2006-01-25 05:50:05 +01:00
|
|
|
#
|
|
|
|
# Give Usage Information
|
|
|
|
#
|
2006-01-18 00:27:54 +01:00
|
|
|
usage() {
|
2006-08-09 18:19:19 +02:00
|
|
|
echo "Usage: $0 [ -q ] [ -v ] [ -n ] [ start|stop|clear|reset|restart|status|version ]"
|
2006-01-18 16:07:08 +01:00
|
|
|
exit $1
|
2006-01-18 00:27:54 +01:00
|
|
|
}
|
|
|
|
################################################################################
|
|
|
|
# E X E C U T I O N B E G I N S H E R E #
|
|
|
|
################################################################################
|
|
|
|
initialize
|
|
|
|
|
2006-05-27 05:36:12 +02:00
|
|
|
#
|
2006-08-22 18:25:16 +02:00
|
|
|
# Start trace if first arg is "debug" or "trace" (the awkward code works around
|
|
|
|
# a bug in BusyBox ash on some distros).
|
2006-05-27 05:36:12 +02:00
|
|
|
#
|
2006-08-22 18:25:16 +02:00
|
|
|
if [ $# -gt 1 ]; then
|
|
|
|
if [ "$1" = "debug" ] || [ "$1" = "trace" ]; then
|
|
|
|
set -x
|
|
|
|
shift
|
|
|
|
fi
|
|
|
|
fi
|
2006-05-27 05:36:12 +02:00
|
|
|
|
2006-01-18 01:29:19 +01:00
|
|
|
finished=0
|
|
|
|
|
2006-01-18 16:07:08 +01:00
|
|
|
while [ $finished -eq 0 -a $# -gt 0 ]; do
|
2006-01-18 01:29:19 +01:00
|
|
|
option=$1
|
|
|
|
case $option in
|
|
|
|
-*)
|
|
|
|
option=${option#-}
|
|
|
|
|
|
|
|
[ -z "$option" ] && usage 1
|
|
|
|
|
|
|
|
while [ -n "$option" ]; do
|
|
|
|
case $option in
|
2006-01-23 02:41:24 +01:00
|
|
|
v*)
|
|
|
|
VERBOSE=$(($VERBOSE + 1 ))
|
|
|
|
option=${option#v}
|
2006-01-18 01:29:19 +01:00
|
|
|
;;
|
2006-01-23 21:47:30 +01:00
|
|
|
q*)
|
|
|
|
VERBOSE=$(($VERBOSE - 1 ))
|
2006-01-24 18:44:19 +01:00
|
|
|
option=${option#q}
|
2006-01-23 21:47:30 +01:00
|
|
|
;;
|
2006-01-18 01:29:19 +01:00
|
|
|
n*)
|
|
|
|
NOROUTES=Yes
|
|
|
|
option=${option#n}
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
usage 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
shift
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
finished=1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
2006-01-25 23:33:50 +01:00
|
|
|
if [ $# -ne 1 ]; then
|
2006-01-18 16:07:08 +01:00
|
|
|
usage 2
|
|
|
|
else
|
|
|
|
COMMAND="$1"
|
2006-01-18 01:29:19 +01:00
|
|
|
fi
|
|
|
|
|
2006-06-14 18:32:13 +02:00
|
|
|
[ -n "${PRODUCT:=Shorewall}" ]
|
|
|
|
|
2006-01-18 00:27:54 +01:00
|
|
|
case "$COMMAND" in
|
|
|
|
start)
|
2006-01-24 00:30:58 +01:00
|
|
|
if shorewall_is_started; then
|
2006-06-14 18:32:13 +02:00
|
|
|
error_message "$PRODUCT is already Running"
|
2006-01-24 00:30:58 +01:00
|
|
|
status=1
|
|
|
|
else
|
2006-06-14 18:32:13 +02:00
|
|
|
progress_message3 "Starting $PRODUCT...."
|
2006-01-24 00:30:58 +01:00
|
|
|
define_firewall
|
|
|
|
status=$?
|
2006-08-18 17:34:57 +02:00
|
|
|
[ -n "$SUBSYSLOCK" -a $status -eq 0 ] && touch $SUBSYSLOCK
|
2006-01-24 00:30:58 +01:00
|
|
|
progress_message3 "done."
|
|
|
|
fi
|
2006-01-18 00:27:54 +01:00
|
|
|
;;
|
|
|
|
stop)
|
2006-06-14 18:32:13 +02:00
|
|
|
progress_message3 "Stopping $PRODUCT...."
|
2006-01-18 00:27:54 +01:00
|
|
|
stop_firewall
|
|
|
|
status=0
|
2006-08-18 17:34:57 +02:00
|
|
|
[ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
|
2006-01-24 00:30:58 +01:00
|
|
|
progress_message3 "done."
