6 +405,23 @@
<programlisting><command>cd &lt;configuration directory&gt;</command> <programlisting><command>cd &lt;configuration directory&gt;</command>
<command>/sbin/shorewall compile -e . firewall</command> <command>/sbin/shorewall compile -e . firewall</command>
<command>scp firewall root@&lt;firewall system&gt;:/var/lib/shorewall-lite/</command></programlisting> <command>scp firewall root@&lt;firewall system&gt;:/var/lib/shorewall-lite/</command></programlisting>
<note>
<para>The 'firewall' script is in <filename
class="directory">/var/lib/shorewall-lite</filename> in packages
from shorewall.net. The package maintainers for the various
distributions are free to choose the directory where the script
will be stored under their distribution. See the output of
<command>shorewall[-lite] show config</command> for the value of
LITEDIR on your distribution.</para>
<para>Example:</para>
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
LITEDIR is /var/lib/shorewall-lite
gateway:~ #</programlisting>
</note>
</listitem> </listitem>
<listitem> <listitem>
@ -433,10 +457,13 @@
<programlisting>teastep@wookie:~$ <command>cd Configs/gateway</command> <programlisting>teastep@wookie:~$ <command>cd Configs/gateway</command>
teastep@wookie:~/Configs/gateway$ <command>/sbin/shorewall reload gateway</command> teastep@wookie:~/Configs/gateway$ <command>/sbin/shorewall reload gateway</command>
Compiling... Compiling...
Shorewall configuration compiled to firewall Shorewall configuration compiled to ./firewall
firewall 100% 29KB 29.3KB/s 00:00 Copying ./firewall to gateway:/var/lib/shorewall-lite...
firewall 100% 67KB 66.7KB/s 00:00
Copy complete
Restarting Shorewall Lite.... Restarting Shorewall Lite....
done. done.
System gateway reloaded
teastep@wookie:~/Configs/gateway$</programlisting> teastep@wookie:~/Configs/gateway$</programlisting>
</blockquote> </blockquote>

View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2006-06-12</pubdate> <pubdate>2006-06-17</pubdate>
<copyright> <copyright>
<year>2001-2006</year> <year>2001-2006</year>
@ -3058,8 +3058,9 @@ $FW chld ACCEPT</programlisting>
<filename>/usr/share/shorewall/configpath</filename> are used. As <filename>/usr/share/shorewall/configpath</filename> are used. As
released from shorewall.net, that file sets the CONFIG_PATH to released from shorewall.net, that file sets the CONFIG_PATH to
<emphasis role="bold">/etc/shorewall:/usr/share/shorewall <emphasis role="bold">/etc/shorewall:/usr/share/shorewall
</emphasis>but your particular distribution may set it </emphasis>but your particular distribution may set it differently.
differently.</para> See the output of <command>shorewall show config</command> for the
default on your system.</para>
<para>Note that the setting in <para>Note that the setting in
<filename>/usr/share/shorewall/configpath</filename> is always used <filename>/usr/share/shorewall/configpath</filename> is always used

View File

@ -166,6 +166,23 @@
firewall program. The program is generated using the firewall program. The program is generated using the
<command>shorewall compile -e</command> command on a system with the <command>shorewall compile -e</command> command on a system with the
full Shorewall product installed.</para> full Shorewall product installed.</para>
<note>
<para>The 'firewall' script is in <filename
class="directory">/var/lib/shorewall-lite</filename> in packages
from shorewall.net. The package maintainers for the various
distributions are free to choose the directory where the script will
be stored under their distribution. See the output of
<command>shorewall[-lite] show config</command> for the value of
LITEDIR on your distribution.</para>
<para>Example:</para>
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
LITEDIR is /var/lib/shorewall-lite
gateway:~ #</programlisting>
</note>
</listitem> </listitem>
<listitem> <listitem>
@ -982,9 +999,16 @@
class="directory">/var/lib/shorewall-lite</filename> in packages class="directory">/var/lib/shorewall-lite</filename> in packages
from shorewall.net. The package maintainers for the various from shorewall.net. The package maintainers for the various
distributions are free to choose the directory where the script distributions are free to choose the directory where the script
will be stored under their distribution. You can look in your will be stored under their distribution. See the output of
/usr/share/shorewall/configpath file to see what your distribution <command>shorewall[-lite] show config</command> for the value of
defines for the value of LITEDIR.</para> LITEDIR on your distribution.</para>
<para>Example:</para>
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
LITEDIR is /var/lib/shorewall-lite
gateway:~ #</programlisting>
</note> </note>
<para>Example: <command>shorewall reload gateway</command></para> <para>Example: <command>shorewall reload gateway</command></para>
@ -1128,6 +1152,9 @@
displays information about the traffic control/shaping displays information about the traffic control/shaping
classifiers.</para> classifiers.</para>
<para><command>shorewall[-lite] show config</command> - displays the
default CONFIG_PATH and LITEDIR for your distribution.</para>
<para><command>shorewall [ -x ] show macros (Not supported by <para><command>shorewall [ -x ] show macros (Not supported by
Shorewall Lite)</command> — produces a list of macros available on Shorewall Lite)</command> — produces a list of macros available on
the system.</para> the system.</para>