mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Add 'shorewall show config' command to display distribution-specific defaults
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
3cd962fc61
commit
fb89790044
@ -205,7 +205,7 @@ save)
|
|||||||
;;
|
;;
|
||||||
|
|
||||||
show)
|
show)
|
||||||
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|connections|log|macros|mangle|nat|tc|zones]
|
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|config|connections|log|macros|mangle|nat|tc|zones]
|
||||||
|
|
||||||
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
|
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
|
||||||
(iptables -L chain -n -v)
|
(iptables -L chain -n -v)
|
||||||
@ -229,6 +229,8 @@ show)
|
|||||||
|
|
||||||
shorewall show capabilities - displays your kernel/iptables capabilities
|
shorewall show capabilities - displays your kernel/iptables capabilities
|
||||||
|
|
||||||
|
shorewall show config - displays the default CONFIG_PATH and LITEDIR for your distribution
|
||||||
|
|
||||||
When -x is given, that option is also passed to iptables to display actual packet and byte counts."
|
When -x is given, that option is also passed to iptables to display actual packet and byte counts."
|
||||||
;;
|
;;
|
||||||
|
|
||||||
|
@ -746,6 +746,11 @@ show_command() {
|
|||||||
VERBOSE=2
|
VERBOSE=2
|
||||||
report_capabilities
|
report_capabilities
|
||||||
;;
|
;;
|
||||||
|
config)
|
||||||
|
. ${SHAREDIR}/configpath
|
||||||
|
echo "Default CONFIG_PATH is $CONFIG_PATH"
|
||||||
|
echo "LITEDIR is $LITEDIR"
|
||||||
|
;;
|
||||||
*)
|
*)
|
||||||
echo "Shorewall Lite $version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
|
echo "Shorewall Lite $version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
|
||||||
echo
|
echo
|
||||||
@ -977,7 +982,7 @@ usage() # $1 = exit status
|
|||||||
echo " restart [ -n ] [ <directory> ]"
|
echo " restart [ -n ] [ <directory> ]"
|
||||||
echo " restore [ -n ] [ <file name> ]"
|
echo " restore [ -n ] [ <file name> ]"
|
||||||
echo " save [ <file name> ]"
|
echo " save [ <file name> ]"
|
||||||
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|capabilities|classifiers|connections|log|mangle|nat|tc|zones]"
|
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|capabilities|classifiers|config|connections|log|mangle|nat|tc|zones]"
|
||||||
echo " start [ -f ] [ -n ] [ <directory> ]"
|
echo " start [ -f ] [ -n ] [ <directory> ]"
|
||||||
echo " stop"
|
echo " stop"
|
||||||
echo " status"
|
echo " status"
|
||||||
|
@ -308,7 +308,7 @@ save)
|
|||||||
;;
|
;;
|
||||||
|
|
||||||
show)
|
show)
|
||||||
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|connections|log|macros|mangle|nat|tc|zones]
|
echo "show: show [ <chain> [ <chain> ...] |actions|classifiers|config|connections|log|macros|mangle|nat|tc|zones]
|
||||||
|
|
||||||
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
|
shorewall [-x] show <chain> [ <chain> ... ] - produce a verbose report about the IPtable chain(s).
|
||||||
(iptables -L chain -n -v)
|
(iptables -L chain -n -v)
|
||||||
@ -336,6 +336,8 @@ show)
|
|||||||
|
|
||||||
shorewall show capabilities - displays your kernel/iptables capabilities
|
shorewall show capabilities - displays your kernel/iptables capabilities
|
||||||
|
|
||||||
|
shorewall show config - displays the default CONFIG_PATH and LITEDIR for your distribution
|
||||||
|
|
||||||
When -x is given, that option is also passed to iptables to display actual packet and byte counts."
|
When -x is given, that option is also passed to iptables to display actual packet and byte counts."
|
||||||
;;
|
;;
|
||||||
|
|
||||||
|
@ -976,6 +976,11 @@ show_command() {
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
;;
|
;;
|
||||||
|
config)
|
||||||
|
. ${SHAREDIR}/configpath
|
||||||
|
echo "Default CONFIG_PATH is $CONFIG_PATH"
|
||||||
|
echo "LITEDIR is $LITEDIR"
|
||||||
|
;;
|
||||||
*)
|
*)
|
||||||
echo "Shorewall-$version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
|
echo "Shorewall-$version $([ $# -gt 0 ] && echo Chains || echo Chain) $* at $HOSTNAME - $(date)"
|
||||||
echo
|
echo
|
||||||
@ -1347,7 +1352,7 @@ usage() # $1 = exit status
|
|||||||
echo " restart [ -n ] [ <directory> ]"
|
echo " restart [ -n ] [ <directory> ]"
|
||||||
echo " restore [ -n ] [ <file name> ]"
|
echo " restore [ -n ] [ <file name> ]"
|
||||||
echo " save [ <file name> ]"
|
echo " save [ <file name> ]"
|
||||||
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|connections|log|macros|mangle|nat|tc|zones]"
|
echo " show [ -x ] [ -m ] [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|log|macros|mangle|nat|tc|zones]"
|
||||||
echo " start [ -f ] [ -n ] [ <directory> ]"
|
echo " start [ -f ] [ -n ] [ <directory> ]"
|
||||||
echo " stop"
|
echo " stop"
|
||||||
echo " status"
|
echo " status"
