Rename variables that control RTC. Add RTC control to /sbin/shorewall[6]

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2009-01-24 17:42:58 +00:00 · 2009-01-24 17:42:58 +00:00 · 0d87cecbad
commit 0d87cecbad
parent d737ee0896
8 changed files with 130 additions and 51 deletions
--- a/Shorewall-common/shorewall
+++ b/Shorewall-common/shorewall
@ -216,6 +216,9 @@ get_config() {
 	    No|NO|no)
 	        TC_ENABLED=
 		;;
+	    RTC)
+		NORTC=Yes
+		;;
 	esac

 	[ -n "LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}"
@ -480,6 +483,16 @@ start_command() {
 			    DEBUG=Yes
 			    option=${option#d}
 			    ;;
+			n*)
+			    NORTC=Yes
+			    RTCONLY=
+			    option=${option#n}
+			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			f*)
 			    FAST=Yes
 			    option=${option#f}
@ -524,7 +537,8 @@ start_command() {
 	    ;;
    esac

-    export NOROUTES
+    export NORTC
+    export RTCONLY
    export PURGE

    if [ -n "$FAST" ]; then
@ -766,9 +780,15 @@ restart_command() {
 			    option=${option#f}
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			C)
 			    [ $# -gt 1 ] || fatal_error "-C must be followed by a compiler name"
 			    SHOREWALL_COMPILER=$2
@ -818,7 +838,8 @@ restart_command() {

    [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"

-    export NOROUTES
+    export NORTC
+    export RTCONLY
    export PURGE

   if [ -z "$FAST" ]; then  
@ -896,7 +917,8 @@ refresh_command() {

    [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"

-    export NOROUTES
+    export NORTC
+    export RTCONLY

    progress_message3 "Compiling..."

@ -939,9 +961,15 @@ safe_commands() {
 			    option=
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			C)
 			    [ $# -gt 1 ] || fatal_error "-C must be followed by a compiler name"
 			    SHOREWALL_COMPILER=$2
@ -1088,9 +1116,15 @@ try_command() {
 			    option=
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			C)
 			    [ $# -gt 1 ] || fatal_error "-C must be followed by a compiler name"
 			    SHOREWALL_COMPILER=$2
@ -1485,7 +1519,8 @@ IPT_OPTIONS="-nv"
 FAST=
 VERBOSE_OFFSET=0
 USE_VERBOSITY=
-NOROUTES=
+NORTC=
+RTC=
 PURGE=
 EXPORT=
 export TIMESTAMP=
@ -1562,9 +1597,15 @@ while [ $finished -eq 0 ]; do
 			esac
 			;;
 		    n*)
-			NOROUTES=Yes
+			NORTC=Yes
+			RTCONLY=
 			option=${option#n}
 			;;
+		    r*)
+			RTCONLY=Yes
+			NORTC=
+			option=${option#r}
+			;;
 		    t*)
 			TIMESTAMP=Yes
 			option=${option#t}
@ -1724,14 +1765,16 @@ case "$COMMAND" in

 	[ $# -ne 1 ] && usage 1
 	get_config
-	export NOROUTES
+	export NORTC
+	export RTCONLY
 	mutex_on
 	$SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND
 	mutex_off
 	;;
    reset)
 	get_config
-	export NOROUTE
+	export NORTC
+	export RTCONLY
 	shift
 	mutex_on
 	$SHOREWALL_SHELL $FIREWALL $debugging $nolock reset $@
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@ -415,7 +415,7 @@ EOF
    if [ -f ${VARDIR}/proxyarp ]; then
 	while read address interface external haveroute; do
 	    qt arp -i $external -d $address pub
-	    [ -z "${haveroute}${NOTCR}" ] && qt ip route del $address dev $interface
+	    [ -z "${haveroute}${NORTC}" ] && qt ip route del $address dev $interface
 	    f=/proc/sys/net/ipv4/conf/$interface/proxy_arp
 	    [ -f $f ] && echo 0 > $f
 	done < ${VARDIR}/proxyarp
@ -710,7 +710,7 @@ sub generate_script_4($) {
    }

    emit ( '',
-	   'if [ -n "$TCRONLY" ]; then' ,
+	   'if [ -n "$RTCONLY" ]; then' ,
 	   '    delete_tc1' ,
 	   'else' );
    
