holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code

Browse Source
This commit is contained in:
Tom Eastep 2015-08-10 17:15:29 -07:00
commit 0f283ddc44
7 changed files with 77 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall-core/configure vendored
View File

@ -102,7 +102,7 @@ if [ -z "$vendor" ]; then
vendor=redhat vendor=redhat
;; ;;
debian|ubuntu) debian|ubuntu)
vendor=debian ls -l /sbin/init |fgrep -q systemd | vendor=debian.systemd | vendor=debian.sysvinit
;; ;;
opensuse) opensuse)
vendor=suse vendor=suse
@ -130,7 +130,7 @@ if [ -z "$vendor" ]; then
*) *)
if [ -f /etc/debian_version ]; then if [ -f /etc/debian_version ]; then
params[HOST]=debian params[HOST]=debian
rcfile=shorewallrc.debian rcfile=shorewallrc.debian.sysvinit
elif [ -f /etc/redhat-release ]; then elif [ -f /etc/redhat-release ]; then
params[HOST]=redhat params[HOST]=redhat
rcfile=shorewallrc.redhat rcfile=shorewallrc.redhat

10
Shorewall-core/configure.pl
View File

@ -68,14 +68,16 @@ unless ( defined $vendor ) {
$vendor = 'redhat'; $vendor = 'redhat';
} elsif ( $id eq 'opensuse' ) { } elsif ( $id eq 'opensuse' ) {
$vendor = 'suse'; $vendor = 'suse';
} elsif ( $id eq 'ubuntu' ) { } elsif ( $id eq 'ubuntu' || $id eq 'debian' ) {
$vendor = 'debian'; my $init = `ls -l /sbin/init`;
$vendor = $init =~ /systemd/ ? 'debian.systemd' : 'debian.sysvinit';
} else { } else {
$vendor = $id; $vendor = $id;
} }
} }
$params{HOST} = $vendor; $params{HOST} = $vendor;
$params{HOST} =~ s/\..*//;
} }
if ( defined $vendor ) { if ( defined $vendor ) {
@ -84,7 +86,7 @@ if ( defined $vendor ) {
} else { } else {
if ( -f '/etc/debian_version' ) { if ( -f '/etc/debian_version' ) {
$vendor = 'debian'; $vendor = 'debian';
$rcfilename = 'shorewallrc.debian'; $rcfilename = 'shorewallrc.debian.sysvinit';
} elsif ( -f '/etc/redhat-release' ){ } elsif ( -f '/etc/redhat-release' ){
$vendor = 'redhat'; $vendor = 'redhat';
$rcfilename = 'shorewallrc.redhat'; $rcfilename = 'shorewallrc.redhat';
@ -117,7 +119,7 @@ my @abbr = qw( Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec );
if ( $vendor eq 'linux' ) { if ( $vendor eq 'linux' ) {
printf "INFO: Creating a generic Linux installation - %s %2d %04d %02d:%02d:%02d\n\n", $abbr[$localtime[4]], $localtime[3], 1900 + $localtime[5] , @localtime[2,1,0];; printf "INFO: Creating a generic Linux installation - %s %2d %04d %02d:%02d:%02d\n\n", $abbr[$localtime[4]], $localtime[3], 1900 + $localtime[5] , @localtime[2,1,0];;
} else { } else {
printf "INFO: Creating a %s-specific installation - %s %2d %04d %02d:%02d:%02d\n\n", $vendor, $abbr[$localtime[4]], $localtime[3], 1900 + $localtime[5] , @localtime[2,1,0];; printf "INFO: Creating a %s-specific installation - %s %2d %04d %02d:%02d:%02d\n\n", $params{HOST}, $abbr[$localtime[4]], $localtime[3], 1900 + $localtime[5] , @localtime[2,1,0];;
} }
open $rcfile, '<', $rcfilename or die "Unable to open $rcfilename for input: $!"; open $rcfile, '<', $rcfilename or die "Unable to open $rcfilename for input: $!";

