From 04691679bce34b0f9d09c068d661c77e20c9ec41 Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 5 Feb 2009 20:07:05 +0000 Subject: [PATCH] Clarify how Shorewall-shell works with 'restore' git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9416 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- docs/shorewall_extension_scripts.xml | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/docs/shorewall_extension_scripts.xml b/docs/shorewall_extension_scripts.xml index e0ab80ad8..78feaa543 100644 --- a/docs/shorewall_extension_scripts.xml +++ b/docs/shorewall_extension_scripts.xml @@ -87,12 +87,14 @@ start -- invoked after the firewall has - been started or restarted. + been started or restarted. The script is also invoked by + Shorewall-shell after a successful 'restore'. started -- invoked after the firewall has - been marked as 'running'. + been marked as 'running'. The script is also invoked by + Shorewall-shell after a successful 'restore'. @@ -214,7 +216,12 @@ esac run_iptables will run the iptables utility passing the arguments to run_iptables and if the command fails, the firewall will be stopped (or restored from the last - save command, if any). + save command, if any). Note that when + Shorewall-shell invokes this script during restore, + The run_iptables function does nothing; calls to + that function are effectively ignored. run_iptables + should not be called from the started or + restored scripts. @@ -420,6 +427,12 @@ esac refreshed + + + + + restored +