@ -758,7 +758,7 @@ sub generate_script_4($) {

    }

-    emit qq([ -n "\$NOTCR" ] && delete_tc1\n) if $config{CLEAR_TC};
+    emit qq([ -n "\$NORTC" ] && delete_tc1\n) if $config{CLEAR_TC};

    pop_indent;

@ -768,11 +768,11 @@ sub generate_script_4($) {

    emit '';

-    emit( '[ -n "$TCRONLY" ] || setup_common_rules',
+    emit( '[ -n "$RTCONLY" ] || setup_common_rules',
 	  '',
-	  '[ -n "$NOTCR"   ] || setup_routing_and_traffic_shaping',
+	  '[ -n "$NORTC"   ] || setup_routing_and_traffic_shaping',
 	  '',
-	  'if [ -z "$TCRONLY" ]; then' );
+	  'if [ -z "$RTCONLY" ]; then' );

    push_indent;

--- a/Shorewall-perl/Shorewall/Config.pm
+++ b/Shorewall-perl/Shorewall/Config.pm
@ -2183,6 +2183,8 @@ sub get_configuration( $ ) {
 	$globals{TC_SCRIPT} = $file;
    } elsif ( $val eq 'internal' ) {
 	$config{TC_ENABLED} = 'Internal';
+    } elsif ( $val eq 'rtc' ) {
+	$config{TC_ENABLED} = 'RTC';
    } else {
 	fatal_error "Invalid value ($config{TC_ENABLED}) for TC_ENABLED" unless $val eq 'no';
 	$config{TC_ENABLED} = '';
--- a/Shorewall-perl/Shorewall/Proc.pm
+++ b/Shorewall-perl/Shorewall/Proc.pm
@ -123,7 +123,7 @@ sub setup_route_filtering() {
 	    emit 'echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter';
 	}

-	emit "[ -n \"\$NOTCR\" ] || ip -4 route flush cache";
+	emit "[ -n \"\$NORTC\" ] || ip -4 route flush cache";
    }
 }

--- a/Shorewall-perl/Shorewall/Providers.pm
+++ b/Shorewall-perl/Shorewall/Providers.pm
@ -568,7 +568,7 @@ sub setup_providers() {

 	    fatal_error "A non-empty providers file is not permitted with MANGLE_ENABLED=No" unless $config{MANGLE_ENABLED};

-	    emit "\nif [ -z \"\$NOTCR\" ]; then";
+	    emit "\nif [ -z \"\$NORTC\" ]; then";

 	    push_indent;

@ -708,7 +708,7 @@ sub setup_providers() {
 	emit "\nundo_routing";
 	emit 'restore_default_route';
 	if ( $config{NULL_ROUTE_RFC1918} ) {
-	    emit "\nif [ -z \"\$NOTCR\" ]; then";
+	    emit "\nif [ -z \"\$NORTC\" ]; then";

 	    push_indent;

--- a/Shorewall-perl/prog.footer
+++ b/Shorewall-perl/prog.footer
@ -1,4 +1,4 @@
-#
+ #
 # Give Usage Information
 #
 usage() {
@ -46,22 +46,22 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
 			option=${option#q}
 			;;
                    r*)  
-			if [ -n "$NOTCR" ]; then
+			if [ -n "$NORTC" ]; then
 			    error_message "The -n and -r options are mutually exclusive"
 			    exit 1
 			fi

-			TCRONLY=Yes
+			RTCONLY=Yes
 			option=${option#r}
 			PRODUCT="$PRODUCT Traffic Control and Routing"
 			;;
 		    n*)
-			if [ -n "$TCRONLY" ]; then
+			if [ -n "$RTCONLY" ]; then
 			    error_message "The -n and -r options are mutually exclusive"
 			    exit 1
 			fi