24
Shorewall-core/shorewallrc.debian.systemd Normal file
View File

@ -0,0 +1,24 @@
#
# Debian Shorewall 4.5 rc file
#
BUILD= #Default is to detect the build system
HOST=debian
PREFIX=/usr #Top-level directory for shared files, libraries, etc.
SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
LIBEXECDIR=${PREFIX}/share #Directory for executable scripts.
PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory
CONFDIR=/etc #Directory where subsystem configurations are installed
SBINDIR=/sbin #Directory where system administration programs are installed
MANDIR=${PREFIX}/share/man #Directory where manpages are installed.
INITDIR= #Directory where SysV init scripts are installed.
INITFILE= #Name of the product's installed SysV init script
INITSOURCE=init.debian.sh #Name of the distributed file to be installed as the SysV init script
ANNOTATED= #If non-zero, annotated configuration files are installed
SYSCONFFILE=default.debian #Name of the distributed file to be installed in $SYSCONFDIR
SERVICEFILE=shorewall-init.service.debian
#Name of the file to install in $SYSTEMD. Default is $PRODUCT.service
SYSCONFDIR=/etc/default #Directory where SysV init parameter files are installed
SERVICEDIR=/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
SPARSE=Yes #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
VARLIB=/var/lib #Directory where product variable data is stored.
VARDIR=${VARLIB}/$PRODUCT #Directory where product variable data is stored.

0
Shorewall-core/shorewallrc.debian → Shorewall-core/shorewallrc.debian.sysvinit
View File

18
Shorewall-init/shorewall-init.service.214.debian Normal file
View File

@ -0,0 +1,18 @@
#
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall
#
# Copyright 2011 Jonathan Underwood <jonathan.underwood@gmail.com>
#
[Unit]
Description=Shorewall firewall (bootup security)
Before=network-pre.target
Wants=network-pre.target
Conflicts=iptables.service firewalld.service
[Service]
Type=oneshot
RemainAfterExit=yes
EnvironmentFile=-/etc/default/shorewall-init
StandardOutput=syslog
ExecStart=/sbin/shorewall-init start
ExecStop=/sbin/shorewall-init stop

17
Shorewall-init/shorewall-init.service.debian Normal file
View File

@ -0,0 +1,17 @@
#
# The Shoreline Firewall (Shorewall) Packet Filtering Firewall
#
# Copyright 2011 Jonathan Underwood <jonathan.underwood@gmail.com>
#
[Unit]
Description=Shorewall firewall (bootup security)
Before=network.target
Conflicts=iptables.service ip6tables.service firewalld.service
[Service]
Type=oneshot
RemainAfterExit=yes
EnvironmentFile=-/etc/default/shorewall-init
StandardOutput=syslog
ExecStart=/sbin/shorewall-init start
ExecStop=/sbin/shorewall-init stop

16
Shorewall6-lite/manpages/shorewall6-lite.xml
View File

@ -1024,14 +1024,6 @@
except that it assumes that the firewall is already started. except that it assumes that the firewall is already started.
Existing connections are maintained.</para> Existing connections are maintained.</para>
<caution>
<para>If your ip6tables ruleset depends on variables that are
detected at run-time, either in your params file or by
Shorewall-generated code, <command>restore</command> will use the
values that were current when the ruleset was saved, which may be
different from the current values.</para>
</caution>
<para>The <option>-n</option> option causes shorewall6-lite to avoid <para>The <option>-n</option> option causes shorewall6-lite to avoid
updating the routing table(s).</para> updating the routing table(s).</para>
@ -1064,6 +1056,14 @@
in <ulink in <ulink
url="shorewall.conf.html">shorewall6.conf</ulink>(5).</para> url="shorewall.conf.html">shorewall6.conf</ulink>(5).</para>
<caution>
<para>If your ip6tables ruleset depends on variables that are
detected at run-time, either in your params file or by
Shorewall-generated code, <command>restore</command> will use the
values that were current when the ruleset was saved, which may be
different from the current values.</para>
</caution>
<para>The <option>-C</option> option was added in Shorewall 4.6.5. <para>The <option>-C</option> option was added in Shorewall 4.6.5.
If the <option>-C</option> option was specified during If the <option>-C</option> option was specified during
<command>shorewall7-lite save</command>, then the counters saved by <command>shorewall7-lite save</command>, then the counters saved by