diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index 02dffb08f..4e97913f7 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -97,6 +97,9 @@ sub generate_script_1() {
# Functions to execute the various user exits (extension scripts)
################################################################################
EOF
+ my $lib = find_file 'lib.user';
+
+ copy1 $lib, emit "\n" if -f $lib;
for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored findgw/ {
emit "\nrun_${exit}_exit() {";
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 3940d2b5e..ecc231ca6 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -79,6 +79,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
push_indent
pop_indent
copy
+ copy1
create_temp_aux_config
finalize_aux_config
set_shorewall_dir
@@ -1088,6 +1089,8 @@ sub copy1( $ ) {
close IF;
}
+
+ $lastlineblank = 0;
}
#
diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index c39f6dc34..b0f9ed64e 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -20,6 +20,8 @@ Changes in Shorewall 4.4.0-Beta2
8) Add 'USER/GROUP' column to masq file.
+9) Added lib.user.
+
Changes in Shorewall 4.4.0-Beta1
1) Correct typo in Shorewall6 two-interface sample shorewall.conf.
diff --git a/Shorewall/configfiles/lib.user b/Shorewall/configfiles/lib.user
new file mode 100644
index 000000000..234bd7ce0
--- /dev/null
+++ b/Shorewall/configfiles/lib.user
@@ -0,0 +1,14 @@
+#
+# Shorewall version 4 - lib.user File
+#
+# /etc/shorewall/lib.user
+#
+# Use this file to declare shell functions to be called in the other
+# run-time extension scripts. The file will be copied into the generated
+# firewall script.
+#
+# See http://shorewall.net/shorewall_extension_scripts.htm for additional
+# information.
+#
+###############################################################################
+#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 5e8a9893e..ec78fbe23 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -179,6 +179,10 @@ None.
3) A USER/GROUP column has been added to /etc/shorewall/masq. The
column works similarly to USER/GROUP columns in other Shorewall
configuration files. Only locally-generated traffic is matched.
+
+4) A new extension script, 'lib.user' has been added. This file is
+ intended to include declarations of shell functions that are called
+ by the other run-time extension scripts.
----------------------------------------------------------------------------
N E W F E A T U R E S IN 4 . 4
diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml
index 079166f42..290f6f09c 100644
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@@ -1355,6 +1355,10 @@ fi
/etc/shorewall/isusable:
+ Note that /etc/lsm/script writes
+ a ${VARDIR}/xxx.status file when the status of an
+ interface changes.
+
local status=0
[ -f ${VARDIR}/${1}.status ] && status=$(cat ${VARDIR}/${1}.status)
@@ -1378,7 +1382,7 @@ connection {
connection {
name=Comcast
- checkip=$ETH3_GATEWAY
+ checkip=${ETH3_GATEWAY:-71.227.156.1}
device=eth3
ttl=1
}
@@ -1388,7 +1392,8 @@ EOF
fi
eth3 has a dynamic IP address so I need to use the
- Shorewall-detected gateway address ($ETH3_GATEWAY).
+ Shorewall-detected gateway address ($ETH3_GATEWAY). I supply a default
+ value in the event that detection fails.
/etc/shorewall/restored:
diff --git a/docs/shorewall_extension_scripts.xml b/docs/shorewall_extension_scripts.xml
index 93ce87f96..06e849136 100644
--- a/docs/shorewall_extension_scripts.xml
+++ b/docs/shorewall_extension_scripts.xml
@@ -69,6 +69,12 @@
The following scripts can be supplied:
+
+ lib.user -- Intended to contain
+ declarations of shell functions to be called by other run-time
+ extension scripts.
+
+
compile -- Invoked by the rules compiler
early in the compilation process. Must be written in Perl.