-			NOTCR=Yes
+			NORTC=Yes
 			option=${option#n}
 			;;
 		    *)
@ -82,7 +82,7 @@ COMMAND="$1"
 case "$COMMAND" in
    start)
 	[ $# -ne 1 ] && usage 2
-	if [ -n "$TCRONLY" ]; then
+	if [ -n "$RTCONLY" ]; then
 	    progress_message3 "Starting $PRODUCT...."
 	    define_firewall
 	    status=$?
@ -101,7 +101,7 @@ case "$COMMAND" in
    stop)
 	[ $# -ne 1 ] && usage 2
 	progress_message3 "Stopping $PRODUCT...."
-	if [ -n "$TCRONLY" ]; then
+	if [ -n "$RTCONLY" ]; then
 	    delete_tc1
 	else
 	    stop_firewall
@ -111,7 +111,7 @@ case "$COMMAND" in
 	progress_message3 "done."
 	;;
    reset)
-	if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	if [ -n "${NORTC}$"{RTCONLY} ]; then
 	    error_message "The -n and -r options may not be used with 'reset'"
 	    status=1
 	elif ! shorewall_is_started ; then
@ -160,7 +160,7 @@ case "$COMMAND" in
 	;;
    refresh)
 	[ $# -ne 1 ] && usage 2
-	if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	if [ -n "${NORTC}$"{RTCONLY} ]; then
 	    error_message "The -n and -r options may not be used with 'refresh'"
 	    status=1
 	elif shorewall_is_started; then
@ -175,7 +175,7 @@ case "$COMMAND" in
 	;;
    restore)
 	[ $# -ne 1 ] && usage 2
-	if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	if [ -n "${NORTC}$"{RTCONLY} ]; then
 	    error_message "The -n and -r options may not be used with 'restart'"
 	    status=1
 	else
@ -188,7 +188,7 @@ case "$COMMAND" in
 	;;
    clear)
 	[ $# -ne 1 ] && usage 2
-	if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	if [ -n "${NORTC}$"{RTCONLY} ]; then
 	    error_message "The -n and -r options may not be used with 'clear'"
 	    status=1
 	else
--- a/Shorewall-perl/prog.footer6
+++ b/Shorewall-perl/prog.footer6
@ -46,22 +46,22 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
 			option=${option#q}
 			;;
                    r*)  
-			if [ -n "$NOTCR" ]; then
+			if [ -n "$NORTC" ]; then
 			    error_message "The -n and -r options are mutually exclusive"
 			    exit 1
 			fi

-			TCRONLY=Yes
+			RTCONLY=Yes
 			option=${option#r}
 			PRODUCT="$PRODUCT Traffic Control and Routing"
 			;;
 		    n*)
-			if [ -n "$TCRONLY" ]; then
+			if [ -n "$RTCONLY" ]; then
 			    error_message "The -n and -r options are mutually exclusive"
 			    exit 1
 			fi

-			NOTCR=Yes
+			NORTC=Yes
 			option=${option#n}
 			;;
 		    *)
@ -87,7 +87,7 @@ else
    case "$COMMAND" in
 	start)
 	    [ $# -ne 1 ] && usage 2
-	    if [ -n "$TCRONLY" ]; then
+	    if [ -n "$RTCONLY" ]; then
 		progress_message3 "Starting $PRODUCT...."
 		define_firewall
 		status=$?
@ -106,7 +106,7 @@ else
 	stop)
 	    [ $# -ne 1 ] && usage 2
 	    progress_message3 "Stopping $PRODUCT...."
-	    if [ -n "$TCRONLY" ]; then
+	    if [ -n "$RTCONLY" ]; then
 		delete_tc1
 	    else
 		stop_firewall
@ -116,7 +116,7 @@ else
 	    progress_message3 "done."
 	    ;;
 	reset)
-	    if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	    if [ -n "${NORTC}$"{RTCONLY} ]; then
 		error_message "The -n and -r options may not be used with 'reset'"
 		status=1
 	    elif ! shorewall6_is_started ; then
@ -148,7 +148,7 @@ else
 	    ;;
 	restart)
 	    [ $# -ne 1 ] && usage 2
-	    if [ -n "$TCRONLY" ]; then
+	    if [ -n "$RTCONLY" ]; then
 		progress_message3 "Restarting $PRODUCT...."
 		define_firewall
 		status=$?
@ -171,7 +171,7 @@ else
 	    ;;
 	refresh)
 	    [ $# -ne 1 ] && usage 2
-	    if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	    if [ -n "${NORTC}$"{RTCONLY} ]; then
 		error_message "The -n and -r options may not be used with 'refresh'"
 		status=1
 	    elif shorewall6_is_started; then
@ -186,7 +186,7 @@ else
 	    ;;
 	restore)
 	    [ $# -ne 1 ] && usage 2
-	    if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	    if [ -n "${NORTC}$"{RTCONLY} ]; then
 		error_message "The -n and -r options may not be used with 'restore'"
 		status=1
 	    else
@ -199,7 +199,7 @@ else
 	    ;;
 	clear)
 	    [ $# -ne 1 ] && usage 2
-	    if [ -n "${NOTCR}$"{TCRONLY} ]; then
+	    if [ -n "${NORTC}$"{RTCONLY} ]; then
 		error_message "The -n and -r options may not be used with 'clear'"
 		status=1
 	    else
--- a/Shorewall6/shorewall6
+++ b/Shorewall6/shorewall6
@ -216,6 +216,10 @@ get_config() {
 	    No|NO|no)
 	        TC_ENABLED=
 		;;
+	    RTC)
+		NORTC=Yes
+		RTCONLY=
+		;;
 	esac

