From feb0752113e7a67ff57879a1c545623cf4e7f9b2 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 6 Jan 2003 23:01:23 +0000
Subject: [PATCH] Allow shared files to be moved easily

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/changelog.txt    |  2 ++
 Shorewall/firewall         | 50 ++++++++++++++++++++++++------------
 Shorewall/releasenotes.txt |  5 ++++
 Shorewall/shorewall        | 52 ++++++++++++++++++++++++--------------
 Shorewall/shorewall.conf   |  7 +++++
 5 files changed, 81 insertions(+), 35 deletions(-)

diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 247a4854f..0aa6ae5f1 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -6,3 +6,5 @@ Changes since 1.3.12
 
 3. Added CLEAR_TC option.
 
+4. Added SHARED_DIR option.
+
diff --git a/Shorewall/firewall b/Shorewall/firewall
index b008b043d..71a9c82c5 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -70,7 +70,7 @@ list_count() {
 
 #
 # Mutual exclusion -- These functions are jackets for the mutual exclusion
-#		      routines in /usr/lib/shorewall/functions. They invoke
+#		      routines in $FUNCTIONS. They invoke
 #		      the corresponding function in that file if the user did
 #		      not specify "nolock" on the runline.
 #
@@ -4465,6 +4465,10 @@ do_initialize() {
     TCP_FLAGS_LOG_LEVEL=
     RFC1918_LOG_LEVEL=
     MARK_IN_FORWARD_CHAIN=
+    SHARED_DIR=/usr/lib/shorewall
+    FUNCTIONS=
+    VERSION_FILE=
+
     stopping=
     have_mutex=
     masq_seq=1
@@ -4478,31 +4482,36 @@ do_initialize() {
 
     trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9
 
-    functions=/usr/lib/shorewall/functions
-
-    if [ -f $functions ]; then
-	. $functions
+    if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/shorewall.conf ]; then
+	config=$SHOREWALL_DIR/shorewall.conf
     else
-	startup_error "$functions does not exist!"
+	config=/etc/shorewall/shorewall.conf
+    fi
+    
+    if [ -f $config ]; then
+	. $config
+    else
+	echo "$config does not exist!" >&2
+	exit 2
     fi
 
-    version_file=/usr/lib/shorewall/version
 
-    [ -f $version_file ] && version=`cat $version_file`
-    #
-    # Strip the files that we use often
-    #
-    strip_file interfaces
-    strip_file hosts
+    FUNCTIONS=$SHARED_DIR/functions
 
-    run_user_exit shorewall.conf
-    run_user_exit params
+    if [ -f $FUNCTIONS ]; then
+	. $FUNCTIONS
+    else
+	startup_error "$FUNCTIONS does not exist!"
+    fi
+
+    VERSION_FILE=$SHARED_DIR/version
+
+    [ -f $VERSION_FILE ] && version=`cat $VERSION_FILE`
 
     [ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
 
     [ -d $STATEDIR ] || mkdir -p $STATEDIR
 
-
     [ -z "$FW" ] && FW=fw
 
     ALLOWRELATED="`added_param_value_yes ALLOWRELATED $ALLOWRELATED`"
@@ -4582,6 +4591,15 @@ do_initialize() {
     else
 	CLEAR_TC=
     fi
+
+
+    run_user_exit params
+
+    #
+    # Strip the files that we use often
+    #
+    strip_file interfaces
+    strip_file hosts
 }
 
 #
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 2291b2896..f9f09cad3 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -42,3 +42,8 @@ New features include:
    CLEAR_TC=No and do not supply an /etc/shorewall/tcstart file. That
    way, your traffic shaping rules can still use the 'fwmark'
    classifier based on packet marking defined in /etc/shorewall/tcrules.
+
+4. A new SHARED_DIR variable has been added that allows distribution
+   packagers to easily move the shared directory (default
+   /usr/lib/shorewall). Users should never have a need to change the
+   value of this shorewall.conf setting.
diff --git a/Shorewall/shorewall b/Shorewall/shorewall
index 2d82a0e39..8b0e6b04f 100755
--- a/Shorewall/shorewall
+++ b/Shorewall/shorewall
@@ -569,44 +569,58 @@ fi
 
 [ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
 
-functions=/usr/lib/shorewall/functions
+PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
+SHARED_DIR=/usr/lib/shorewall
+MUTEX_TIMEOUT=
 
-if [ -f $functions ]; then
-    . $functions
+if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/shorewall.conf ]; then
+    config=$SHOREWALL_DIR/shorewall.conf
 else
-    echo "$functions does not exist!" >&2
+    config=/etc/shorewall/shorewall.conf
+fi
+
+if [ -f $config ]; then
+    . $config
+else
+    echo "$config does not exist!" >&2
     exit 2
 fi
 
-firewall=/usr/lib/shorewall/firewall
+[ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
 
-if [ ! -f $firewall ]; then
+FIREWALL=$SHARED_DIR/firewall
+FUNCTIONS=$SHARED_DIR/functions
+VERSION_FILE=$SHARED_DIR/version
+
+if [ -f $FUNCTIONS ]; then
+    . $FUNCTIONS
+else
+    echo "$FUNCTIONS does not exist!" >&2
+    exit 2
+fi
+
+if [ ! -f $FIREWALL ]; then
     echo "ERROR: Shorewall is not properly installed"
-    if [ -L $firewall ]; then
-	echo "	     $firewall is a symbolic link to a"
+    if [ -L $FIREWALL ]; then
+	echo "	     $FIREWALL is a symbolic link to a"
 	echo "	     non-existant file"
     else
-	echo "	     The file /usr/lib/shorewall/firewall does not exist"
+	echo "	     The file $FIREWALL  does not exist"
     fi
 
     exit 2
 fi
 
-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
-
-version_file=/usr/lib/shorewall/version
-
-if [ -f $version_file ]; then
-    version=`cat $version_file`
+if [ -f $VERSION_FILE ]; then
+    version=`cat $VERSION_FILE`
 else
     echo "ERROR: Shorewall is not properly installed"
-    echo "	 The file /usr/lib/shorewall/version does not exist"
+    echo "	 The file $VERSION_FILE does not exist"
     exit 1
 fi
 
 banner="Shorewall-$version Status at $HOSTNAME -"
 
-get_statedir
 
 case `echo -e` in
     -e*)
@@ -629,11 +643,11 @@ esac
 case "$1" in
     start|stop|restart|reset|clear|refresh|check)
 	[ $# -ne 1 ] && usage 1
-	exec $firewall $debugging $nolock $1
+	exec $FIREWALL $debugging $nolock $1
 	;;
     add|delete)
 	[ $# -ne 3 ] && usage 1
-	exec $firewall $debugging $nolock $1 $2 $3
+	exec $FIREWALL $debugging $nolock $1 $2 $3
 	;;
     show)
 	[ $# -gt 2 ] && usage 1
diff --git a/Shorewall/shorewall.conf b/Shorewall/shorewall.conf
index f0981141a..ea84b080a 100755
--- a/Shorewall/shorewall.conf
+++ b/Shorewall/shorewall.conf
@@ -9,6 +9,13 @@
 #  (c) 1999,2000,2001,2002 - Tom Eastep (teastep@shorewall.net)
 ##############################################################################
 #
+# You should not have to change the variables in this section -- they are set
+# by the packager of your Shorewall distribution
+#
+SHARED_DIR=/usr/lib/shorewall
+#
+##############################################################################
+#
 # General note about log levels. Log levels are a method of describing 
 # to syslog (8) the importance of a message and a number of parameters
 # in this file have log levels as their value.