|
||||||
|
@ -339,7 +339,8 @@ MODULESDIR=
|
|||||||
# to the front of this list.
|
# to the front of this list.
|
||||||
#
|
#
|
||||||
# If not specified or specified as null ("CONFIG_PATH=""),
|
# If not specified or specified as null ("CONFIG_PATH=""),
|
||||||
# CONFIG_PATH=/etc/shorewall:/usr/share/shorewall is assumed.
|
# the default is distribution-defined. See the output of "shorewall show
|
||||||
|
# config" to find the default value on your distribution.
|
||||||
#
|
#
|
||||||
|
|
||||||
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
|
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
|
||||||
|
@ -247,9 +247,16 @@
|
|||||||
class="directory">/var/lib/shorewall-lite</filename> in packages
|
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||||
from shorewall.net. The package maintainers for the various
|
from shorewall.net. The package maintainers for the various
|
||||||
distributions are free to choose the directory where the script
|
distributions are free to choose the directory where the script
|
||||||
will be stored under their distribution. You can look in your
|
will be stored under their distribution. See the output of
|
||||||
/usr/share/shorewall/configpath file to see what your
|
<command>shorewall[-lite] show config</command> for the value of
|
||||||
distribution defines for the value of LITEDIR.</para>
|
LITEDIR on your distribution.</para>
|
||||||
|
|
||||||
|
<para>Example:</para>
|
||||||
|
|
||||||
|
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
|
||||||
|
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
|
||||||
|
LITEDIR is /var/lib/shorewall-lite
|
||||||
|
gateway:~ #</programlisting>
|
||||||
</note>
|
</note>
|
||||||
</listitem>
|
</listitem>
|
||||||
</orderedlist>
|
</orderedlist>
|
||||||
@ -398,6 +405,23 @@
|
|||||||
<programlisting><command>cd <configuration directory></command>
|
<programlisting><command>cd <configuration directory></command>
|
||||||
<command>/sbin/shorewall compile -e . firewall</command>
|
<command>/sbin/shorewall compile -e . firewall</command>
|
||||||
<command>scp firewall root@<firewall system>:/var/lib/shorewall-lite/</command></programlisting>
|
<command>scp firewall root@<firewall system>:/var/lib/shorewall-lite/</command></programlisting>
|
||||||
|
|
||||||
|
<note>
|
||||||
|
<para>The 'firewall' script is in <filename
|
||||||
|
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||||
|
from shorewall.net. The package maintainers for the various
|
||||||
|
distributions are free to choose the directory where the script
|
||||||
|
will be stored under their distribution. See the output of
|
||||||
|
<command>shorewall[-lite] show config</command> for the value of
|
||||||
|
LITEDIR on your distribution.</para>
|
||||||
|
|
||||||
|
<para>Example:</para>
|
||||||
|
|
||||||
|
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
|
||||||
|
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
|
||||||
|
LITEDIR is /var/lib/shorewall-lite
|
||||||
|
gateway:~ #</programlisting>
|
||||||
|
</note>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
@ -433,10 +457,13 @@
|
|||||||
<programlisting>teastep@wookie:~$ <command>cd Configs/gateway</command>
|
<programlisting>teastep@wookie:~$ <command>cd Configs/gateway</command>
|
||||||
teastep@wookie:~/Configs/gateway$ <command>/sbin/shorewall reload gateway</command>
|
teastep@wookie:~/Configs/gateway$ <command>/sbin/shorewall reload gateway</command>
|
||||||
Compiling...
|
Compiling...
|
||||||
Shorewall configuration compiled to firewall
|
Shorewall configuration compiled to ./firewall
|
||||||
firewall 100% 29KB 29.3KB/s 00:00
|
Copying ./firewall to gateway:/var/lib/shorewall-lite...
|
||||||
|
firewall 100% 67KB 66.7KB/s 00:00
|
||||||
|
Copy complete
|
||||||
Restarting Shorewall Lite....
|
Restarting Shorewall Lite....
|
||||||
done.
|
done.