 	[ -n "LOGFORMAT" ] && LOGFORMAT="${LOGFORMAT%%%*}"
@ -466,7 +470,8 @@ start_command() {
 	    ;;
    esac

-    export NOROUTES
+    export NORTC
+    export RTCONLY
    export PURGE

    if [ -n "$FAST" ]; then
@ -685,9 +690,15 @@ restart_command() {
 			    option=${option#f}
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			p*)
 			    [ -n "$(which conntrack)" ] || fatal_error "The '-p' option requires the conntrack utility which does not appear to be installed on this system"
 			    PURGE=Yes
@ -731,7 +742,8 @@ restart_command() {

    [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"

-    export NOROUTES
+    export NORTC
+    export RTCONLY
    export PURGE

   if [ -z "$FAST" ]; then  
@ -803,7 +815,8 @@ refresh_command() {

    [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled"

-    export NOROUTES
+    export NORTC
+    export RTCONLY

    progress_message3 "Compiling..."

@ -846,9 +859,15 @@ safe_commands() {
 			    option=
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			*)
 			    usage 1
 			    ;;
@ -989,9 +1008,15 @@ try_command() {
 			    option=
 			    ;;
 			n*)
-			    NOROUTES=Yes
+			    NORTC=Yes
+			    RTCONLY=
 			    option=${option#n}
 			    ;;
+			r*)
+			    RTCONLY=Yes
+			    NORTC=
+			    option=${option#r}
+			    ;;
 			*)
 			    usage 1
 			    ;;
@ -1364,7 +1389,8 @@ IPT_OPTIONS="-nv"
 FAST=
 VERBOSE_OFFSET=0
 USE_VERBOSITY=
-NOROUTES=
+NORTC=
+RTCONLY=
 PURGE=
 EXPORT=
 export TIMESTAMP=
@ -1441,9 +1467,15 @@ while [ $finished -eq 0 ]; do
 			esac
 			;;
 		    n*)
-			NOROUTES=Yes
+			NORTC=Yes
+			RTCONLY=
 			option=${option#n}
 			;;
+		    r*)
+			RTCONLY=Yes
+			NORTC=
+			option=${option#r}
+			;;
 		    t*)
 			TIMESTAMP=Yes
 			option=${option#t}
@ -1583,14 +1615,16 @@ case "$COMMAND" in
 	[ $# -ne 1 ] && usage 1
 	get_config
 	[ -x $FIREWALL ] || fatal_error "Shorewall6 has never been started"
-	export NOROUTES
+	export NORTC
+	export RTCONLY
 	mutex_on
 	$SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND
 	mutex_off
 	;;
    reset)
 	get_config
-	export NOROUTE
+	export NORTC
+	export RTCONLY
 	shift
 	mutex_on
 	[ -x $FIREWALL ] || fatal_error "Shorewall6 has never been started"