From 01d046fac95db2ea62589f12bed43e322b482ecf Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Fri, 19 Jun 2009 14:39:45 -0700
Subject: [PATCH] Add lib.user extension script

---
 Shorewall/Perl/Shorewall/Compiler.pm |  3 +++
 Shorewall/Perl/Shorewall/Config.pm   |  3 +++
 Shorewall/changelog.txt              |  2 ++
 Shorewall/configfiles/lib.user       | 14 ++++++++++++++
 Shorewall/releasenotes.txt           |  4 ++++
 docs/MultiISP.xml                    |  9 +++++++--
 docs/shorewall_extension_scripts.xml |  6 ++++++
 7 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 Shorewall/configfiles/lib.user

diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index 02dffb08f..4e97913f7 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -97,6 +97,9 @@ sub generate_script_1() {
 # Functions to execute the various user exits (extension scripts)
 ################################################################################
 EOF
+    my $lib = find_file 'lib.user';
+
+    copy1 $lib, emit "\n" if -f $lib;
 
     for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored findgw/ {
 	emit "\nrun_${exit}_exit() {";
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 3940d2b5e..ecc231ca6 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -79,6 +79,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
 				       push_indent
 				       pop_indent
 				       copy
+				       copy1
 				       create_temp_aux_config
 				       finalize_aux_config
 				       set_shorewall_dir
@@ -1088,6 +1089,8 @@ sub copy1( $ ) {
 
 	close IF;
     }
+
+    $lastlineblank = 0;
 }
 
 #
diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index c39f6dc34..b0f9ed64e 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -20,6 +20,8 @@ Changes in Shorewall 4.4.0-Beta2
 
 8)  Add 'USER/GROUP' column to masq file.
 
+9)  Added lib.user.
+
 Changes in Shorewall 4.4.0-Beta1
 
 1)  Correct typo in Shorewall6 two-interface sample shorewall.conf.
diff --git a/Shorewall/configfiles/lib.user b/Shorewall/configfiles/lib.user
new file mode 100644
index 000000000..234bd7ce0
--- /dev/null
+++ b/Shorewall/configfiles/lib.user
@@ -0,0 +1,14 @@
+#
+# Shorewall version 4 - lib.user File
+#
+# /etc/shorewall/lib.user
+#
+#	Use this file to declare shell functions to be called in the other
+#	run-time extension scripts. The file will be copied into the generated
+#       firewall script.
+#
+# See http://shorewall.net/shorewall_extension_scripts.htm for additional
+# information.
+#
+###############################################################################
+#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 5e8a9893e..ec78fbe23 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -179,6 +179,10 @@ None.
 3)  A USER/GROUP column has been added to /etc/shorewall/masq. The
     column works similarly to USER/GROUP columns in other Shorewall
     configuration files. Only locally-generated traffic is matched.
+
+4)  A new extension script, 'lib.user' has been added. This file is
+    intended to include declarations of shell functions that are called
+    by the other run-time extension scripts. 
 	
 ----------------------------------------------------------------------------
                  N E W   F E A T U R E S   IN   4 . 4
diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml
index 079166f42..290f6f09c 100644
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@@ -1355,6 +1355,10 @@ fi</programlisting></para>
 
         <para><filename>/etc/shorewall/isusable</filename>:</para>
 
+        <para>Note that <filename>/etc/lsm/script </filename>writes
+        a<filename> ${VARDIR}/xxx.status</filename> file when the status of an
+        interface changes. </para>
+
         <programlisting>local status=0
 
 [ -f ${VARDIR}/${1}.status ] &amp;&amp; status=$(cat ${VARDIR}/${1}.status)
@@ -1378,7 +1382,7 @@ connection {
 
 connection {
     name=Comcast
-    checkip=$ETH3_GATEWAY
+    checkip=${ETH3_GATEWAY:-71.227.156.1}
     device=eth3
     ttl=1
 }
@@ -1388,7 +1392,8 @@ EOF
 fi</programlisting>
 
         <para>eth3 has a dynamic IP address so I need to use the
-        Shorewall-detected gateway address ($ETH3_GATEWAY).</para>
+        Shorewall-detected gateway address ($ETH3_GATEWAY). I supply a default
+        value in the event that detection fails.</para>
 
         <para><filename>/etc/shorewall/restored</filename>:</para>
 
diff --git a/docs/shorewall_extension_scripts.xml b/docs/shorewall_extension_scripts.xml
index 93ce87f96..06e849136 100644
--- a/docs/shorewall_extension_scripts.xml
+++ b/docs/shorewall_extension_scripts.xml
@@ -69,6 +69,12 @@
     <para>The following scripts can be supplied:</para>
 
     <itemizedlist>
+      <listitem>
+        <para><filename>lib.user</filename> -- Intended to contain
+        declarations of shell functions to be called by other run-time
+        extension scripts.</para>
+      </listitem>
+
       <listitem>
         <para><filename>compile</filename> -- Invoked by the rules compiler
         early in the compilation process. Must be written in Perl.</para>