|
||||||
|
System gateway reloaded
|
||||||
teastep@wookie:~/Configs/gateway$</programlisting>
|
teastep@wookie:~/Configs/gateway$</programlisting>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
</author>
|
</author>
|
||||||
</authorgroup>
|
</authorgroup>
|
||||||
|
|
||||||
<pubdate>2006-06-12</pubdate>
|
<pubdate>2006-06-17</pubdate>
|
||||||
|
|
||||||
<copyright>
|
<copyright>
|
||||||
<year>2001-2006</year>
|
<year>2001-2006</year>
|
||||||
@ -3058,8 +3058,9 @@ $FW chld ACCEPT</programlisting>
|
|||||||
<filename>/usr/share/shorewall/configpath</filename> are used. As
|
<filename>/usr/share/shorewall/configpath</filename> are used. As
|
||||||
released from shorewall.net, that file sets the CONFIG_PATH to
|
released from shorewall.net, that file sets the CONFIG_PATH to
|
||||||
<emphasis role="bold">/etc/shorewall:/usr/share/shorewall
|
<emphasis role="bold">/etc/shorewall:/usr/share/shorewall
|
||||||
</emphasis>but your particular distribution may set it
|
</emphasis>but your particular distribution may set it differently.
|
||||||
differently.</para>
|
See the output of <command>shorewall show config</command> for the
|
||||||
|
default on your system.</para>
|
||||||
|
|
||||||
<para>Note that the setting in
|
<para>Note that the setting in
|
||||||
<filename>/usr/share/shorewall/configpath</filename> is always used
|
<filename>/usr/share/shorewall/configpath</filename> is always used
|
||||||
|
@ -166,6 +166,23 @@
|
|||||||
firewall program. The program is generated using the
|
firewall program. The program is generated using the
|
||||||
<command>shorewall compile -e</command> command on a system with the
|
<command>shorewall compile -e</command> command on a system with the
|
||||||
full Shorewall product installed.</para>
|
full Shorewall product installed.</para>
|
||||||
|
|
||||||
|
<note>
|
||||||
|
<para>The 'firewall' script is in <filename
|
||||||
|
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||||
|
from shorewall.net. The package maintainers for the various
|
||||||
|
distributions are free to choose the directory where the script will
|
||||||
|
be stored under their distribution. See the output of
|
||||||
|
<command>shorewall[-lite] show config</command> for the value of
|
||||||
|
LITEDIR on your distribution.</para>
|
||||||
|
|
||||||
|
<para>Example:</para>
|
||||||
|
|
||||||
|
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
|
||||||
|
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
|
||||||
|
LITEDIR is /var/lib/shorewall-lite
|
||||||
|
gateway:~ #</programlisting>
|
||||||
|
</note>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
@ -982,9 +999,16 @@
|
|||||||
class="directory">/var/lib/shorewall-lite</filename> in packages
|
class="directory">/var/lib/shorewall-lite</filename> in packages
|
||||||
from shorewall.net. The package maintainers for the various
|
from shorewall.net. The package maintainers for the various
|
||||||
distributions are free to choose the directory where the script
|
distributions are free to choose the directory where the script
|
||||||
will be stored under their distribution. You can look in your
|
will be stored under their distribution. See the output of
|
||||||
/usr/share/shorewall/configpath file to see what your distribution
|
<command>shorewall[-lite] show config</command> for the value of
|
||||||
defines for the value of LITEDIR.</para>
|
LITEDIR on your distribution.</para>
|
||||||
|
|
||||||
|
<para>Example:</para>
|
||||||
|
|
||||||
|
<programlisting>gateway:~ # <command>shorewall-lite show config</command>
|
||||||
|
Default CONFIG_PATH is /etc/shorewall-lite:/usr/share/shorewall-lite
|
||||||
|
LITEDIR is /var/lib/shorewall-lite
|
||||||
|
gateway:~ #</programlisting>
|
||||||
</note>
|
</note>
|
||||||
|
|
||||||
<para>Example: <command>shorewall reload gateway</command></para>
|
<para>Example: <command>shorewall reload gateway</command></para>
|
||||||
@ -1128,6 +1152,9 @@
|
|||||||
displays information about the traffic control/shaping
|
displays information about the traffic control/shaping
|
||||||
classifiers.</para>
|
classifiers.</para>
|
||||||
|
|
||||||
|
<para><command>shorewall[-lite] show config</command> - displays the
|
||||||
|
default CONFIG_PATH and LITEDIR for your distribution.</para>
|
||||||
|
|
||||||
<para><command>shorewall [ -x ] show macros (Not supported by
|
<para><command>shorewall [ -x ] show macros (Not supported by
|
||||||
Shorewall Lite)</command> — produces a list of macros available on
|
Shorewall Lite)</command> — produces a list of macros available on
|
||||||
the system.</para>
|
the system.</para>
|
||||||
|
Loading…
Reference in New Issue
Block a user