|
2006-01-18 00:27:54 +01:00
|
|
|
;;
|
2006-08-09 18:19:19 +02:00
|
|
|
reset)
|
|
|
|
if ! shorewall_is_started ; then
|
|
|
|
error_message "$PRODUCT is not running"
|
|
|
|
status=2
|
|
|
|
else
|
|
|
|
$IPTABLES -Z
|
|
|
|
$IPTABLES -t nat -Z
|
|
|
|
$IPTABLES -t mangle -Z
|
|
|
|
date > ${VARDIR}/restarted
|
|
|
|
status=0
|
|
|
|
progress_message3 "$PRODUCT Counters Reset"
|
|
|
|
fi
|
|
|
|
;;
|
2006-01-18 00:27:54 +01:00
|
|
|
restart)
|
2006-01-24 00:30:58 +01:00
|
|
|
if shorewall_is_started; then
|
2006-06-14 18:32:13 +02:00
|
|
|
progress_message3 "Restarting $PRODUCT...."
|
2006-01-24 00:30:58 +01:00
|
|
|
else
|
2006-08-09 18:19:19 +02:00
|
|
|
error_message "$PRODUCT is not running"
|
2006-06-14 18:32:13 +02:00
|
|
|
progress_message3 "Starting $PRODUCT...."
|
2006-01-24 00:30:58 +01:00
|
|
|
fi
|
|
|
|
|
2006-01-18 02:42:24 +01:00
|
|
|
define_firewall
|
|
|
|
status=$?
|
2006-08-18 17:34:57 +02:00
|
|
|
if [ -n "$SUBSYSLOCK" ]; then
|
|
|
|
[ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
|
|
|
|
fi
|
2006-01-25 05:18:52 +01:00
|
|
|
progress_message3 "done."
|
|
|
|
;;
|
|
|
|
restore)
|
|
|
|
restore_firewall
|
|
|
|
status=$?
|
2006-08-18 17:34:57 +02:00
|
|
|
if [ -n "$SUBSYSLOCK" ]; then
|
|
|
|
[ $status -eq 0 ] && touch $SUBSYSLOCK || rm -f $SUBSYSLOCK
|
|
|
|
fi
|
2006-01-18 02:42:24 +01:00
|
|
|
;;
|
2006-01-18 00:27:54 +01:00
|
|
|
clear)
|
2006-06-14 18:32:13 +02:00
|
|
|
progress_message3 "Clearing $PRODUCT...."
|
2006-01-18 00:27:54 +01:00
|
|
|
clear_firewall
|
|
|
|
status=0
|
2006-08-18 17:34:57 +02:00
|
|
|
[ -n "$SUBSYSLOCK" ] && rm -f $SUBSYSLOCK
|
2006-01-24 00:30:58 +01:00
|
|
|
progress_message3 "done."
|
2006-01-18 00:27:54 +01:00
|
|
|
;;
|
|
|
|
status)
|
2006-06-14 18:32:13 +02:00
|
|
|
echo "$PRODUCT-$VERSION Status at $HOSTNAME - $(date)"
|
2006-01-18 00:27:54 +01:00
|
|
|
echo
|
2006-01-18 16:07:08 +01:00
|
|
|
if shorewall_is_started; then
|
2006-06-14 18:32:13 +02:00
|
|
|
echo "$PRODUCT is running"
|
2006-01-18 00:27:54 +01:00
|
|
|
status=0
|
|
|
|
else
|
2006-06-14 18:32:13 +02:00
|
|
|
echo "$PRODUCT is stopped"
|
2006-01-18 00:27:54 +01:00
|
|
|
status=4
|
|
|
|
fi
|
|
|
|
|
2006-06-10 17:18:42 +02:00
|
|
|
if [ -f ${VARDIR}/state ]; then
|
|
|
|
state="$(cat ${VARDIR}/state)"
|
2006-01-18 00:27:54 +01:00
|
|
|
case $state in
|
|
|
|
Stopped*|Clear*)
|
|
|
|
status=3
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
else
|
|
|
|
state=Unknown
|
|
|
|
fi
|
|
|
|
echo "State:$state"
|
|
|
|
echo
|
|
|
|
;;
|
2006-01-18 01:29:19 +01:00
|
|
|
version)
|
|
|
|
echo $VERSION
|
|
|
|
status=0
|
|
|
|
;;
|
2006-01-18 16:07:08 +01:00
|
|
|
help)
|
|
|
|
usage 0
|
|
|
|
;;
|
2006-01-18 00:27:54 +01:00
|
|
|
*)
|
2006-01-18 16:07:08 +01:00
|
|
|
usage 2
|
2006-01-18 00:27:54 +01:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
exit $status
|